Nine tips to enhance Linux Desktop Security

Article Title: Nine tips can enhance Linux Desktop Security. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.

Many people think that Linux is safer than Windows. However, today, security is even more important. This kind of security still requires the correct configuration of users. This kind of security does not have to be achieved through some specialized security software or technology. Sometimes, the best way to ensure security is the one that is most easily forgotten.

Whether you are a Linux starter or a skilled user or administrator, the following nine measures can help you enhance the security of your Linux Desktop.

　　It is important to lock the screen and log out.

Many users may have forgotten that Linux Desktop is a multi-user environment. Because of this, another user can log on after a user logs out of the desktop. This not only means that others can use your screen, but also means that users should log out in time after completing their work.

Of course, logout is not the only choice. If you are the only user of the system, you can also lock the screen. Locking the screen means entering a password when the user enters the desktop again. The difference between it and logout is that when the screen is locked, the application is still running after the user leaves the computer. After entering the desktop, you can continue the original work.

　　Hide files and folders

In Linux, files and folders are hidden by using. For example, if two files exist in the testfilefolder folder, you can run the ls command to view them. However, after running the command mv adsl-stop. adsl-stop, you can only see one file with ls. This indicates that you can use music videos to hide files that are not expected to be viewed by other users. Of course, you can use the ls-a command to view all files, whether or not they are hidden.

Have a good password

The password of a Linux User is as important as the key of the gate. If a user gives the key to many people, what should he do with the lock? Of course, it is better to make the key easily, that is, it is better not to guess the user's password. If you are using Ubuntu and other release versions, this password may give users more access. In any case, the user's password must be strong. If you are not sure whether your Password is suitable, you can use the automatic Password Generator software to create a safe and random Password for you.

Do not install file sharing applications

Many users share some files. If you want to run this function, you should know the risks. Especially if you use this function in the workplace, it will not only share your own files, but also involve other users of the company, and the entire desktop is handed over to other illegal users. Therefore, do not install the file sharing tool for security reasons.

Regular upgrade

Users who have used Windows have been "impressed" by Microsoft's regular release of Operating System and Application patches. However, Microsoft's patch release speed is far slower than that of Linux kernel. In the Linux world, after a security vulnerability is discovered, patches can be released in hours or minutes.

Install anti-virus

Do not think that the possibility of system problems caused by viruses is minimal. We recommend that you use a robust Virus defense tool to ensure that emails sent from your machine do not contain bad code or affect other systems on the company's network.

SELinux is worth a try

SELinux can well lock access control for applications, although some people think SELinux is unsatisfactory, such as it may affect system performance, however, you may find other applications for installation. However, based on my experience, SELinux brings far more security benefits than its negative impact. During the installation of Fedora, you will have the opportunity to enable SELinux.

Creating/home on an independent partition is a safer method.

In the default Linux installation, the/home directory is placed in the root directory of the system. This may be a good method, but you need to note that because this is a standard installation method, anyone who can access your system will clearly know where the data is. Moreover, if your machine has some problems, how can your data be safe?

The solution to this problem is that you should place/home on a completely different hard disk or partition. This may not be a great deal, but if you really care about data security, try it.

Terminate or disable unnecessary services

You use a desktop machine instead of a server. Therefore, it is unnecessary to run nfs, httpd, ftpd, sshd, and other services. It can be said that ordinary users should not run these services at all, they can only bring risks to ordinary users. Therefore, do not run these services. For example, the method to terminate the NFS service is #/etc/init. d/nfs stop. You can check the/etc/inetd. conf file to see if all unnecessary services have been canceled. This method is simple but effective.