Linux is one of the most widely known and used operating systems out there, being used by many experienced power users and many begginers are increasingly switching to Linux for privacy and security concerns. The complexity of the OS however makes it very difficult to understand, especially for outsiders. And this makes it very vulnerable to exploit attacks as well. One example is the Dirty COW vulnerability which was discovered on Linux after 9 years of existence and was patched.
Why Linux Security Should Not Be Overestimated
The majority of Linux is running a custom kernel – crucial software required to connected hardware and the user interface. This kernel focus makes Linux a very suitable choice when it comes to servers and network infrastructure. Many companies nowadays are working on Linux servers and are monitoring the OS all the time which is a proof that this free software is widely applicable. And not only this, but also many businesses are adopting Linux due to it is not as popular as Windows and less likely to become a target of massive botnets and different malware that attacks automatically and via spam and because most Widespread malware is designed to penetrate Windows systems as well.
But this does not mean that Linux is a safe operating system. There are many bugs that are discovered up to this day. Some of those bugs may be even crucial for an attack conducted via exploits created specifically for the bug. This is why we have decided to give one or two general tips for beginners to increase your Linux security and maintain it.
Tip 1: Modify the Firmware
First, before going on an OS level, it is important to enter your firmware, whether it is Uefi or Bios and disable any boot from network or external drives. Another additional measure is to add a UEFI or hard drive password on switch on (or both).
Tip 2. Partitions
Also, it is important to create multiple partitions when you install the OS. This is a security measure against any incidents that damages one logical partition. It will also allow to preserve other partitions.
Tip 3: Make sure to enable SSH (Secure Shell)
These modifications are very good when it comes to taking advantage of the SSH protocol which is encrypted, unlike the conventional Telnet as well as rlogin protocols.
It can be performed via opening the primary SSH configuration file:
Then disabling the root login:
Then allowing only some users(administrators) to access the device:
Then enabling the version 2 of the SSH:
Tip 4: Update your Linux system regularly
It is very important to always check for updates either via the terminal of your Linux OS or via the Update Center of any other Linux distribution.
For servers, the following commands can be used:
→ yum updates
Tip 5: Disabling USB or other external media to be detected.
Performing this will prevent any infection via a USB stick. It can be performed via the following command (for servers):
→ install usb-storage /bin/true
Tip 6: Enable SELinux
Security-Enhanced Linux also known by many as SELinux is a mechanism supported by linux. If this is enable by default it is strongly advisable to reenable it, because the mechanism increases security policies.
It can be enabled and configured by tinkering with the following commands:
→ Setenforce enforcing (for enabling)
System-config-selinux (for entering configuration terminal)
Tip 6: Check for Kernel upgrades.
It is very important to often check for any Kernel upgrades to new ones because they include patches of crucial exploits. The administrative commands for this are:
→ sudo apt-get update (regular update)
Sudo apt-get dist-upgrade (for upgrade of the distribution version)
Uname –r (to check Kernel version)
Conclusion and More Tips
The bottom line is that this is just the basic security enhancements of your Linux system. It is not all that needs to be done to increase security and thanks to the guys at Tecmint (http://www.tecmint.com/linux-server-hardening-security-tips/), you can find further commands to increase the security of your Linux server as well. Because we all know that a strong server means stronger network as well.