Basic Security Tips to Protect Linux System


Linux is a popular operating system that is used for various purposes, including servers, desktops, and mobile devices. With its open-source nature and robust security features, Linux is generally considered to be more secure than other operating systems. However, this does not mean that Linux is immune to security risks. Like any other operating system, Linux can be vulnerable to cyber attacks if it is not properly secured. In this article, we will discuss some basic security tips that you can use to protect your Linux system.

Keep Your System Up-to-date

The first and foremost step to secure your Linux system is to keep it up-to-date with latest security patches and updates. Regular updates ensure that any known security vulnerabilities are fixed, making it harder for hackers to exploit them. To update your system, simply run following command in terminal −

sudo apt update && sudo apt upgrade

This command will update your system to latest available packages.

Use a Firewall

A firewall is a network security system that monitors and controls incoming and outgoing network traffic. It acts as a barrier between your Linux system and internet, blocking any unauthorized access attempts. Linux comes with a built-in firewall called iptables, which you can configure to meet your security requirements. For example, to block incoming SSH traffic, run following command −

sudo iptables -A INPUT -p tcp --dport ssh -j DROP

This command will drop any incoming SSH traffic.

Disable Unnecessary Services

By default, Linux comes with several services that may not be needed for your particular use case. Running unnecessary services not only consumes system resources but also increases attack surface of your Linux system. Therefore, it is recommended to disable any services that are not required. To view a list of running services, run following command −

sudo systemctl list-unit-files --state=enabled

This command will show a list of all enabled services. To disable a service, use following command −

sudo systemctl disable <service-name>

Replace <service-name> with name of service you want to disable.

Use Strong Passwords

One of most common ways hackers gain unauthorized access to Linux systems is by brute-forcing weak passwords. Therefore, it is crucial to use strong passwords that are difficult to guess. A strong password should be at least 12 characters long and contain a mix of uppercase and lowercase letters, numbers, and symbols. You can use a password manager like KeePassXC to generate and store strong passwords.

Enable Two-Factor Authentication

Two-factor authentication (2FA) adds an extra layer of security to your Linux system. With 2FA enabled, a user needs to provide two forms of authentication to access system, typically a password and a verification code sent to their mobile device. This makes it much harder for hackers to gain unauthorized access, even if they have your password. To enable 2FA on your Linux system, you can use a tool like Google Authenticator.

Encrypt Your Hard Drive

Encrypting your hard drive protects your data from being accessed if your Linux system falls into wrong hands. Linux offers several encryption options, including LUKS and dm-crypt. To encrypt your hard drive, you will need to reinstall Linux and select encryption option during installation process. Alternatively, you can use a tool like VeraCrypt to encrypt your existing Linux installation.

Use SSH Keys for Remote Access

SSH (Secure Shell) is a protocol used to securely access remote systems. By default, SSH uses a username and password to authenticate users. However, this method is vulnerable to brute-force attacks. To increase security of remote access, it is recommended to use SSH keys instead of passwords.

SSH keys use public-key cryptography to authenticate users, making it much harder for hackers to gain unauthorized access. To use SSH keys, you will need to generate a public-private key pair on your local machine and upload public key to remote server. You can generate an SSH key pair using following command −

ssh-keygen -t rsa

This command will generate an RSA key pair. Once you have generated your key pair, you can upload public key to remote server using following command −

ssh-copy-id <user>@<host>

Replace <user> with your username on remote server and <host> with IP address or domain name of remote server.

Use SELinux

SELinux (Security-Enhanced Linux) is a Linux kernel security module that provides mandatory access control (MAC) policies. MAC policies define what actions are allowed or denied for each user and process on system. By default, Linux uses discretionary access control (DAC), which allows users to control access to their own files and processes. However, DAC is vulnerable to privilege escalation attacks, where a user gains access to resources they should not have access to. SELinux provides a more secure alternative to DAC. To enable SELinux on your Linux system, you can use following command −

sudo setenforce 1

This command will enable SELinux in enforcing mode.

In addition to security tips discussed above, there are some other measures you can take to protect your Linux system. Here are a few more tips −

Use Antivirus Software

While Linux is generally considered to be more secure than other operating systems, it is not immune to malware attacks. Therefore, it is recommended to use antivirus software to scan your system for viruses and malware. There are several antivirus software options available for Linux, such as ClamAV and Sophos Antivirus.

Use a Virtual Private Network (VPN)

A virtual private network (VPN) is a technology that creates a secure connection between your Linux system and internet. By using a VPN, you can encrypt your internet traffic and hide your IP address, making it harder for hackers to intercept your data. There are several VPN services available for Linux, such as OpenVPN and NordVPN.

Monitor System Logs

Monitoring system logs can help you detect and prevent security breaches. System logs contain information about system events, such as login attempts, file changes, and network activity. By regularly reviewing system logs, you can identify any suspicious activity and take appropriate action. Linux provides several tools for monitoring system logs, such as logrotate and rsyslog.

Harden Your Web Server

If you are running a web server on your Linux system, it is crucial to harden it to prevent attacks. Some of measures you can take to harden your web server include −

  • Disable unnecessary modules and plugins

  • Use secure SSL/TLS encryption for web traffic

  • Implement rate limiting to prevent brute-force attacks

  • Use a web application firewall (WAF) to filter malicious traffic

Conclusion

In conclusion, securing your Linux system requires a combination of best practices and tools. By keeping your system up-to-date, using a firewall, disabling unnecessary services, using strong passwords, enabling 2FA, encrypting your hard drive, using SSH keys for remote access, and using SELinux, you can significantly reduce risk of cyber attacks. While these tips are a good starting point, it is important to remember that security is an ongoing process, and you should regularly review and update your security measures to stay protected.

Updated on: 10-Apr-2023

156 Views

Kickstart Your Career

Get certified by completing the course

Get Started
Advertisements