making a secure linux enviourment
#1
Linux is just as secure as you make it. although for the most part more secure out of the box it can be just as vunrable as a windows or mac pc if not treated right. a good first step is choosing the linux distrobution which is right for you.

picking the right distrobution for your needs.
picking a distrobution you like is hard, there's so many choices. Distrowatch has a usable search function however it's very unspesific in my mind. asking around on IRC or searching on google is a good way to find distrobutions that simply aren't on Distrowatch, such as Hannah Montana Linux (HML) or Justin Bieber linux (Biebian).
[Image: hhRYhpW.png]
some linux distro's are specialised for one task:
REMnux is a linux distro based on lubuntu specialy designed to reverse-engineering and analyzing malware.
Kali Linux is a very known pentesting and forensics distrobution based on debian.
Tails is by far the most secure linux distro if used correctly. it's a live medium and routs through TOR.
Ubuntu studio is an offical ubuntu flavor which is aimed at creative people wanting to get into linux.

the distro's mentioned above are specialised to only a few tasks and focusing on doing those well. there aren't the only distro's doing this but these are the ones that in my mind are known. there's also linux versions made to be used as important networking items such as firewalls, NAS's etc.

Hardening your security before ANYTHING else.
before you do anything be sure you're secure. updating your kernel and encrypting your harddrive if seems fit. I won't leave any spesific advise here other than get what suits your needs and how far "off the grid" you wanna be. Kernel and system streghetening is in most cases a good thing but don't go overkill if you don't really need it. keep in mind this will either be your everyday OS or something else. adapt after what you're using it for.
googling I found this list with 80 Linux security tools, maybe it's worth a look.

I'll update the the thread whenever I feel like it. feel free to leave anything I've missed and I'll update it with credits Smile
Reply
#2
Good starting point and of course always use common sense. Stay up to date with your distros security by for example subscribing to their securit mailing list, like debians security list. Make sure to frequently update your software with commands like apt-get update and apt-get upgrade or any equivalent alternatives. If you're using debian like me while being kind of lazy I recommend to active un-attended upgrades.

Also if you're looking for one step futher be sure to look into more complex tools like Jails [FreeBSD/*BSD] or SElinux, GRsecurity/PaX and Apparmor kernels.
Reply
#3
The bigger Linux distributions like Debian and Ubuntu are stricter about what they include in their package repositories so if you stick to the official ones the attack surface is lowered. Try to make sure to check for any updates daily. Be sure to use Firefox or Tor Browser as your primary web browser. I prefer Tor Browser since it is not only a secure fork of Firefox ESR but it also helps you keep your traffic anonymous and your identity private online.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Folder sharing between Linux and Windows overfl0wN 5 10,321 04-04-2019, 01:24 AM
Last Post: MuddyBucket
  Using Kali Linux (And other systems) natively on Windows 10 without VM. Insider 2 5,066 03-21-2019, 07:53 PM
Last Post: enmafia2
  What OS or Linux distro is everyone using around here? Kontu 55 70,200 10-26-2018, 06:25 PM
Last Post: 6U4RD14N
  Arch Linux i3 Installation Lummania 10 16,870 07-16-2018, 02:31 PM
Last Post: enmafia2