Ok thanks. This all sounds quite simple. /s
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) urge system administrators to prioritize patching known security vulnerabilities - especially those being exploited by foreign threat actors.In short: Install your Linux Updates!
ShadowAce you could probably make good money while providing a needed linux proxy service that acts as a front-end sentry for home users. It should handle everything... web access, email, file transfers, text messaging, ...etc. The sentry could filter all the crap and stop the malware from hitting the subscriber machine. One master guard can monitor and kill off an infected sentry, reformat it, and respawn it.
Title seems like it should be; Top Tips on securing your Linux server in 2021.
That’s my web hosting company’s job. I merely need to log in securely with SSH & keys or SFTP and make sure my php scripts, like WordPress, are secure and up to date. I use a VPN and have a firewall on my system, Kubuntu.
bump
The note about updating your routers is important, but kinda hard for most folks to do anything with. Most cable modems that I have seen, especially those provided with internet service are simply never issued updates. What I’ve done to get around it is to have the ISP device be merely the initial door. Everything must then pass through a DD-WRT router, which is what actually what handles all of the internal routing and security.
I’m not as happy as I could be with DD-WRT’s updates, but even infrequent updates are better than none at all.
My admittedly simplistic approach?
No open ports. My machine is a client not a server. Does that make me 100% safe? Of course not but it’s something.
Also i found selinux painful to deal with before i gave up and turned it off.