Linux security

Well, i see so many threads about how shitty is Windows security. Well whats about linux security? What tools are you using to protect your machine?
Me: ClamAv, RkHunter, installing only from repos

Other urls found in this thread:

pastebin.com/5XfDX4wL
twitter.com/SFWRedditVideos

>using security tools
Are you new?

Clamav for scanning remote storage and email attachments for windows malware.

First time I hear about rkhunter, will check it out.

i run nothing as root, install only from known sources, block all ads, don't have flash.

git clone $repo
cd $repo_dir
if [ $(grep -rE "virus|malware|telemetry|eula|EULA" . | wc -l) == 0 ]; then
./configure
make
sudo make install
fi

>asking about security
>in a board that preaches linux
>because windows has no security
>but nobody is interested in linux security

this is the Sup Forumsmeme. nobody gives a fuck about security on this board. too many of these fags complain windows is insecure but then have no desire to learn /sec/.

On my desktops I don't think there is really anything special I need to do, they are behind a router with firewall so they arent open to the world, and I only install from my distro repos and don't run anything as root unless it is required for a reason, and I don't run random scripts from the internet without checking what they do

On basic web servers I got which are exposed to internet I usually setup Fail2Ban to ban brute forcing IP addresses, disable root login to SSH without password if not already disabled by default, restrict access to only specific user through SSH, and of course use strong passwords (which you should do anyway everywhere)

Missing anything necessary?

Antivirus shit is only nesaacary if you're a retard

>install programs only from official repos

That's about all you need to do, if the official repos get compromised there isn't much you can do but hold off on updates.

It's not great.

Nothing because linux is so secure that despite being by far the most used kernel, exploits can virtually never be used and are almost never seen in the wild.

this couldn't be further from the truth. are you saying this ironically or do you actually believe this?

Install a BSD and jails
Write ansible script to bootstrap
Don't carry sensitive data on this OS
Only carry low-level passwords
Scan downloads and only transfer to ssh mount for archiving
Use CLI as much as possible
Check latest security erratta and CVEs on my installed software and rewrite ansible to patch
Reformat and reinstall every month
Install only require packages to work and upload files to the web or for archiving
Use a non gimped bootloader
Write your own architecture for the future

What if Linux users are so fucked they dont know?

>using an os without aslr

ClamAV is only if you're running a mail server that will go to windows computers.

I do not use su or sudo, my user session never goes root.

I log as root on virtual console after sysrq+k only.

an attacker can still do privilege escalation through kernel exploits though

I know.

Sorry Windows guys, Linux is just too solid. I mean if Linux was as easy to exploit as Windows, company's servers would be held at ransom all the time.

while it's not EASY to exploit, 0days are fairly common and found on a semi-regular basis. so you're wrong.

Use this guide pastebin.com/5XfDX4wL

Needs to replace grsec for RSBAC and it gets pretty hardcore with each level, but is your choice how much secure you want to get

Has anybody forked grsecurity yet?

I'm lazy so it is Maldet+ ClamAv or ConfigServer eXploit Scanner + ClamAV combined with rkhunter and often ebury checks as that shit spreads like wildfire.