Advanced Security R3j3ct's Home Laptop Config 2023

[R3j3ct]

This is my security config on my Laptop for 2023.

 

[Ink]

Use Other OS (desktop) field to share the Linux Distro name/version. Are you using Ubuntu or another distro?

 

[R3j3ct]

Yes, and i have edited the post to show.

 

[R3j3ct]

all i got for a update, switched from ubuntu to linux mint, and i find it less of a pain in the ass then ubuntu and the mess they had a few months ago with the updates and blah...

 

[ZeroDay]

Looks good to me.

 

[Ultimate Vision]

Good to see you are using timeshift, excellent program. With apparmor are you running standard security profile, or is yours custom, have you added profile extras, if so what issues did you run into that needed corrected via applications.

chrootkit vs rkhunter.
chrootkit only scans for rootkits on the local host whereas rkhunter verifies consistency of a configuration, symlinks in file system, open TCP sockets on a localhost ect. I personally use rkhunter.

There is also a tool called Lynis you can look into, a paid and free version. It is a system auditing tool that can help you learn of CVE's and harden your system.

 

[R3j3ct]

Good to see you are using timeshift, excellent program. With apparmor are you running standard security profile, or is yours custom, have you added profile extras, if so what issues did you run into that needed corrected via applications.

I am just running standard security profiles, i didn't want to try any custom or profile extras mainly cause i'm lazy and don't want to fix/deal with any experimental profiles.

There is also a tool called Lynis you can look into, a paid and free version. It is a system auditing tool that can help you learn of CVE's and harden your system.

yea, i forgot to run Lynis, might get to that today!

 

[Ultimate Vision]

I am just running standard security profiles, i didn't want to try any custom or profile extras mainly cause i'm lazy and don't want to fix/deal with any experimental profiles.


yea, i forgot to run Lynis, might get to that today!

Not much point in running Linus if you do not wish to finagle and mess with the system, as it requires quite a bit to "harden" the system, Linus just shows you where it needs to be done.

 

[R3j3ct]

lmao, i hear you! but i ran lynis to just see! lynis gave me a score of 70 which i think i just fine for what i use this for...never the less, being new to linux full-time that is, i always want and accept knowledge! i was at 60+ before i ran lynis, i added fail2ban & debsum i think it was, checks hashes of software i think...is there anything i should be paying attention to and am not doing it already?

 

[Ultimate Vision]

lmao, i hear you! but i ran lynis to just see! lynis gave me a score of 70 which i think i just fine for what i use this for...never the less, being new to linux full-time that is, i always want and accept knowledge! i was at 60+ before i ran lynis, i added fail2ban & debsum i think it was, checks hashes of software i think...is there anything i should be paying attention to and am not doing it already?

I would state you are more than likely fine other than watching those URLs since you do your banking and buying online.