Configuration recommendations of a gnu/linux system

Unix operating systems and derivatives, including GNU/Linux, are playing an important role in the ecosystem of equipments, systems, networks and telecommunications. They are widely deployed in several equipments. This guide focuses mainly on generic system configuration guidelines and on common sense principles that need to be applied during the deployment of hosted services.

Publish the 22 February 2019 Updated 22 February 2019

A few configuration rules make it possible to obtain reasonably secure systems as long as some fundamental principles are respected. It should be checked methodologically that these are applied correctly, for example using a checklist.

This guide focuses primarily on generic system configuration guidelines and common sense principles that should be applied when deploying services on a GNU/Linux system.

In particular, the following points are discussed:

  • General principles of security and hardening
  • Hardware and firmware configuration
  • Securing the boot chain
  • Configuring system services
  • Kernel configuration
  • Privilege and access management
  • Isolation

The original version of the document, in French, can be found here.

Some of the versions below are obsolete and offered for archival purposes only.