It scratches the surface of the most obvious stuff. I’d only add running apps in isolation (docker or adduser) and maybe fail2ban.
It scratches the surface of the most obvious stuff. I’d only add running apps in isolation (docker or adduser) and maybe fail2ban.
Are you going to elaborate, or…?
I think it’s mostly good advice. Certainly not comprehensive but this is securing servers we’re talking about.
No, because pretty much all of it is bad. Elaborating would be meaningless.
I also want to know, being a beginner sysadmin myself. If you think that his advice is bad and you’re not elaborating, I’ll be taking his advice because his sounds sane so far.
That wouldn’t make explaining how even one part of it is incorrect “meaningless”.
You just cbf! :)