Some tips:
- check out the arch wiki about security
- check out lynis for cli based security audits.
- make regular ClamAV scans of the whole system. But please don’t assume that your system is safe if nothing is found. ClamAV is really primitive.
And more can’t you really do, if you have limited knowledge. The next step would be to set up your own siem (wazuh) and run audits with it. And analyze network traffic of your entire network with a Firewall like Opensense. And combine this data to search for threats.