Hardening your Linux Operating System

[labbe5]

If you use a Linux operating system, it means you are aware of its superiority in terms of security, because you needed a reason to switch from Windows to Linux. No need to have an antivrius, anti-malware installed, it is a selling point for some. Others like it because it is free.

But Ubuntu users, and derivatives, can make their operating system even harder to hack into.

Read on and try to apply some advices to Puppy or Dog OS.

Part 1 : Physical Attack Defense
https://null-byte.wonderhowto.com/how-t ... e-0185565/

Part 2 : Network Attack Defense
https://null-byte.wonderhowto.com/how-t ... e-0185709/

Part 3 : Application Hardening & Sandboxing
https://null-byte.wonderhowto.com/how-t ... g-0185710/

Part 4 : Auditing, Antivirus and Monitoring
https://null-byte.wonderhowto.com/how-t ... g-0185572/

Now, after reading this series, knowing how to harden your Linux operating system, specifically Ubuntu, and derivatives, update and upgrade your system on a regular basis, and you should be fine.

Firefox Hardening Guide :
https://www.privateinternetaccess.com/b ... ing-guide/
user.js template for configuring and hardening Firefox privacy, security and anti-fingerprinting
https://github.com/ghacksuserjs/ghacks-user.js
A comprehensive list of Firefox privacy and security settings
https://www.ghacks.net/2015/08/18/a-com ... -settings/
Firefox Configuration Guide for Privacy Freaks and Performance Buffs
https://12bytes.org/tech/firefox/firefo ... ance-buffs
If committed to have Ubuntu and Debian hardened, also read :
https://inteltechniques.com/data/ubuntu.pdf
https://brandonjl.com/linux-security-101/

Is offline cache really needed?
You may configure Firefox , in about:config, to disable the use of an offline cache.
browser.cache.offline.capacity 0
browser.cache.offline.enable false

To enable hardware acceleration in Firefox :
about:config
layers.acceleration.force-enabled setting. Double-click on the ‘false’ listed under the ‘value’ column to set it to ‘true’.

Further reading :
https://darkwebnews.com/cyber-security/ ... ta-breach/
https://threatpost.com/threatlist-almos ... ky/136636/
Readers will take notice that the hacker does not write about Linux operating systems in following article, ask yourself why :
https://null-byte.wonderhowto.com/how-t ... d-0157336/
secure emailing for everybody :
https://tutanota.com/blog/posts/innovative-encryption
https://addons.mozilla.org/en-US/firefo ... validator/
https://tutanota.com/blog/posts/dane-ho ... er-plugins
The Ultimate Online Privacy Guide (last updated : 2014)
https://darknetmarkets.org/guides/the-u ... acy-guide/

[rufwoof]

Read on and try to apply some advices to Puppy or Dog OS

Open a terminal window (urxvt/xterm/lxterminal ... whatever) as root, open another as spot and using something like xdotool from the spot terminal window you can issue commands to set focus and use something like (don't do this) xdotool text 'rm -rf /' or xdotool key ctrl+alt+F1 ..etc. to the root terminal window. Some programs such as file managers, text editors can include options to open a terminal window, rox for instance most certainly does (i.e. root rox + spot cli can have spot invoking root actions relatively easily). Running one program such as a browser as spot within a root X session isn't secure as X by default isn't secure.

Windows security issues are a consequence of predominance (large numbers) and, historically, due to failing to adequately separate admin and user. Puppy is guilty of the latter.

[8Geee]

The Firefox hardening guide is a must read for Firefox and clone users. About the only thing I didn't have was disable WebGL.


I have what is considered (by article) a hardened Firefox version here.
Just need to disable webGL in about config.

IIRC puppy has a root password manager that causes a password to be entered at every boot-up. I need a link to that thread. Thanks

Regards
8Geee