← 返回
未分类 Key 中文

Ubuntu Hardening V2

Professional Ubuntu 22.04 LTS security configuration generator for STIG-compliant hardening.
专业 Ubuntu 22.04 LTS 安全配置生成器,实现符合 STIG 规范的加固。
krishnakumarmahadevan-cmd krishnakumarmahadevan-cmd 来源
未分类 clawhub v1.0.0 1 版本 100000 Key: 需要
★ 0
Stars
📥 301
下载
💾 0
安装
1
版本
#latest

概述

Overview

The Ubuntu Linux Security Hardening Tool is a professional-grade security configuration generator designed for Ubuntu 22.04 LTS systems. It automates the creation of STIG-compliant hardening configurations, eliminating manual security baseline setup and reducing human error in system hardening processes.

This tool enables security engineers, system administrators, and DevOps teams to generate comprehensive hardening configuration files tailored to their specific security requirements. By leveraging industry-standard hardening categories and options, users can quickly deploy security best practices across their infrastructure while maintaining compliance with established security frameworks.

The tool is ideal for organizations implementing Zero Trust architectures, preparing for security audits, managing multi-server deployments, or standardizing security baselines across development, staging, and production environments.

Usage

Example Request

Generate a hardening configuration with kernel hardening, SSH security, and firewall policies enabled:

{
  "hardeningOptions": {
    "kernel_hardening": [
      "kptr_restrict",
      "dmesg_restrict",
      "unprivileged_namespaces"
    ],
    "ssh_security": [
      "disable_password_auth",
      "disable_root_login",
      "change_default_port"
    ],
    "firewall": [
      "enable_ufw",
      "default_deny_incoming"
    ]
  },
  "sessionId": "sess_a1b2c3d4e5f6g7h8",
  "userId": 12345,
  "timestamp": "2024-01-15T10:30:00Z"
}

Example Response

{
  "status": "success",
  "configId": "cfg_9x8y7w6v5u4t3s2r",
  "timestamp": "2024-01-15T10:30:15Z",
  "configurations": {
    "kernel_hardening": {
      "file": "hardening-kernel.conf",
      "settings": [
        {
          "parameter": "kernel.kptr_restrict",
          "value": "2",
          "description": "Hide kernel pointers in dmesg and /proc"
        },
        {
          "parameter": "kernel.dmesg_restrict",
          "value": "1",
          "description": "Restrict dmesg access to root only"
        },
        {
          "parameter": "kernel.unprivileged_userns_clone",
          "value": "0",
          "description": "Disable unprivileged user namespaces"
        }
      ]
    },
    "ssh_security": {
      "file": "hardening-sshd_config",
      "settings": [
        {
          "directive": "PasswordAuthentication",
          "value": "no",
          "description": "Disable password-based authentication"
        },
        {
          "directive": "PermitRootLogin",
          "value": "no",
          "description": "Disable direct root login"
        },
        {
          "directive": "Port",
          "value": "2222",
          "description": "Change SSH listening port from default 22"
        }
      ]
    },
    "firewall": {
      "file": "hardening-ufw.rules",
      "settings": [
        {
          "command": "ufw enable",
          "description": "Enable UFW firewall"
        },
        {
          "command": "ufw default deny incoming",
          "description": "Set default policy to deny all incoming"
        }
      ]
    }
  },
  "totalConfigurations": 3,
  "downloadUrl": "https://api.mkkpro.com/hardening/ubuntu-v2/cfg_9x8y7w6v5u4t3s2r/download"
}

Endpoints

GET /

Description: Health check endpoint to verify API availability.

Parameters: None

Response:

  • Status 200: JSON object confirming API health status

POST /api/hardening/generate

Description: Generate Ubuntu security hardening configuration files based on specified hardening options.

Parameters:

NameTypeRequiredDescription
-----------------------------------
hardeningOptionsObjectYesMap of hardening categories to arrays of specific options to enable. Categories may include: kernel_hardening, ssh_security, firewall, apparmor, audit_logging, user_account_security, file_permissions, network_hardening
sessionIdStringYesUnique session identifier for tracking and logging purposes
userIdInteger or nullNoOptional user identifier for audit trail and usage tracking
timestampStringYesISO 8601 formatted timestamp when the request is generated

Response:

  • Status 200: JSON object containing generated configurations, config ID, and download URL
  • Status 422: Validation error with details about invalid request parameters

GET /api/hardening/options

Description: Retrieve all available hardening options across all categories that can be used in configuration generation.

Parameters: None

Response:

  • Status 200: JSON object containing complete list of all hardening categories and their available options with descriptions

GET /api/hardening/categories

Description: Retrieve hardening categories and their associated options for use in building hardening requests.

Parameters: None

Response:

  • Status 200: JSON object containing structured hardening categories, available options within each category, and option metadata including descriptions and impact levels

Pricing

PlanCalls/DayCalls/MonthPrice
-------------------------------------
Free550Free
Developer20500$39/mo
Professional2005,000$99/mo
Enterprise100,0001,000,000$299/mo

About

ToolWeb.in - 200+ security APIs, CISSP & CISM, platforms: Pay-per-run, API Gateway, MCP Server, OpenClaw, RapidAPI, YouTube.

References

  • Kong Route: https://api.mkkpro.com/hardening/ubuntu-v2
  • API Docs: https://api.mkkpro.com:8129/docs

版本历史

共 1 个版本

  • v1.0.0 当前
    2026-05-07 16:31 安全 安全

安全检测

腾讯云安全 (Keen)

安全,无风险
查看报告

腾讯云安全 (Sanbu)

安全,无风险
查看报告

🔗 相关推荐

it-ops-security

MoltGuard - Security & Antivirus & Guardrails

thomaslwang
MoltGuard — OpenClaw 安全守卫,由 OpenGuardrails 提供。安装后可防止您和您的用户受到提示注入、数据泄露及恶意行为的侵害。
★ 116 📥 31,028
it-ops-security

OpenClaw Backup

alex3alex
备份与恢复 OpenClaw 数据。适用于创建备份、设置自动备份计划、从备份恢复或管理备份轮转。处理 ~/.openclaw 目录归档并包含适当的排除规则。
★ 90 📥 31,092
it-ops-security

Free Ride - Unlimited free AI

shaivpidadi
管理OpenClaw的OpenRouter免费AI模型,自动按质量排名模型,配置速率限制备用方案,并更新opencla...
★ 472 📥 78,651