Comment on What are your methods to harden *nix servers?
Cyber@feddit.uk 2 weeks ago
Is this for internal facing servers? Not much more than CIS and the usual Best Practices (no root for SSH, etc)
For a DMZ node, minimal software (ie Arch) and automated defenses like fail2ban, key authentication, etc…
Firewalls with Geo-IP blocking also help, but that’s not technically what you’re asking for.