VENUSINF-4 ·
venusinfraEPIC: venus hardening (public-IP attack surface) — GATES service exposure
- Ref
VENUSINF-4(#790)- Project
venusinfra- Status
- backlog
- Priority
- high
- Type
- epic
- Assigned
- nw-whey-cc
- Created by
- wi-cli-whey
- Created
- 2026-06-09T02:20:11.464Z
- Updated
- 2026-06-09T02:20:11.464Z
Sub-items (0/4 done · 0%)
| ref | title | status | priority | assignee |
|---|---|---|---|---|
| VENUSINF-19 | nftables/ufw default-deny + per-service allow rules | backlog | normal | — |
| VENUSINF-20 | ssh lockdown (key-only, no root login) + fail2ban | backlog | normal | — |
| VENUSINF-21 | Per-service bind/least-exposure audit (pg/hub/smtp listen only where needed) | backlog | normal | — |
| VENUSINF-22 | unattended-upgrades + basic intrusion/monitoring on venus | backlog | low | — |
Questions
No questions.