Arch Linux

7764 readers

5 users here now

The beloved lightweight distro

founded 4 years ago

MODERATORS

k_o_t@lemmy.ml

How do you secure Arch? (lemmy.zip)

submitted 10 months ago by driveway@lemmy.zip to c/archlinux@lemmy.ml

25 comments fedilink hide all child comments

I have my firewall configured pretty restrictively. I am attempting to configure AppArmor but it seems to complicated.

How do you secure your desktop?

you are viewing a single comment's thread
view the rest of the comments

[–] Cyber@feddit.uk 12 points 10 months ago

It all depends on your usecase to define the risk vs effort.

I work in a cyber security role, yet my personal laptop has minimal security, because it doesn't need it. Am I keeping military secrets on it? No. Does it contain bank records? No. So no full disk encryption, no app sandboxing, no AV scanning.

My work laptop... well, that's a different case altogether.

My advice: do 1 thing at a time and make sure you understand it. For example, do you need a SSH server on a desktop device? Just disable it and that's it secured. No need for additional jails, fail2ban, firewalls, etc... now it's easier to maintain, which improves your overall security posture.

Have a look at Lynis and CIS-CAT, etc to audit your system... if it's vulnerable and you don't use it, remove it.

That's why I use Arch... it only has the components you need.