forked from zentralwerk/network
13 lines
312 B
Markdown
13 lines
312 B
Markdown
|
## Security checklist
|
||
|
|
||
|
- [ ] ssh shut from internet
|
||
|
- [ ] dns shut from internet
|
||
|
- [ ] no source routing
|
||
|
- [ ] rp_filter
|
||
|
- [ ] restrict upstream routing/dns resolvers to associated priv nets?
|
||
|
- [ ] container caps dropped?
|
||
|
- [ ] ssh/telnet passwords
|
||
|
- [ ] no ospf outside core net
|
||
|
- [ ] no traffic between vlans
|
||
|
|