- Oct 3, 2022
- 614
In my pursuit of secure OSes, I have come to AlpineLinux which claims to have a security focus.
The install gives you a minimal version of Linux which is neither System V based nor Systemd based. You have to add a desktop environment as the next step using a script which downloads it thru the web. As I am most familiar with Gnome so I chose that. Here's the guide:
The package manager is their own named apk. Very simple syntax: apk add <package name>, apk search cmd:<command name> or apk search <package name>. apk del <package name>.
You add the firewall by via "apk add ufw iptables". Ufw is the familiar one used by Ubuntu. The guide is here: Uncomplicated Firewall - Alpine Linux
Apprmor is a mandatory access control layer, used by Ubuntu, Debian, USE etc. To add apparmor, you have to follow their guide because the package itself does Not insert the kernel module nor activate it on bootup. AppArmor - Alpine Linux
They recommend ProtonVPN Free. And here's the guide: Proton VPN - Alpine Linux
They do have the sucricata IPS/IDS package, but it lacks a guide. I have not figured out how to activate it.
Minimization is the key benefit of this distro IMHO. Few moving parts. And complexity is the known enemy of security. With too many knobs and swtiches you won't know what setting combinations are secure.
The install gives you a minimal version of Linux which is neither System V based nor Systemd based. You have to add a desktop environment as the next step using a script which downloads it thru the web. As I am most familiar with Gnome so I chose that. Here's the guide:
The package manager is their own named apk. Very simple syntax: apk add <package name>, apk search cmd:<command name> or apk search <package name>. apk del <package name>.
You add the firewall by via "apk add ufw iptables". Ufw is the familiar one used by Ubuntu. The guide is here: Uncomplicated Firewall - Alpine Linux
Apprmor is a mandatory access control layer, used by Ubuntu, Debian, USE etc. To add apparmor, you have to follow their guide because the package itself does Not insert the kernel module nor activate it on bootup. AppArmor - Alpine Linux
They recommend ProtonVPN Free. And here's the guide: Proton VPN - Alpine Linux
They do have the sucricata IPS/IDS package, but it lacks a guide. I have not figured out how to activate it.
Minimization is the key benefit of this distro IMHO. Few moving parts. And complexity is the known enemy of security. With too many knobs and swtiches you won't know what setting combinations are secure.
Last edited: