Minimizing Linux attack surface

Discussion in 'all things UNIX' started by breikop, Sep 23, 2013.

Thread Status:
Not open for further replies.
  1. breikop

    breikop Registered Member

    Joined:
    Jul 24, 2013
    Posts:
    1
    Location:
    UK
    Hi,
    I was wondering: for Windows there are numerous guides and documentation of how to secure the system. For Linux it's hard to find any comprehensive ones (most seem to be for sysadmins who administer servers, but I mean here regular home user who has transisted from Windows to Linux.)

    F.e. my example, I have a few months ago transisted from Win7 to Linux Mint, one of the most popular distros. However from Windows world I have taken the fact that you can minimize the attack surface and thus increase the security by disabling unnecessary services/removing unnecessary apps.

    So taken this Linux Mint that is bundled with lots of sw, I have:
    - created a good password for the account
    - enabled firewall, only outbound connections TCP 80, 443 and UDP 53 are allowed.
    - I have removed packages for sw/services I do not need (removed SSH, FTP, Telnet, Vino, Samba packages) - I understand if I have done that I do not have to disable these services anymore as they are not able to run anyway without the sw;
    - regularly scan with RKhunter and CHKrootkit.

    Any more essential steps to take?
    And links to any good guides are also welcome on Linux security from a standard user perspective.
     
  2. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    A similar question was posted on the CrunchBang Linux forums:

    http://crunchbang.org/forums/viewtopic.php?id=29012

    Personally, I don't think regular home users would need to harden their Linux installs as much as a sysadmin would for a server. Instead I would focus on choosing good passwords, encrypting private data, and being cautious about scripts you download from the internet.
     
  3. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    1,984
    Location:
    Canada
    @breikop,

    you'll pleased to know Ubuntu and its derivatives are very secure by default:

    -https://wiki.ubuntu.com/Security/Features

    Certainly not necessary, but if you're so inclined and comfortable doing so, you might want to look at hardening Internet-facing applications, browser especially, using Apparmor:

    -https://help.ubuntu.com/community/AppArmor

    there's also a good thread in this forum:

    -http://www.wilderssecurity.com/showthread.php?t=320017

    focus mainly on posts from Hungry Man, x942, Chronomatic and tlu.
     
  4. NGRhodes

    NGRhodes Registered Member

    Joined:
    Jun 23, 2003
    Posts:
    2,331
    Location:
    West Yorkshire, UK
    to follow on from wat0114, important to follow common sense as well, only download software from official repositories, don't mess with your system configuration unless you really know what you are doing (double check security implications). Follow mailing lists and news for any potential security issues.

    Cheers, Nick.
     
  5. John Smith Junior

    John Smith Junior Registered Member

    Joined:
    Aug 2, 2013
    Posts:
    15
    Location:
    Europe
  6. Lucy

    Lucy Registered Member

    Joined:
    Apr 25, 2006
    Posts:
    401
    Location:
    France
    Very bad advice. Security is not a target per se.

    Any distro is (can be) secured enough. The OP has to choose the one that fits his needs. Then the few extra steps provided by wat0114 and Nick are all that matter.

    Once again, Linux is not windows and importing to the Linux world the windows habits is not necessarily correct.
    E.g. RKhunter and CHKrootkit are useless.
     
Loading...
Thread Status:
Not open for further replies.