Getting started in Linux security

tmxdd23 · October 21, 2024, 9:21pm

Well, guys, I’ll be quick: I want to make sure everything is OK with my computer; that nothing suspicious or out of my sight is going on. I’m not an Linux expert and I don’t have time to audit my system like crazy, so I’m not sure what should I do to simplify the security checks on my system.

What should I do? :think:

Onscreen5341 · October 22, 2024, 7:16am

Some tips:

check out the arch wiki about security
check out lynis for cli based security audits.
make regular ClamAV scans of the whole system. But please don’t assume that your system is safe if nothing is found. ClamAV is really primitive.

And more can’t you really do, if you have limited knowledge. The next step would be to set up your own siem (wazuh) and run audits with it. And analyze network traffic of your entire network with a Firewall like Opensense. And combine this data to search for threats.

rollsicecream · October 22, 2024, 8:17am

There’s also Linux kernel hardening. Of course, going this route, you should proceed with caution.