Posted on
Getting Started

Hardening Linux: Security Best Practices

Author
  • User
    Linux Bash
    Posts by this author
    Posts by this author

Hardening Linux: Security Best Practices with Bash Commands

In the world of Linux, system security is a priority for admins and users alike. While Linux is often praised for its robust security model, no system is infallible. Hardening your Linux system minimises the risk of attackers exploiting your machine. In this blog post, we will cover key security best practices and operational steps using Bash commands, tailored for various Linux package managers like apt (Debian/Ubuntu), dnf (Fedora), and zypper (openSUSE).

1. Keep Your System Updated

One of the simplest and most effective ways to secure your Linux system is to keep it updated. Updates often include patches for security vulnerabilities, so regular updates can prevent potential exploits.

Debian/Ubuntu (using apt)

sudo apt update && sudo apt upgrade

Fedora (using dnf)

sudo dnf check-update
sudo dnf upgrade --refresh

openSUSE (using zypper)

sudo zypper refresh
sudo zypper update

2. Minimise Installed Packages

The fewer programs you have installed, the smaller the attack surface of your system. Removing unnecessary packages can reduce potential vulnerabilities.

Debian/Ubuntu

sudo apt autoremove

To remove a specific package:

sudo apt remove [package-name]

Fedora

sudo dnf autoremove

To remove a specific package:

sudo dnf remove [package-name]

openSUSE

sudo zypper rm --clean-deps [package-name]

3. Manage User Privileges

Avoid using the root account for daily operations. Instead, create a non-privileged user for daily tasks and use sudo for commands requiring administrative privileges.

Adding a New User

sudo adduser [username]

Granting sudo privileges:

sudo usermod -aG sudo [username]

4. Harden Network Security

Configuring and hardening the firewall is crucial to managing what traffic is allowed to enter or exit your system.

Check Firewall Status and Enable It

For systems using ufw (Uncomplicated Firewall):

sudo ufw status
sudo ufw enable

To allow specific traffic, such as HTTP:

sudo ufw allow http

Fedora/openSUSE (using firewalld)

Checking status:

sudo firewall-cmd --state

Enabling and setting default zone:

sudo systemctl enable firewalld
sudo systemctl start firewalld
sudo firewall-cmd --set-default-zone=public

5. Secure SSH Access

Securing SSH is vital to preventing unauthorized access.

Edit SSH Configuration

Edit /etc/ssh/sshd_config with your preferred editor:

sudo nano /etc/ssh/sshd_config

Make changes such as:

  • PermitRootLogin no

  • PasswordAuthentication no

  • AllowUsers [username]

Restart SSH service to apply changes:

sudo systemctl restart sshd

6. Set Up Automatic Security Audits

Installing and configuring audit tools like auditd can help you keep track of security-related events.

Install auditd

sudo apt install auditd # Debian/Ubuntu
sudo dnf install auditd # Fedora
sudo zypper install auditd # openSUSE

Configuring auditd

Edit /etc/audit/audit.rules and then restart the audit daemon:

sudo systemctl restart auditd

Conclusion

Hardening your Linux system is an ongoing process and requires regular review and updates. By keeping your system updated, minimizing installed packages, managing user privileges, hardening network security, securing SSH access, and setting up security audits, you enhance your Linux system's defenses significantly. Regularly revisiting these steps will help keep your system secure against the evolving landscape of cyber threats.

Further Reading

For those interested in delving deeper into Linux system security, here are some recommended further readings:

  1. Linux Server Security: Hack and Defend
    Learn how to protect your Linux servers against modern threats with this book by Chris Binnie. Read More

  2. Advanced Bash-Scripting Guide
    An in-depth exploration of scripting in Bash, including examples pertinent to security tasks. Read More

  3. Introduction to Linux Audit System 'auditd'
    An article focusing on the configuration and usage of auditd for security auditing. Read More

  4. Securing SSH: Best Practices
    Covers secure configurations and deployment practices for SSH, essential for secure system administration. Read More

  5. Firewall Configuration for Linux Servers
    Comprehensive guide on setting up and configuring firewalls using ufw and firewalld. Read More

These resources provide a solid foundation for understanding and implementing security measures on Linux systems. Each link offers detailed guidelines and practical advice on safeguarding Linux environments from potential threats.