Skip to content

kbthson/ansible-role-simple-harden

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
files
files
 
 
meta
meta
 
 
tasks
tasks
 
 
README.md
README.md
 
 

Repository files navigation

ansible-role-simple-harden

Apply a series of STIG-suggested hardening rules to an instance.

WARNING: This will make modifications to system configuration files

Use or apply only to test systems.

Role to apply some simple hardening configurations

The Security Content Automation Protocol (SCAP) is a U.S. standard maintained by the National Institute of Standards and Technology (NIST). SCAP provides a specification for system for vulnerability detetection and remediation.

SCAP supports the process of FISMA Compliance, and the National Vulnerability Database (NVD) is the U.S. government content repository for SCAP.

This role applies basic configuration updates for Kernel networking and the Audit, SSH and Firewall daemons to satisfy a number of STIG rules that fail out-of-the-box for Red Hat Enterprise and CentOS GNU/Linux version 7 distributions.

Test usage

See the govready ansible role.

To apply these rules to your server

Example simple-harden.yml:

- name: Harden all servers
  hosts: servers
  roles:
    - { role: CivicActions.simple-harden, become: true }

Run command:

ansible-playbook -i inventory simple-harden.yml

About

Quick and basic hardening for a RHEL or CenOS 7 instance

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published