Articles are paginated with only three posts here for example. You can set the number of entries to show on this page with the “pagination” setting in the config file.
Securing your SSH connection is crucial - I’ve seen this go wrong when a friend of mine had his server compromised due to a weak SSH setup. In today’s world, with cyber threats lurking around every corner, hardening your SSH setup using Linux kernel’s built-in features and sysctl tweaks is essential. This article will guide you through the process of securing your SSH connection using practical examples and commands.
[Read More]Mandatory Access Control (MAC) is a security framework that enforces access control decisions based on a set of rules, rather than relying on user identity or group membership. On Linux, one of the most popular MAC implementations is SELinux (Security-Enhanced Linux) and AppArmor. I’ve found AppArmor to be generally easier to use and more widely supported, so we’ll focus on hardening your Linux desktop using AppArmor.
[Read More]I’ve seen many Linux systems compromised due to lack of proper hardening. To prevent this, you can use a combination of Mandatory Access Control (MAC) and namespace isolation. These two security features can help prevent unauthorized access to sensitive data and system resources. In this article, we’ll explore how to implement MAC and namespace isolation on a Linux desktop.
Mandatory Access Control is a security feature that enforces a set of rules defining what actions a user or process can perform on a system. One popular MAC system for Linux is SELinux (Security-Enhanced Linux), which was integrated into the Linux kernel in 2003. SELinux provides a robust security framework that can help prevent attacks such as buffer overflows and privilege escalation. Don’t bother with other MAC systems unless you have a specific reason to - SELinux is well-maintained and widely supported.
[Read More]I’ve seen many Linux users overlook AppArmor, but it’s a powerful tool for locking down your system. AppArmor is a Mandatory Access Control (MAC) system that restricts the actions of applications and services, providing a robust way to prevent malicious or compromised apps from causing harm. In this article, I’ll walk you through how to use AppArmor to boost your Linux system’s security.
To get started, you’ll need to install the AppArmor package on your Linux system. On Debian-based systems, this is straightforward:
[Read More]As a Linux user, you’re probably already thinking about how to harden your system for security. But when it comes to laptops, this process is even more crucial. I mean, think about it - laptops are portable, and they’re often connecting to various networks, some of which might not be entirely trustworthy. The rise in public Wi-Fi exploits in recent years only adds to the importance of securing your laptop. In this article, we’ll focus on firewall rules and network profiles to help you navigate these scenarios securely.
[Read More]I’ve seen seccomp, short for “secure computing,” become an essential tool in my Linux toolkit. It’s a Linux kernel feature that lets you filter system calls, effectively limiting what a process can do. This is especially useful when running containers - it helps prevent a compromised container from causing damage to the host system. In this article, I’ll explore how to use seccomp to lock down container privileges in Linux.
[Read More]I’ve been using AppArmor for years to add an extra layer of security to my Linux systems. It’s a Mandatory Access Control (MAC) system that lets you restrict what applications and services can do. By defining a set of rules, you can control file access, network connections, and system calls. This helps prevent malicious activities and gives you more peace of mind.
To get started with AppArmor, you’ll need to install the apparmor package. On Debian-based systems, I usually start with:
I’ve been using Linux for years, and one feature that’s really caught my attention is Kernel Lockdown Mode. This security feature restricts access to certain kernel features, making it more difficult for an attacker to escalate privileges or modify the kernel. It was introduced in Linux kernel 5.4, back in 2019, and has been improved in subsequent releases. As of 2026, Kernel Lockdown Mode is a mature feature that can be easily enabled on most Linux distributions.
[Read More]As a Senior Linux Security Architect, I have witnessed the evolution of Linux kernel vulnerabilities and exploitation techniques over the years. In 2025, we saw a significant increase in the number of reported vulnerabilities, with many of them being critical in nature. In this blog post, we will discuss the current trends in Linux kernel vulnerabilities and exploitation in 2026.
The Linux kernel is a complex and widely used operating system, which makes it a prime target for attackers. In 2025, we saw a number of high-profile vulnerabilities, including CVE-2022-32250, which allowed attackers to escalate privileges and gain control of the system. These types of vulnerabilities are a major concern for system administrators and security professionals.
[Read More]As we move forward in 2026, it’s essential to reflect on the Linux kernel vulnerability landscape of 2025 and how it has shaped the current trends in exploit development and mitigation. In 2025, the Linux kernel community witnessed a significant number of vulnerabilities, including CVE-2022-4378 and others, which were promptly addressed through kernel updates and patches. This blog post will delve into the current state of Linux kernel vulnerability mitigations and exploit development, highlighting key trends, techniques, and best practices for security professionals.
[Read More]