Experts agree that Linux is the most secure operating system out there, beating both Windows and iOS. But that doesn’t mean your work is done — there are still bugs and threats you need to prepare yourself for. Even though securing a Linux device might require more effort than in case of a more mainstream operating system, going the extra mile really pays off.
`1. Keep server software updated
Server software updates are a direct response to newly exposed threats and bugs. Information spreads fast, especially in the world of cybercrime, so if you don’t want your system to be low-hanging fruit for hackers, you need to act fast. Always make sure to install updates as soon as they become available.
2. Disable unused network ports
Unused network services can become an easy target for hackers. To protect your device, run a period test to see all currently open network ports and their associated services. You can do this by using the “netstat” command, followed by “chkconfig” command to disable unwanted service.
3. Periodically run a rootkit check
A rootkit is a collection of software tools that gives the hacker remote access to and control over your computer. While there are legitimate uses for rootkits, most of the time they provide backdoor access for network security attacks. That’s why it’s crucial to scan your Linux for rootkits periodically. You can make this easy by installing a rootkit detector, for example, chkrootkit.
4. Use a firewall
A considerable advantage of the Linux OS is that it can be customized and configured directly in the source code. This quality also applies to Linux firewalls which vary in the degree of assistance needed. You can set up a firewall directly in the code or install one that will lay the groundwork for you, depending on how customized you want it to be.
5. Only use strong passwords
Yes, creating a unique password for every single account is a pain. But there’s no room for laziness if you want your Linux to run securely. Use a password generator to come up with strong passwords. A good password should never be a dictionary word and must include a mix of the following: lower case letters, upper case letters, numbers, and special characters.
6. Invest in a password manager
To keep track of all your strong passwords, you’ll need a password manager. Programs like LastPass or 1password allow you to securely store passwords, logins, credit card details, and other sensitive information. You can access your vault with one master key — make sure to choose a password you’ve never used before and periodically change it for extra security.
7. Use disk partitioning
A great and relatively easy way to add an extra level of security is disk partitioning. It allows you to to keep operating system files away from user files, tmp files, and third-party programs.
8. Switch from FTP to SFTP
File transfer protocol (FTP) is outdated, which makes it prone to extra threats. SFTP, known as “secure FTP”, fully encrypts all data so it’s a much better choice for your Linux.
9. Get a reliable VPN
Connecting to Wi-Fi is one of the most dangerous things you can do with your device. But of course, that’s the main activity we use our computers for. Always secure your internet connection with a high-quality Linux VPN to protect yourself from prying eyes and attacks such as the man-in-the-middle attack.
Watch out for free VPN providers, though. The market is flooded with fake or malicious services so be critical before you download a VPN app onto your device.
10. Back everything up
A common type of malware used in cyber attacks is ransomware, which will deny you access to your data until a ransom is paid to the attacker. If you don’t want to risk losing all your files, it’s essential to regularly back everything up.