Debian

Hardening in Debian 10

Introduction

Hardening is defined as the process of securing your systems. Most users are satisfied with the default security settings and do not even bother to monitor these settings. This carelessness renders them vulnerable to security breaches because it is risky to simply rely on the default settings for providing perfect security. Oftentimes, the default settings are only there to create a false sense of security or an illusion, and many innocent users fall prey to this trap. Those who are concerned about securing their system prefer to take additional measures for enhancing security. This article will share some useful tips to use when hardening your Debian 10 system.

Tips for Hardening in Debian 10

To harden your Debian 10 system, make use of the tips discussed below:

Tip # 1

Some of the most critical security settings reside within the BIOS of your system. Therefore, non-administrative users should not be allowed to mess with these settings. To prevent this from happening, you must secure your BIOS with a password.

Tip # 2

Before installing Debian 10, you should encrypt your hard disk. This is done to ensure confidentiality. Even if your laptop or PC gets lost or stolen, no one would be able to access your personal and critical data if your hard disk is encrypted. So, you must do this step before it is too late.

Tip # 3

If you have highly critical data stored on your computer system, you should maintain regular backups of your data. These backups should be present both onsite and offsite so that, in case of a disaster, you can restore your data from the most suitable backup option available. Moreover, the files of highly critical systems should be kept on different partitions. This improves your overall system performance in addition to enhancing security.

Tip # 4

You should also keep your Debian 10 system updated and upgraded at all times to ensure that you have all the latest security patches available. To do so, perform the following steps:

1. First, launch the terminal. Click on the Activities tab present on your desktop and type ‘terminal’ in the search bar that appears. Click on the search result to launch the terminal window, as shown in the image below:

2. Next, type the following command in your system and press the Enter key:

sudo apt-get update

This command is also shown in the following image:

3. After running this command successfully, type the following command in your terminal and press the Enter key:

sudo apt-get upgrade

This command is also shown in the image below:

After performing the steps listed above, your Debian 10 system will be updated and upgraded.

Tip # 5

You should also closely monitor all the packages installed on your system so that you can regularly remove any unnecessary packages. To view all the installed packages in Debian 10, perform the following steps:

* Launch the terminal, as described in the method above. Type the following command in your terminal and press the Enter key:

sudo dpkg-query –l | less

The output of this command is shown in the image below:

Tip # 6

You should also keep track of all the open ports. This is necessary because irrelevant open ports can lead to severe security issues. To check all the open ports on your system, perform the following steps:

1. Launch the terminal, as described in the method above. Type the following command in your terminal and press the Enter key:

ss –lntup

This command is also shown in the image below:

2. After this command has been executed successfully, you will see a list of all the ports on your Debian 10 system and their states, as shown in the following image:

Conclusion

By following the handy tips described in this article, you can easily perform Debian 10 hardening to secure your system. The best thing about all these tips is that they are extremely simple and do not require any expert knowledge. Even a beginner can easily follow these tips and harden their Debian 10 system. This will not only keep critical data protected but will also secure the Debian 10 system from many potential security threats.

About the author

Karim Buzdar

Karim Buzdar holds a degree in telecommunication engineering and holds several sysadmin certifications. As an IT engineer and technical author, he writes for various web sites. He blogs at LinuxWays.