Securing your SSH connection is crucial - I’ve seen this go wrong when a friend of mine had his server compromised due to a weak SSH setup. In today’s world, with cyber threats lurking around every corner, hardening your SSH setup using Linux kernel’s built-in features and sysctl tweaks is essential. This article will guide you through the process of securing your SSH connection using practical examples and commands.
[Read More]Mandatory Access Control (MAC) is a security framework that enforces access control decisions based on a set of rules, rather than relying on user identity or group membership. On Linux, one of the most popular MAC implementations is SELinux (Security-Enhanced Linux) and AppArmor. I’ve found AppArmor to be generally easier to use and more widely supported, so we’ll focus on hardening your Linux desktop using AppArmor.
[Read More]I’ve seen many Linux systems compromised due to lack of proper hardening. To prevent this, you can use a combination of Mandatory Access Control (MAC) and namespace isolation. These two security features can help prevent unauthorized access to sensitive data and system resources. In this article, we’ll explore how to implement MAC and namespace isolation on a Linux desktop.
Mandatory Access Control is a security feature that enforces a set of rules defining what actions a user or process can perform on a system. One popular MAC system for Linux is SELinux (Security-Enhanced Linux), which was integrated into the Linux kernel in 2003. SELinux provides a robust security framework that can help prevent attacks such as buffer overflows and privilege escalation. Don’t bother with other MAC systems unless you have a specific reason to - SELinux is well-maintained and widely supported.
[Read More]