Linux Hardening Part 0 - Introduction

Hardening - what is it and why should we take it seriously?

Let us begin with the basics, what is hardening and why should we harden our systems?
Hardening is the practice of improving a systems security by limiting vulnerabilities and minimizing its attack surface. The purpose of hardening is to lower the risk of security breaches and raise the Linux system's resistance to attacks. If your organization has systems that manage sensitive data, manage vital infrastructure, or are accessible via the public internet you should pay special attention to this.

The hardening process

I do like to begin by stating the scope of this article series. I will be working on a Debian system, and I will skip the fundamentals of hardening and instead focus on a few specific in-depth hardening methods. The reason I chose to skip the fundamentals is simple: I prefer in-depth hardening, and there are numerous writings on the subject already available. And I like to define the Hardening process I use as being based on industry and federal standard baselines, as well as documentation from various community projects conducted by carefully selected competent individuals in this field.

Here are some examples of general steps for hardening a Debian system:

• Keep the system up-to-date with the latest security patches.
• Use a non-root user for daily tasks and lock down the root account.
• Configure firewall rules with iptables or ufw to limit incoming and outgoing network traffic.
• Use encrypted protocols, for example SSH and SFTP instead of unencrypted ones like Telnet and FTP.
• Encrypt/secure your confidential data.
• Use MFA and strong passwords and regularly change them.
• Enable logging and monitor logs regularly for suspicious activity.
• Install the minimum amount of software required, from a reliable source.

What we will learn about here is some of the more in-depth steps to secure the Debian system:

• Disable unnecessary services and network-facing daemons.
• Mandatory access control (MAC).
• Sandboxing.
• Hardened memory allocator.
• Limit access to sensitive files and directories with permissions and ownership.
• Partitioning the system and use mount options.
• Kernel hardening.

​According to this list, a blog article would be far too long to cover everything I want to include. As a result, I will divide the posts based on the in-depth points I made. That is why I call this article Part 0.
Why do I begin with Linux Kernel Hardening as part 1, simply because it's one of my favorites. So, keep your eyes out for the Linux Kernel Hardening - Part 1 article, which will be published soon.