====== Linux Hardening Guide ======

== 1. Keep the System Updated ==

Regularly update the operating system and installed packages using package managers like:

Debian/Ubuntu: sudo apt update && sudo apt upgrade

RHEL/CentOS: sudo yum update

Arch Linux: sudo pacman -Syu

Enable automatic updates when possible.

== 2. Minimize Installed Packages ==

Remove unnecessary packages and services to reduce vulnerabilities.

Use apt purge, yum remove, or pacman -Rns to uninstall unused software.

== 3. User and Access Control ==

Disable root login and use sudo for administrative tasks.

Set strong passwords and enforce password policies.

Use the principle of least privilege (POLP) for user accounts.

== 4. Secure SSH ==

Change the default SSH port (e.g., from 22 to another port in /etc/ssh/sshd_config).

Disable root login via SSH (PermitRootLogin no).

Enable key-based authentication and disable password authentication (PasswordAuthentication no).

Use firewall rules to restrict SSH access (e.g., using iptables or ufw).

== 5. Configure a Firewall ==

Use iptables, firewalld, or ufw to manage firewall rules.

Allow only necessary inbound and outbound traffic.

Example: sudo ufw allow 22/tcp (if using SSH on port 22).

== 6. Implement Security Modules ==

Enable SELinux (on RHEL-based systems) or AppArmor (on Debian-based systems) for mandatory access control.

Example:

Check SELinux status: sestatus

Enable AppArmor: sudo systemctl enable apparmor

== 7. Monitor and Log Activities ==

Enable and configure system logging using rsyslog or journalctl.

Use tools like auditd for detailed auditing.

Regularly review logs in /var/log/ for suspicious activity.

== 8. Use Intrusion Detection and Prevention Systems ==

Install and configure tools like:

Fail2Ban to block brute-force attacks.

AIDE (Advanced Intrusion Detection Environment) for file integrity monitoring.

== 9. Encrypt Data and Communications ==

Use LUKS for disk encryption.

Ensure sensitive communications use TLS/SSL (e.g., HTTPS, OpenVPN).

Secure sensitive files with GPG encryption.

== 10. Backup and Disaster Recovery ==

Regularly back up important files and system configurations.

Use tools like rsync, tar, or Timeshift for backups.

Store backups securely and test recovery procedures periodically.

== Conclusion ==
Following these hardening steps will significantly improve the security of a Linux system. Security is an ongoing process, so regular monitoring and updates are essential to maintaining a secure environment.