Would you like a specific (e.g., config.toml ) hardened against these CIS rules, or a script to audit a running Geth node ?
Based on the search term , you are likely looking for information regarding Geth's compliance with the CIS (Center for Internet Security) Benchmarks or a specific security feature configuration.
Sometimes users confuse with LES (Light Ethereum Subprotocol). geth cis
If you are looking to implement on Geth, your startup command should look something like this (restrictive profile):
[Service] User=geth Group=geth ProtectSystem=strict PrivateTmp=yes NoNewPrivileges=true ReadWritePaths=/var/lib/geth CapabilityBoundingSet=CAP_NET_BIND_SERVICE ExecStart=/usr/bin/geth \ --http --http.addr 127.0.0.1 --http.port 8545 \ --ws --ws.addr 127.0.0.1 --ws.port 8546 \ --authrpc.jwtsecret=/etc/geth/jwt.hex \ --maxpeers 50 \ --nousb Would you like a specific (e
Geth meet CIS-like security posture if you:
| Control ID | Requirement | Pass | Fail | Weight | |------------|-------------|------|------|--------| | RPC-01 | HTTP RPC disabled on public interface | ✔️ | ❌ | 3 | | NET-02 | Maxpeers ≤ 100 | ✔️ | ❌ | 2 | | LOG-01 | Log level ≥ 3 (info) | ✔️ | ❌ | 1 | | KEY-03 | No --unlock in production | ✔️ | ❌ | 5 (critical) | If you are looking to implement on Geth,
The phrase "geth cis" typically refers to the (an artificial intelligence collective) and the CIS (Confederacy of Independent Systems), two major factions from the Mass Effect and Star Wars universes, respectively.