Part 1
Don't run an antivirus on linux but make sure you:
-blacklist at least 5000 kernel modules
-if your on ubuntu download via https and not the default http
-tweak your sysctl values for better security
-use chrony so nobody messes with your system time
-configure your firewall properly
-install intrusion detection system or buy a hardware firewall with inline intrusion prevention system
-buy pro rules cos without those ips is mostly useless
-review for all 800 something packages lines of code and see regularly what new upgrades change
-enable all known mitigations for your cpu from grub
-deny remote login as root
-change shadow settings so new files have less privileges by default
-change permission for boot/root/modules so only root can read/write
-change user permission from 755 to 700 so only you can see your own files and not other users on the system
-run hardened-kernel
-update daily
-use apparmor/firejail for the browser
-do not fuckn' run sysd, 'be a hatter'
-tweak your firefox privacy/hardening advance settings
-use su instead of sudo
-sleep 5 minutes
-drink you coffee black
-2-3 couple of tweaks for the shared memory
-don't use a random generator for your passord *new
-deny system wide everything bellow tls 1.2
-disable quic/http3 block port 443 for udp protocol
-increase kernel entropy from 16 bit to 32
-sleep 5 minutes
-Slava Ukrainini for at least 30 min/day
-Swear Putin 3-7 times/day

· · Web · 3 · 1 · 2

use su instead of sudo
don't run any setuid program*

also don't use hyperthreading, saying this before inference or zenix


@dem32 me too but i think we should cut the crap bout linux doesn't need an AV part. Yeah it doesn't need an AV but not because it can't get infected but because linux users are more knowledgeable in how to prevent being owned. So n00bz should still get some extra layer to have their back in case they execute all pdf's from Elon Musk telling them they won Nobel Peace Prize.

Sign in to participate in the conversation

Starnix is a community effort lead by FOSS enthusiasts for the purpose of establishing ActivityPub Software and promoting Fediverse usage. The primary topics for this Mastodon instance include but are not limited to software technology, including FOSS, Unix and Unix-like operating systems, and gaming.