Several tips for strengthening the security of Linux systems

Once a computer system is attacked by malware, there is a risk of leaking private data. In addition to using security anti-virus software, there are some necessary security measures. We will introduce how to protect the security of Linux systems.

1. Use SELinux

SELinux is used to reinforce the security of Linux, and with it, users and administrators can control access to more control. SELinux adds finer granularity control to access control. Unlike the ability to specify who can read, write, or execute a file, SELinux lets you specify more controls such as who can delete links, add only, and move a file. (LCTT Annotation: Although NSA has also contributed a lot of code to SELinux, there is no evidence that SELinux has potential backdoors.)

2Disabling unused services and applications

Generally speaking, users are large. Most of the time, half of the services and applications on their systems are not used. However, these services and applications will still run, which will attract attackers. Therefore, it is best to stop these unused services. (LCTT Annotation: Or simply do not install services that are not used, so you do not have to pay attention to whether they have security vulnerabilities and the upgrade.)

3 subscription vulnerability alert service

security flaws Not necessarily on your operating system. In fact, vulnerabilities are more common in installed applications. In order to avoid this problem, you must keep your application updated to the latest version. Also, subscribe to vulnerability alert services such as SecurityFocus.

4 Using Iptables

What is Iptables? This is an application framework that allows users to build a powerful firewall for their own systems. Therefore, to improve security, you need to learn how to use a good firewall and how to use the Iptables framework.

5 Checking System Logs

Your system log tells you what happened on the system, including whether the attacker successfully entered or tried to access the system. Always be vigilant, this is your first line of defense, and the system log is constantly monitored to keep this line of defense.

6 Consider using port probes

Setting up port knocking is a great way to establish a secure connection to your server. The general practice is to have a specific package to the server to trigger the server's response/connection (open the firewall). Port knocking is a good safeguard for systems with open ports.

7. Default Deny All

Firewalls have two ideas: one is to allow each point of communication, and the other is to deny all access, prompting you for permission. The second is better. You should only allow those important communications to enter. (LCTT Annotation: the default license policy and the default prohibition strategy, the former you need to specify which should be banned, in addition to all release; the latter you need to specify which can be released, except that all prohibited.)

8. Using Full Disk Encryption

Encrypted data is harder to steal, and sometimes it is impossible to steal it. This is why you should encrypt the entire drive. In this way, if someone enters your system, he will have a headache after seeing the encrypted data. According to some reports, most data loss stems from the theft of the machine.

9. Using Intrusion Detection Systems

Intrusion Detection Systems, or IDS, allow you to better manage communications and attacks on your system. Snort is currently recognized as the best IDS on Linux.

The above describes the method of protecting the security of Linux systems. Although these methods can enhance the security of Linux systems, it is not acceptable if there is no security awareness.