Skip to main content

Hardening of Linux

Introduction

Despite the fact that Linux is Open Source and Linux it comes as a surprise that in the default installation are some hidden trackers and spy software.

Hardening

There is a script that will remove all malware. Originally written for Linux, but it van easily adopted for other distributions.

Ubuntu Secure

This script does:

  • System update and software upgrade
  • Amazon & advert web apps removing
  • AptUrl Removing ( tool, which gives possibilities to start installation by clicking on url, can be executed with js, which is not secure)
  • Guest session disable for LightDM
  • Remote login disable for LightDm
  • DNS encryption (dnscrypt-proxy)
    I don't recommend this, hence my DNS server is not working with encryption.
    apt -y remove dnscrypt-proxy
  • FireWall (UFW)
  • Antivirus (ClamAV)
  • Brute Force protection (Fail2Ban)
  • Basic Telemetry Removing (ZeitGeist) and unsecure libs and pre-installed software with high and potentional risks

 

Back to top