24 enhanced linux security tips

Everyone thinks that Linux is safe by default, and I am generally recognized (this is a controversial topic). Linux does have a built-in security model by default. You need to open it and customize it to get a safer system. Linux is more difficult to manage, but it is more flexible and has more configuration options.

It’s always a challenge for system administrators to make the product’s system more secure and free of hackers and hackers. This is the first article on our topic on how to make Linux more secure " or “ harden Linux systems. This article will introduce 24 useful tips and tricks to help you make your Linux system more secure. Hope these tips and tricks below can help you strengthen your system.

1. Physical System Security

Configure the BIOS to disable booting from CD/DVD, external devices, floppy drives. Next, enable the BIOS password and enable GRUB password protection to limit physical access to the system.

Protecting Linux Servers by Setting GRUB Passwords

2. Disk Partitions

It is important to use different partitions, which guarantees higher data security for possible disasters. Sex. By dividing different partitions, data can be grouped and isolated. When an accident occurs, only the data of the partition in question will be destroyed, and the data of other partitions can be retained. You'd better have the following partitions, and third-party programs should be installed under a separate filesystem /opt.

/

/boot

/usr

/var

/home

/tmp

/opt

3. Minimal package installation, minimal vulnerability

Do you really need to install all the services? It is not recommended to install useless packages to avoid the vulnerabilities caused by these packages. This will minimize the risk because a service vulnerability could jeopardize other services. Find and remove or stop unused services to minimize system vulnerabilities. Use the ‘chkconfig‘ command to list all services running at run level 3.

# /sbin/chkconfig --list