What are the ways to improve the security of the Linux operating system?
Security is a term that many users use today. Today, the use of Linux servers on the Internet has increased a lot, and maybe you are one of its users right now. This article has examined some golden tips for establishing security on Linux servers.
Undoubtedly, a desktop computer with Linux will be much more secure than the same computer with other operating systems. The essential item is that you do not always have to use special security software and techniques to achieve a good level of security. Sometimes the easiest ways to gain security are those that are quickly forgotten.
You may feel that these things are widespread, but you may find security solutions in these ordinary things that you did not know before. If you are a beginner Linux user, here are some tricks to get you started. So rest assured you will have a good Linux experience.
- Screen Lock and Log Out
- Hiding files and folders
- A strong password is always necessary
- Do not install file-sharing software
- Perform system updates regularly
- Install a virus detector
- The existence of SELinux has applications
- Create a home folder on a separate partition
- Use of an unconventional user interface
- Sometimes it’s best to stop the services
Screen Lock and Log Out
Most users forget that Linux has a multi-user environment. Because of this, you can log out and have others log in.
This means that others can access your system, so you can and should log out when you are done. Of course, logging out is not the only option for you.
If you are the only user of your system, you can lock the screen instead of logging out.
Locking the screen is easy, so you will be asked for a password when you log back in. The distinction between logging in and logging out is that you can leave apps running and lock the screen. The same programs are still running when you open the system by entering the password.
Hiding files and folders
In Linux, files and folders are added with a dot “.” They are hidden at the beginning of their name. So, for instance, the “Test” file is displayed in a file browser but “Test.” No. Most users are unaware that executing the “ls-a” command will reveal hidden files and folders.
You can also find hidden files and folders in graphical mode by pressing “Ctrl + H” simultaneously. So if you have files and folders that you do not want your co-workers to see, you can easily add a dot to the beginning of their name. You can also use the command line by running this command, i.e., mv test .test.
A strong password is always necessary.
Your golden key to security on a Linux computer is your password. If you tell others your password or have a weak and guessable password, it is as if you have given your golden key to others. For example, a password gives users more power than Fedora if you use a distribution like Ubuntu.
So you need to make sure you choose a strong password. There are also password generator programs that can help. For example, a Password Generator is a good option.
Do not install file-sharing software.
Many Linux users have a strong desire to share files. There is no problem if you want to take this risk at home. But when you are at work, not only do you open the way for a company to sue you, but you also open the way for other users who may have access to sensitive information on your computer. So, as a tradition, do not install file-sharing software.
Perform system updates regularly
Linux is not Windows. In Windows, you get security updates when Microsoft releases them; Which can be several months later. In Linux, a security update may be released minutes or hours after a security hole is detected.
Both KDE and Gnome have Internet updates. If you always have them running, you can be notified when an update is released. Do not worry about updates! There must be a reason they are published.
Install a virus detector
I do not know whether you believe it or not. Antivirus software also has its place in Linux. It is true that the chance of a problem in Linux caused by a virus is meager and zero, But the emails that come to you and you forward to your Windows friends can be problematic.
With a good antivirus, such as ClamAV, you can ensure that emails sent from your computer are not malicious and can cause problems for you or your company.
The existence of SELinux has applications.
SELinux (Security-Enhanced Linux) was developed by the US National Security Agency and helps lock access to software controls. And it does it very well. Surely SELinux can be a nuisance sometimes.
In some cases, it may slightly reduce system performance. Or some software may have problems installing with SELinux. Nevertheless, the security you get from installing Novell with SELinux or AppArmor is worth the downside. You can enable SELinux when installing Fedora.
Create a home folder on a separate partition
The default Linux installation puts the home folder, which contains users’ personal information, right at the system’s root. This is fine, but it’s standard, and anyone who has access to your computer knows exactly where your information is.
Second, if your system crashes for some reason and the operating system is not available, your information may be lost. You can put the home on a separate partition to solve this problem. You can do this valuable work if you are very concerned about losing your information.
Use of an unconventional user interface
Alternative user interfaces for KDE and Gnome, including Enlightenment, Blackbox, Fluxbox, etc., give your computer a new feel and feel and give you a simple way to prevent prying eyes! For example, I used Fluxbox on a laptop; I wanted to do just one thing: Browse the web. This is easily achievable. Create a mouse menu for the software you want to use. Others will not run any software other than the one you provided. However, most users have no idea how to navigate these environments.
Sometimes it’s best to stop the services.
This is a desktop computer. Not a server. So why run services like httpd, ftpd, and sshd? You do not need them, and they are just a loophole for your computer security. If you do not know how to stop them, do not run them. Check the /etc/inetd.conf file and make sure all unnecessary services are commented on (if a # line is placed first, that line is an explanation and will not run); This is a simple but effective task.
Source:https://rasekhoon.net/article/show/1502979/%D8%A8%D8%B1%D8%A7%DB%8C-%D8%A7%D9%81%D8%B2%D8%A7%DB%8C%D8%B4-%D8%A7%D9%85%D9%86%DB%8C%D8%AA-%D8%B3%D8%B3%D8%AA%D9%85-%D8%B9%D8%A7%D9%85%D9%84-%D9%84%DB%8C%D9%86%D9%88%DA%A9%D8%B3-%DA%86%D9%87-%DA%A9%D9%86%DB%8C%D9%85