Author Archives: netblue30

Linux Security 101: Hardening Your System for The Common Geek

Firejail Download page

This guide will be a beginner-friendly walthrough of hardening your Linux system. This does not have to be done all at once. Feel free to ease into it–or take it even further as I’ll also be providing recommendations for more advanced users throughout. Just go at your own pace, crank up some music, and makeit your own.

My goals for this guide:

  • Demonstrate how to achieve excellent security without impeding usability
  • Introduce newbies to Linux security basics
  • Provide plenty of information for more seasoned Linux users
  • Make the hardening process smooth and streamlined

    more

    Advertisements

NULL BYTE: Using Ubuntu as Your Primary OS, Part 3 (Application Hardening & Sandboxing)

Once you’ve installed Ubuntu with security in mind and reduced the possibility of network attacks on your system, you can start thinking about security on an application level. In the event that a malicious file is opened on your system, will an attacker be able to access every file on the computer? The chances are much slimmer if you put the proper defenses in place.

In this third part to our mini-series on strengthening your primary Ubuntu installation, you’ll learn how Ubuntu package repositories work, which repos you should avoid, and how to update. Also, you’ll see how to import additional AppArmor profiles to limit resources that apps can use, as well as create sandboxes to completely isolate unsafe applications from the operating system.

more

Linux.com: How and Why to Secure Your Linux System with VPN and Firejail

I am very fond of combining both VPN and Firejail on my travel laptop (where I cannot use QubesOS), but I have recently discovered that I was leaving myself exposed to online tracking via so-called “WebRTC leaks.” My VPN provider offers a convenient testing page to see how well protected my connection is, and they very helpfully alerted me to this problem:

more

Regginator: Using Firejail to sandbox applications in Linux

This guide shall let the reader be informed about the usage of firejail. Additionally, the reader shall be informed about how to use firejail profiles efficiently. Video and audio support are present and are excellent. At the end of the guide, the reader shall have the ability to run X11 applications in an arbitrary home folder using a custom configuration I made.

more

Addictive TipsTV: How to set up Firejail on Linux

Linux has a reputation of being fairly secure, and out of the big three operating systems it runs into far less issues when it comes to privacy. Still, as secure as Linux can be, there’s always room for improvement. The app is the most popular program sandboxing tool on Linux. It is because of this, many Linux distributions have decided to ship this software.

more.

r/linux: Is desktop Linux completely missing the point when it comes to security today?

And so I remembered something I’ve considered many times before regarding root and security in Linux (but also other operating systems): I actually don’t care about root access.

Sure, it would be annoying to reinstall my system if a program were to mess with the system files. But the only thing I really care about are my personal files. And ANY program I run could read all my files (privacy, and other secrets) and encrypt or simply destroy them all. That is what I care about – and there is no security for this at all – but instead I’m being pestered about root access, which really doesn’t matter to me. I might also care about access to my camera, or what programs are talking to the internet, etc.

Authorization (from xkcd.com)

more

Parrot 3.10 is out

We are proud to announce the release of Parrot 3.10, the latest version of our security oriented GNU/Linux distribution.

The first big news is the introduction of a full firejail+apparmor sandboxing system to proactively protect the OS by isolating its components with the combination of different techniques. The first experiments were already introduced in Parrot 3.9 with the inclusion of firejail, but we took almost a month of hard work to make it even better with the improvement of many profiles, the introduction of the apparmor support and enough time to make all the tests.

more