vpz
There is no one way to secure Linux servers because Linux isn’t one thing due to distribution sprawl. How you do things depends on the distribution. If you want a general guide the CIS Benchmarks are a decent place to start. Then you can make a guide on how to implement them with your target Linux server distribution. Keep in mind this is for the OS and application hardening is just as important, and is an entirely different can of worms. https://downloads.cisecurity.org/#/
Something I don’t think is talked about enough in offensive cybersecurity training / skill development are communication skills. Too often we are seeing folks try to enter these roles without the ability to write reports and give presentations to audiences with a mix of technical and business attendees. My recommendation to folks considering these roles is to put in the time to get communication skills to a very professional level. Train it just like report writing or public speaking was a new shiny hacking certification. It will improve your chances of landing the job.
I asked this question on Mastodon and got some helpful answers. I haven’t had the time to try anything yet, but here are some links. KDE: https://github.com/pjones/plasma-manager Gnome: https://hoverbear.org/blog/declarative-gnome-configuration-in-nixos/ Xfce may be similar to the Gnome article but using xfconf and xfconf-query to get the settings to apply. Again I haven’t tried any of these suggestions. This is a summary of the info I got elsewhere.
Starting Offensive Security EXP-301 Windows User Mode Exploit Development next week. Binary exploitation isn’t needed much in my work, but need it for OSCE3. After this I hope to be able to stick to normal training courses built for working professionals - instead of second job for many months plus grueling 72 hour exam + reporting courses. “Just one more and then I’ll quit”. Lol.