Hardening GNU/Linux
“Linux” is really GNU software operating with a Linux kernel, and GNU software there are many resulting in an incredible amount of distributions, all called “Linux”. Some even build on each other, such as Debian -> Ubuntu. It is impossible to cover them all.
Version 0.1: These mitigations are kept as simple as possible, with tools found in most distros. Some things are harder to cover. For example, each distro has its own privacy settings somewhere, and there are even distro’s that have specialised in privacy.
- Introduction
- Service management
- Application armour (AppArmor)
- Restrict access to at and cron
- Disable startup applications
- Choose a secure browser that protects your privacy
- Use a secure messaging service
- Use secure email services
- Use SSH tunnels
- Use a VPN service
- Use a firewall as a VPN fail-safe mechanism
- Use alternative DNS servers
- Use a Tor proxy
- Anonymise SSH sessions with Tor
- Change MAC address
- Renew IP lease
- Edit hosts file