Automated script for CIS CentOS Linux 7 Benchmark please
 

Hi,

We have a requirement to enhance our Centos 7 Servers' security as per "CIS CentOS Linux 7 Benchmark" ( https://workbench.cisecurity.org/ )
that provides guidance for establishing a secure configuration posture for CentOS Linux 7.

Just wondering if anyone has any automated script to run to configure CentOS machines as per this benchmark document? I know it's a detailed document but a script would definitely ease our task.

Thanks!

Any script someone has for their environment probably won't work for yours, since each environment/server is different. We are happy to help you, but we aren't going to write scripts for you.

Putting "centos cisecurity script" into Google pulls up a good deal, including two Github projects with audit scripts. Have you looked for any, or done any work towards your 'requirement'?

Thanks TB0ne,

Those github projects run tests on the system to check for compliance against the CIS Benchmarks but NOT for configuring security on them. In fact they don't modify anything on the System.

I did not start any of my work but gone through most of CIS doc. Just wanted to check if someone already did it. Obviously I don't expect someone to write script specifically for me.

regards,

Right; again, there WILL NOT BE ANY scripts to modify a system, because again, each system/environment is unique. No point in 'modifying' a system to have SSH run on a different port, when that particular server doesn't even RUN SSH at all.

Those scripts looked at things; is there a reason you cannot MODIFY those scripts to do things when conditions are found?
If you haven't started, you probably should if this is part of your job. Again, we're happy to help you if you're stuck, so post what you have written/done/tried.