Skip to content
/ softening-cookbook Public

The OPPOSITE of hardening/remediation cookbooks or scripts!

2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

alexpop/softening-cookbook

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
attributes
attributes
 
 
libraries
libraries
 
 
recipes
recipes
 
 
spec
spec
 
 
.kitchen.yml
.kitchen.yml
 
 
Berksfile
Berksfile
 
 
README.md
README.md
 
 
chefignore
chefignore
 
 
metadata.rb
metadata.rb
 
 

Repository files navigation

Softening Chef Cookbook

The OPPOSITE of hardening/remediation cookbooks or scripts!

It uses industry security recommendations(CIS Benchmarks in this case) and configures a RHEL/CentOS 7 machine AGAINST all these practices.

PLEASE firewall the instances that use this cookbook from the public and your internal network. The cookbook installs DHCP and other legacy services like: telnet, rsh, rlogin, etc. These are easily exploitable, especially when setup with their default configs.

Why on earth do I want to use this cookbook?!?

A few use-cases:

  • Training in penetration testing and security recommendations
  • Creating honeypots
  • Testing your security/compliance software. We use this to ensure the correctness of compliance reports when using Chef Compliance and the open source InSpec framework

Attributes

See attributes/default.rb for tweaking how the cookbook works.

Contributions

Looking forward for any feedback or contributions, cheers!

About

The OPPOSITE of hardening/remediation cookbooks or scripts!

Resources

Readme
Activity

Stars

2 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages