It scratches the surface of the most obvious stuff. I’d only add running apps in isolation (docker or adduser) and maybe fail2ban.
It scratches the surface of the most obvious stuff. I’d only add running apps in isolation (docker or adduser) and maybe fail2ban.
Sorry to say, but this is mostly bad advise.
Are you going to elaborate, or…?
I think it’s mostly good advice. Certainly not comprehensive but this is securing servers we’re talking about.
No, because pretty much all of it is bad. Elaborating would be meaningless.
Explaining why something is bad advice is as important as saying it is. Otherwise it’s just a pissing match between two random people on the internet. Why also keeps people from making similar problems.
I also want to know, being a beginner sysadmin myself. If you think that his advice is bad and you’re not elaborating, I’ll be taking his advice because his sounds sane so far.
That wouldn’t make explaining how even one part of it is incorrect “meaningless”.
You just cbf! :)