- Oct 3, 2022
- 645
Ubuntu hardening. Not a script. Just follow along and paste in the commands.
Last edited:
on Fortify Ubuntu: hardening Ubuntu this is your website?? or you can post / save pdf files there...Updated the PDF to include safe Firefox settings
Yes that is my web site.this is your website?
fwiw I've been going thru fedora 41 with chatgpt using lynis & other apps to harden fedora. I was sorta surprised by varoius "unsafe" notations including the kernel too. Helpful learning experience for me.More security added to Firejail Ubuntu 24.04 settings: see PDF at: Fortified Ubuntu: hardening Ubuntu 24 Desktop .
What do you mean by notations ?"unsafe" notations
here's what I see in shell, you run lynis and sample output eg = wpa_supplicant.service > 9.6 UNSAFE and when you dig a little there are suggestions to harden it, eg, for this service I stopped and masked it. 9.9 or 10 score is max unsafe. the number of kernel services in default installation marked unsafe surprised meWhat do you mean by notations ?
There is already a more hardened version of Fedora GitHub - secureblue/secureblue: Hardened Fedora Atomic and Fedora CoreOS imagesfwiw I've been going thru fedora 41 with chatgpt using lynis & other apps to harden fedora. I was sorta surprised by varoius "unsafe" notations including the kernel too. Helpful learning experience for me.
well I did see a reference to Atomic, but didn't know what it was. My lynis hardening index keeps increasing so this fun, and I think I'm pretty safe (famous last words) -- for some reason that I do not fully understand, I really like fedora.There is already a more hardened version of Fedora GitHub - secureblue/secureblue: Hardened Fedora Atomic and Fedora CoreOS images
Fedora is really nice and by default it's a very secure distrowell I did see a reference to Atomic, but didn't know what it was. My lynis hardening index keeps increasing so this fun, and I think I'm pretty safe (famous last words) -- for some reason that I do not fully understand, I really like fedora.
I read thru the new hardening pdf -- I knew or understood about 90% of it from working on my linux. Curious about Wazuh, I was looking at it earlier today before I saw your post. It looked somewhat complicated and did not have time to read its docs. Can you install and run it on default successfully as you find the time to learn it. I am currently working thru AIDE.Hardening Guide updated again. Changes to firejail protection + changes to the firefox .desktop file.