this post was submitted on 16 Sep 2023
43 points (93.9% liked)

Linux

48208 readers
1615 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
 

Im using linux for +-3 yrs and im pretty used to it. Im currently running nixos on my laptop. My question is what kind of hardening do i need firejail, apparmor, selinux, .. all 3 of them ? none of them ? Thanks for the advice and have a nice day

you are viewing a single comment's thread
view the rest of the comments
[–] HumanPerson@sh.itjust.works -2 points 1 year ago (2 children)

I am not sure. I personally don’t trust selinux because it was developed my the nsa, though that is just me being tinfoil-hat-ish about it. I am a fan of clamav / clamtk for files you think are sketchy (“alternatively obtained” games and things.) I also use ufw but that is more of a thing for servers if I’m not mistaken. If you use ssh server on your laptop, you should get fail2ban or sshguard. While the whole “Linux can’t get hacked” thing is wrong, as long as you stay updated and don’t be stupid you should be protected from automated scripts which is all desktop users really need to worry about.

[–] Theoriginalthon@lemmy.world 2 points 1 year ago (1 children)

I put fail2ban on everything, and I manage to lock my self out of systems at least once a month, so I guess it's working as intended.

[–] HumanPerson@sh.itjust.works 1 points 1 year ago

I like sshguard simply because I couldn’t get the fail2ban daemon running and sshguard started right up. I don’t know how the functionality compares but it is simple and never messes stuff up.

[–] Hercules@lemmy.world 1 points 1 year ago (2 children)

Thanks for the time to anwser. What is the diffrents between ufw and systemds firewall ?

[–] HumanPerson@sh.itjust.works 3 points 1 year ago

I’m not familiar with systemd’s but as long as you use a firewall and configure it properly you are fine.

[–] Helix@feddit.de 1 points 1 year ago (1 children)

Which systemd firewall are you talking about?

[–] Hercules@lemmy.world 2 points 1 year ago (2 children)
[–] danielfgom@lemmy.world 2 points 1 year ago (1 children)

Use UFW - uncomplicated firewall. Some distros install it by default. Its very easy to use whereas other firewalls are super complicated

[–] Hercules@lemmy.world 2 points 1 year ago (2 children)

I currently use firewalld is their a diffrents in terms of security ?

[–] nous@programming.dev 6 points 1 year ago (1 children)

I dont think so. Both UFW and firewalld are just frontends - they don't actually do any work themselves. That is all handled by the iptables or the newer nftables kernel modules inside the kernel itself, the major difference will be in what rules they create but both should be able to create the same rules for either of these kernel APIs. UFW is what ubuntu uses by default I believe and firewalld what a lot of other distros use by default.

[–] Hercules@lemmy.world 1 points 1 year ago

Thanks this was a very usefull anwser!!!

[–] Helix@feddit.de 1 points 1 year ago* (last edited 1 year ago)

No, only the configuration syntax is different. If you know what you're doing in configuring them both are fine.

[–] Helix@feddit.de 1 points 1 year ago

They're pretty similar but firewalld allows more complex rules without resorting to plain iptables syntax. Try both and see what you like better.