Linux Security Guide

Brilliant idea. I have about zero knowledge on this topic, and a thread like this is up high on my wanted list. Hopefully this all goes well

Ok, seriously now....

Step 0. use strong passwords.

Step 1. do not use any wireless technologies. No wifi, no bluetooth, no wireless keyboards or mice.

Step 2. physical security, keep everything locked, use an alarm system and cameras.

Step 3. always use encryption. Use whole disk encryption and only encrypted protocols.

Step 4. disable all system services/daemons except ssh.

Step 5. do not use the well known ports in /etc/services.

Step 6. read up on iptables at http://netfilter.org/ and apply the strictest firewall rules you can live with.

Step 7. Disable root logins.

Step 8. Install tripwire, aide, etc.

Step 9. Make sure any services running on your computer are only accessible from your LAN.

Step 10. always check the checksums and sigs and run virus scans before you install anything.

Step 11. run rootkit checking software daily.

Step 12. run yum / apt-get daily.

Step 13. to be continued.

Semper Fi

My guide to Linux Security:

Step 1) only install software from the official software distribution application (i.e. in Ubuntu 9.10 that's the Software Store)

Step 2) Enable updates and make sure they are installed at regular intervals

Step 3) Don't connect your PC directly to the internet, but make use of a NAT router in between. Note that this works independently from any firewall you may or may not have.

Step 4) there is no step 4


Basically, if you leave the Windows world where you're used to download executable code from the internet and execute it without thought or restrictions, you're so much better off from a security standpoint. Since virtually all windows PCs are infected with spyware a merge to Linux would be very beneficial to security. Even with a clean windows installation contains a light form of spyware - Microsoft does business with Alexia which integrates their sniffing app with Windows).