13 important privacy and security settings in Ubuntu Linux

s2 0

Everyone should be concerned about their privacy and security these days. It’s a common misconception that Linux doesn’t mean you don’t have to worry about privacy and security issues. Every operating system carries risks and vulnerabilities that can be exploited and leave you vulnerable.

This article will tell you more about best practices you can follow to avoid privacy risks and leaks.

Protect your user account with a strong password

This is mandatory. Always use password-protected user accounts even on desktop systems. Use a password that is highly complex but memorable to ensure a more secure system.

Do not use a general-use administrator account

Admin accounts had system-wide permissions, which is not advisable for general use. Always use a standard or basic account for daily use. You can check your account status by going to Settings> Users.

Set up your screen lock

You can lock your system manually with a simple shortcut Ctrl + Alt + L. However, you should always take care of screen locks by using a screen saver. Just go to Settings> Privacy> Lock Screen.

Activate lock screen

Update your system regularly

Make sure your system is up to date. Linux releases are updated regularly. These updates contain security packages that keep your security up to date. So start your Software Updater and install any new updates.

Install security updates regularly

Keep your system clean

Make sure that you only install applications that you need. More than necessary applications in your system not only slow down your system, but also expose it to more risks and vulnerabilities.

Clean up the system

Only browse websites with a valid SSL certificate

Whenever you browse a website and before giving any details, always make sure the website is secure by checking the color of the padlock icon in your url bar. This means that your data is transmitted using an SSL (Secure Socket Layer) protocol and is not disclosed. Do not give any information if the padlock symbol is crossed out or red.advertising

Check that the websites SSL certificate is valid

Encrypt data

The full disk encryption option is available to users during the installation of Linux systems. Full disk encryption encrypts your entire system and you even need a key to start the system.

You can set this encryption setting during Linux installation. Under Installation type simply select the option Advanced Features and activate the options “Use LVM with the new Ubuntu installation” and “Encrypt the new Ubuntu installation for security”.

Encrypt hard drive

This encryption is hard to set up if you miss it when you install it. In this case, it is best to keep an up-to-date backup of your files and update them regularly.

Turn on your local firewall

Linux comes with an integrated ufw firewall. You can easily configure it with its GUI application gufw. Run the following command to install gufw.

sudo apt install gufw

Install firewall on Ubuntu

Activate the UFW firewall

Use a virtual private network (VPN)

You can go a step further to protect your network’s privacy and use a virtual private network. VPN hides and encrypts your network traffic so that you appear as a user from a different location and country than your own.

Limit privileged access with SELinux or AppArmor

SELinux and AppArmor are tools that users can use to define application restrictions such as access to processes and files. These applications ensure that the damage from attacks is contained and your other data is safe.

Activate SELinux or AppArmor

Check for rootkits

Rootkits are malicious software that stays hidden and can take control of your system without your knowledge. Use chkrootkit, a rootkit detection tool, to check for rootkits on your system.

You can install chkrootkit by running the following command

sudo apt-get install chkrootkit

Check for rootkits

After the installation, run the chkrootkit.

sudo chkrootkit

run chkrootkit

chkrootkit will scan your system for a while and let you know if there is rootkit on your system.

Restrict remote connection settings

Secure Shell Protocol (SSH) is a remote communication protocol that poses many risks to the privacy and security of the system. However, you can reduce the risk by making changes in the SSH configuration file by following the steps below

Pick a random free port that is not in use. Run the following command to verify that the new port is in use or that it is free.

nc -z 127.0.0.1 <port number> && echo "IN USE" || echo "FREE"

Restricting remote connections

First, run the following command to open the SSH configuration file

sudo nano /etc/ssh/sshd_config

Now look for the line with “Port 22” in the configuration file and change the port number to a new and free port number.

Next, look for “PermitRootLogin” in the configuration file. Now you can change it to “PermitRootLogin no” if you do not want to allow the root user to log in remotely.

Change the SSH port

However, if you still want the root user to allow remote login with an SSH keypair, change it to “PermitRootLogin prohibition password”.

Disable eavesdropping daemons

You have some standard applications that run listening daemons on external ports. Run the following command to look for such ports.

netstat -lt

Check running daemons

Now see if you need these services or not. And turn off the unnecessary services.

diploma

In this article, you have learned about some basic steps to take to increase privacy in the Linux system. If you have any more privacy tips, don’t forget to share them in the comment below.

13 important privacy and security settings in Ubuntu Linux