Im using linux for ±3 yrs and im pretty used to it. Im currently running nixos on my laptop. My question is what kind of hardening do i need firejail, apparmor, selinux, … all 3 of them ? none of them ? Thanks for the advice and have a nice day

  • HumanPerson@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    5
    ·
    1 year ago

    I am not sure. I personally don’t trust selinux because it was developed my the nsa, though that is just me being tinfoil-hat-ish about it. I am a fan of clamav / clamtk for files you think are sketchy (“alternatively obtained” games and things.) I also use ufw but that is more of a thing for servers if I’m not mistaken. If you use ssh server on your laptop, you should get fail2ban or sshguard. While the whole “Linux can’t get hacked” thing is wrong, as long as you stay updated and don’t be stupid you should be protected from automated scripts which is all desktop users really need to worry about.

    • Theoriginalthon@lemmy.world
      link
      fedilink
      arrow-up
      4
      arrow-down
      1
      ·
      1 year ago

      I put fail2ban on everything, and I manage to lock my self out of systems at least once a month, so I guess it’s working as intended.

      • HumanPerson@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        I like sshguard simply because I couldn’t get the fail2ban daemon running and sshguard started right up. I don’t know how the functionality compares but it is simple and never messes stuff up.

          • danielfgom@lemmy.world
            link
            fedilink
            English
            arrow-up
            3
            arrow-down
            1
            ·
            1 year ago

            Use UFW - uncomplicated firewall. Some distros install it by default. Its very easy to use whereas other firewalls are super complicated

              • nous@programming.dev
                link
                fedilink
                English
                arrow-up
                6
                ·
                1 year ago

                I dont think so. Both UFW and firewalld are just frontends - they don’t actually do any work themselves. That is all handled by the iptables or the newer nftables kernel modules inside the kernel itself, the major difference will be in what rules they create but both should be able to create the same rules for either of these kernel APIs. UFW is what ubuntu uses by default I believe and firewalld what a lot of other distros use by default.

              • Helix 🧬@feddit.deB
                link
                fedilink
                arrow-up
                1
                ·
                edit-2
                1 year ago

                No, only the configuration syntax is different. If you know what you’re doing in configuring them both are fine.

          • Helix 🧬@feddit.deB
            link
            fedilink
            arrow-up
            1
            ·
            1 year ago

            They’re pretty similar but firewalld allows more complex rules without resorting to plain iptables syntax. Try both and see what you like better.