Cybersecurity is one of the most important topics nowadays since even the biggest companies are losing the battles against hackers, despite their huge efforts. Today we are providing some security tips for beginners for Linux-based operating systems.
Full disk encryption
Full disk encryption is essential for a potential physical robbery of your PC or laptop, more likely. Normally, all of the data is written to your storage drives without encryption. Most Linux distributions generally ask for encryption preference during the operating system installation phase, on the partition options interface. Enabling it will prevent reading any data from your storage without your master FDE (full disk encryption) password.
Keeping software up-to-date
Updating the software and the operating system itself is an important task that needs to be done by every Linux user. While some of the software updates are developed for extra features on your system, most of them are released for the disclosed vulnerabilities that threaten the users. You can use the distributions’ software updating tools or the following commands in the Terminal:
sudo apt update
sudo apt upgradeLinux firewall
Firewall applications are pretty useful in preventing upcoming, unwanted connections. The Linux kernel has its integrated firewall component, iptables. It allows managing the network traffic to prevent possible attacks. It is not an easy tool to use. However, Uncomplicated Firewall application is available to configure iptables more easily. It is generally included in the Ubuntu and Debian-based distributions. If you don’t have it, you can install and enable it by using the following commands:
sudo apt install ufw
sudo ufw enableYou can check the list of the applications on your device by using the command below:
sudo ufw app listThen, you can grab the details for one of the apps on your system to see the ports they are utilizing:
sudo ufw app info 'APP NAME HERE'Now, let’s block and allow some of the TCP ports for your device:
sudo ufw allow 5555/tcp
sudo ufw deny 6666/tcpAntivirus
Yes, we don’t like using antivirus on our daily driver computers too. But if you are a beginner, you might be unfamiliar with the possible threats and your actions’ possible consequences in Linux as you know very well in Windows. For beginners, we strongly recommend installing antivirus software to your instance. Here are some recommendations for you:
- Sophos Antivirus for Linux
- BitDefender Antivirus
- McAfee Endpoint Security
- ClamAV
Since antivirus software work in a complicated way for protection, they are not easy to install by using simple “sudo apt install” command lines. They all have a long but easy installation procedure, which you can find by a simple Google search.
Securing your browser
For security and privacy, you might want to choose a privacy-oriented browser or use some security extensions for your favorite popular web browser. Here are some security and privacy extension recommendations for your popular web browser:
- HTTPS Everywhere
- Adblock Plus
- uBlock Origin
- NoScript
- Disconnect
- Ghostery
And here are some security and privacy-oriented web browser recommendations:
- Tor
- Brave
- Iridium
Strong password and logging in
As always, choosing a strong password is a very basic but effective way to protect yourself from cyber threats, especially brute force attacks. Adding one or two more special characters to your password will increase the required time for brute-forcing by an incredible amount. Also, you might want to disable automatically logging on to your Linux installation, especially for laptops. You can disable automatic login by visiting your Users section under Settings of your Linux distribution.
Choosing a privacy-focused distro
There are a lot of Linux distributions for every kind of purpose. For security and privacy, you might want to choose one of the distributions you can see below. They come as pre-configured for security and bring pre-installed security-oriented software, such as the browsers we mentioned above:
- Linux Kodachi
- Tails
- Qubes OS
- Septor