DEV Community

Discussion on: What is the first thing you do when setting up a new computer?

View post
Collapse
 
jaguart profile image
Jeff

Before:

  1. configure the new box's roles in my repo

During:

  1. install vanilla minimal OS
  2. local nftables blocking access except from install IP6.
    1. arp discovery and securing for IP4
  3. run provisioning script via ssh which:
    1. generates customised nftables rules and installs them
    2. installs security tools
    3. installs libraries
    4. installs apps
  4. run a quick pen-test from an untrusted IP
  5. run a quick pen-test from a trusted IP
  6. take an asset inventory snap-shop into repo
  7. initialise rkhunter chkroot tripwire aide logcheck and other IDS tools.

After:

  1. beer
  2. watch syslogs for an hour
  3. tune nftables and other security logs
Collapse
 
darksmile92 profile image
Robin Kretzschmar

Thanks for sharing, logcheck was new to me :)