How to properly secure a Linux computer [closed]
Obviously, there are different methods for securing based on home versus professional computers. My questions generally pertains to securing home desktops, but professional protection is definitely welcome :) Knowledge is power.
Ever since moving to the wonderful world of Linux a couple years ago, I never even really thought about security. Seeing as most low-life scum make viruses for Windows machines seeing as they're more abundant.
But how do I know if I'm safe/secure from anyone who want's to get at me or my stuff. I know that anyone who is determined enough to get in will, there's no question about that. But what steps can I take to ensure I'm protected from things like rogue root shells and automatic attacks? Also, is there a sort of built-in firewall/antivirus in more Linux distros?
I know this question is quite broad seeing as there are tons of ways someone could compromise your system, but maybe you could share what you did to make sure you were safe.
EDIT: I decided to not allow root login via ssh and to change the port is listens on to something random. Hopefully this a step in the right direction. Currently looking at iptables and shutting down services. Hopefully this question will get a lot of quality responses (it's already got 3) and it'll help other paranoids :)
EDIT 2: Got some iptables issues, but it's proving to be a good tool
EDIT 3: As of yet, no one has touched on the issue of hard drive encryption. Is this worth it? I've never used it before so I'm unaware of how it all works. How easy is this to accomplish?
One more edit: in terms of services that should be running on your system, which ones should or should be running? Which ports should be open on your box? Of course this depends on what you use, but what's opened by default and what is dangerous?
You can get very tricky with iptables
. Take a look at the man page
and you'll see just how complex this piece of software is. Aside from not connecting to the net as mentioned above, this is probably about as good as you can do.
If you're using ssh
be sure to not use passwords but instead use public keys.
Only install software from the distribution's trusted repos. There are various measures in place that help to maintain the integrity of the packages found said repos.
Keep your system up to date.
Don't run as root - elevate privileges only when you must.
When browsing the web use things like FlashBlock/AdBlock/NoScript.
Don't panic.
You'll be fine with an out of the box linux installation, just disable any services you don't use. If it's a home PC then you have nothing major to worry about.
I have been running Ubuntu on my desktop for years with just a few services being disabled, like bluetooth and folder sharing and then use the OS. You can install an antivirus if you want but it's not really needed.