HaC (Hardening as Code)
Linux hardening script based on ANSSI V2 guidelines
Overview
HaC (Hardening as Code) is a comprehensive Linux hardening script designed to enhance system security by implementing recommendations from the ANSSI (Agence nationale de la sécurité des systèmes d'information) V2 guidelines. It follows a modular approach, making it easy to implement, customize, and maintain security measures across Linux systems.
Key Features
- Modular structure for easy customization and maintenance
- Implementation of ANSSI V2 security guidelines
- Automated hardening process for Linux systems
- Scoring system to evaluate security compliance
- Report generation for hardening status
Development Process
The HaC project was developed using a modular approach. Each security recommendation from the ANSSI guidelines was implemented as a separate module, allowing for easy addition, removal, or modification of security measures. The project structure was designed to support scalability and maintainability.
Project Details
- Date
- 2023
- Category
- Security
- Client
- Personal Project
Technologies Used
Project Links
Challenges and Solutions
Balancing Security and Usability
Implementing strict security measures without compromising system functionality and user experience.
Solution: Careful consideration of each hardening measure, with options to customize the level of security based on specific needs.
Ensuring Compatibility Across Different Linux Distributions
Creating a script that works across various Linux distributions with different default configurations.
Solution: Developed a flexible approach that checks for system-specific configurations before applying changes, ensuring compatibility.
Results and Impact
HaC provides a streamlined method for hardening Linux systems according to ANSSI guidelines. It offers an efficient way to improve system security, generate compliance reports, and maintain a consistent security posture across multiple systems.