Secure ArchLinux Installation part 3 - Basic Hardening

Показать описание

I'm gonna be honest, you probably probably won't find anything groundbreaking here and I'm not gonna act like I've discovered a mother-lode, but with this vid I'm completing the "Secure Linux Laptop" series. I hope you've managed to end up with reasonably secure laptop that is still convenient to use.
In the future I'll probably cover things not mentioned in this vid, but they require a whole lot more R&D.

EDIT: Many thanks to @machorius and @Greg ts for pointing out the NTP SNAFU, this part has been cut from the video.

00:00 - Intro
00:30 - Firewall
02:08 - Kernel params
03:16 - Port audit
03:30 - Password manager
04:10 - Final remarks

All scripts and config can be copy&pasted from here:

Other security security guides worth checking out (possibly scary and really advanced, some tips are meant for servers):

Socials:

Рекомендации по теме

Комментарии

Repository with all things written out so you can copy&paste:

DCTekkie

i made a joke on the previous video about coming for asuka/evangelion and staying for arch linux, but these tutorials are actually pretty good. im considering distrohopping from manjaro to arch because manjaro has a shit ton of bloat and it’s own package repository which they mess up regularly somehow

WarpOverload

Thank you for the series, it was very informative.
I've been using arch for a long time, both on my desktop and my laptop/tablet, but, apart from the firewall, I've never really made my installations secure. I don't think that I'll ever need luks on my desktop, but on my laptop it can be a good thing for sure, I'll see if I can enable it without reinstalling everything.

I have a question for you: do you think that a MAC system is a good thing to use on arch for security? I tried AppArmor a long time ago, but apart from it polluting the logs, it didn't seem to do much. Probably was just misconfiguration on my part

_marvix_

I'm a comp sci student so I'm totally comfortable reading shit.
But where can I learn so much about Linux sysadmin stuff?
I use Arch btw (dwm).

savantshuia

Never miss like always but I do agree with @gregoireSB93, you shouldn't use NTP as it is unencrypted especially since the goal is to create a very secure Arch Installation. I like how you had the little writing parts explaining your thinking throughout the video, nice touch :)

machorius

What game were you playing at the end of the video?

jimwatford

BOSS I AM NEW TO LINUX

Where to start learn deeply about linux any channel or book can you make video

பத்ரிநாத்

I was thinking about the same setup but with one time password to unlock both DM and storage Encryption.

Eyuphuro

Secure ArchLinux Installation part 3 - Basic Hardening

Secure ArchLinux Installation part 3 - Basic Hardening

Secure ArchLinux Installation part 2 - User Interface with Sway

Arch Linux Installation Part 3 - Gnome

The Biggest Linux Security Mistakes

Arch Linux: A ℂ𝕠𝕞𝕗𝕪 Install Guide

Arch Linux Install Extras 3 - Custom Kernel

Installing Arch in 15 Minutes: Desktop

Quick tips to improve Linux Security on your desktop, laptop, or server (hardening for beginners)

Hyprland - Wstęp do serii, Instalacja

What's the Best Operating System? #shorts

Arch Linux Post Install: Security

The COMPLETE Linux Hardening, Privacy & Security Guide!

Arch Linux Hardening -- Kernel & iptables Part 3

Run Arch Linux from USB Hard Drive on Raspberry Pi -pt.1- (Arch Linux / KDE)

Install Arch Linux (ALSA audio, hosts file) Part 3

Make your own Arch Linux Spin part 3 of 5

Hacking into Android in 32 seconds | HID attack | Metasploit | PIN brute force PoC

Arch install on a T25 Part 1: Windows 10 resize

How to Install ArchStrike- Security Layer on Arch Linux

Arch Linux OpenBox Part-5 Polkit, File Manager, Web browser, Text Editor(GUI)

How to Make Arch Linux Stable and What NOT to Do!

if you sleep near your PC... #shorts

2016 Arch Linux EFI Install Guide Part 1 - Preparation and Disk Partitioning

3 Ways To Securely Erase A Hard Drive On Linux