I have my firewall configured pretty restrictively. I am attempting to configure AppArmor but it seems to complicated.

How do you secure your desktop?

  • SayCyberOnceMore
    link
    fedilink
    English
    arrow-up
    13
    arrow-down
    1
    ·
    1 year ago

    It all depends on your usecase to define the risk vs effort.

    I work in a cyber security role, yet my personal laptop has minimal security, because it doesn’t need it. Am I keeping military secrets on it? No. Does it contain bank records? No. So no full disk encryption, no app sandboxing, no AV scanning.

    My work laptop… well, that’s a different case altogether.

    My advice: do 1 thing at a time and make sure you understand it. For example, do you need a SSH server on a desktop device? Just disable it and that’s it secured. No need for additional jails, fail2ban, firewalls, etc… now it’s easier to maintain, which improves your overall security posture.

    Have a look at Lynis and CIS-CAT, etc to audit your system… if it’s vulnerable and you don’t use it, remove it.

    That’s why I use Arch… it only has the components you need.