Linux Guide 📓

Security

Last updated: 2024, Mon Jun 3rd at 13:43 CDT

Linux security has been a cornerstone of its development, because of a heavy focus on securing servers and workstations. While there are multiple features that help ensure security for Linux, no operating system is totally secure.

Tips for improving Linux security #

  1. Only install necessary packages and try to get them only from official sources.
  2. Disable root login and assign administrator privileges to an existing or new user.
  3. Remove any unnecessary guest or default accounts.
  4. Use good password hygiene, including creating strong individual passwords, changing them regularly, or using a password manager.
  5. Use Linux antimalware and antivirus programs.
  6. Make sure that your system is update regularly, either through manual installations or automatic updates.
  7. Run a firewall.
  8. Additional security can be added if necessary, like 2FA, VPNs, disk encryption, and proxies.

ChkrootKit #

This tool is use to check for signs of a rootkit. This is not required on most systems and can be skipped, unless you suspect a rootkit or your system has been compromised.

Official Site

To Install: #

Preferred method

Best installed though your package manager, in rare cases a security repo may need to be enabled

Only available in the AUR

AUR: chkrootkit

sudo apt install chkrootkit

sudo dnf install chkrootkit

sudo zypper in chkrootkit

ClamAV #

ClamAV is a cross-platform antimalware, free open-source software toolkit able to detect many types of malware, including viruses. It includes a multi-threaded scanner daemon, command-line utilities for on-demand file scanning and automatic signature updates.

Official Site Official Documentation

To Install: #

Preferred method

ClamAV is available in most package managers.

sudo pacman -S clamav

sudo apt install clamav

sudo dnf install clamav

sudo zypper in clamav

Essentials #

After installing, you more then likely have to run a first time setup to generate a the configurations. Consult the configuration documentation for more information.

UFW #

Uncomplicated Firewall, or UFW, is an easy to use CLI tool for managing a netfilter firewall. Even though UFW is a CLI program it does have few GUI applications that work with it, most notably is gufw.

Official Site Wiki

To Install: #

Preferred method

Install UFW though your package manager

sudo pacman -S ufw

sudo apt install ufw

sudo dnf install ufw

Firewalld #

Firewalld provides a dynamically managed firewall with support for network/firewall zones that define the trust level of network connections or interfaces. It has support for IPv4, IPv6 firewall settings, ethernet bridges and IP sets.

Official Site GitHub

To Install: #

Preferred method

Install Firewalld though your package manager

sudo pacman -S firewalld

sudo apt install firewalld

sudo dnf install firewalld

sudo zypper in firewalld

Backlinks

Interactive Graph