If you also use Linux, you should try "lynis" package.
After you installed it, open a terminal as root and type:
lynis -c
It runs several tests, and benchmarks the security of your system through sub-tests. Each test you have to confirm with Enter key, so you see what is being tested and how you can fix it.
It makes also suggestions for you when whole tests are run through, but the valuable info is during the tests. It also logs the tests into /var/logs
If you run Debian as operating system, type into a terminal as root
debsecan
It lists all installed packages through which outsiders could gain root access to your system. If you don't need them, uninstall.
If you type in a terminal
checksecurity
it will list you all programs which are bound to specific UDP/TCP ports, practically those programs keep those ports open, with which a hacker can intrude.
find / -xdev \( -nouser -o -nogroup \) -print
lists you all files on your system which are not registered to users or usergroups of that system. Very likely that it has been uploaded to your computer from outside.
awk -F: '($3 == "0") {print}' /etc/passwd
lists all users registered in the system, which have total control. The output of above command should only be you.
ss -l
Which ports are open to my computer.
ss -lp | grep XXXXX
Show which service has opened port XXXXX
All packages which were used above, are only in KB size and are on-demand. They do not run any service in background.
More complex tools are for example "tripwire", it indexes your filesystem and shows you who and when did modifications to your essential system files.
The most complex packages are the "harden" series. There are about 20 packages of them with about 30 MB to install.
It is also referenced in the Debian Online documentation:
Securing Debian Manual - Automatic hardening of Debian systems
But, you probably don't need this, if you are not running a Web-Server.
It's bloated for home-PC use.
Together with an IPtables firewall and a physical router, where you can physically close ports this should be enough for casual home-PC security.
More complex it will become, when you want to run a Server.
But those people anyway need no tips +tricks.
As a last: In the directory
/var/log
you see everything what's going on with your system.
If anyone also has some tips+tricks, please share.
After you installed it, open a terminal as root and type:
lynis -c
It runs several tests, and benchmarks the security of your system through sub-tests. Each test you have to confirm with Enter key, so you see what is being tested and how you can fix it.
It makes also suggestions for you when whole tests are run through, but the valuable info is during the tests. It also logs the tests into /var/logs
If you run Debian as operating system, type into a terminal as root
debsecan
It lists all installed packages through which outsiders could gain root access to your system. If you don't need them, uninstall.
If you type in a terminal
checksecurity
it will list you all programs which are bound to specific UDP/TCP ports, practically those programs keep those ports open, with which a hacker can intrude.
find / -xdev \( -nouser -o -nogroup \) -print
lists you all files on your system which are not registered to users or usergroups of that system. Very likely that it has been uploaded to your computer from outside.
awk -F: '($3 == "0") {print}' /etc/passwd
lists all users registered in the system, which have total control. The output of above command should only be you.
ss -l
Which ports are open to my computer.
ss -lp | grep XXXXX
Show which service has opened port XXXXX
All packages which were used above, are only in KB size and are on-demand. They do not run any service in background.
More complex tools are for example "tripwire", it indexes your filesystem and shows you who and when did modifications to your essential system files.
The most complex packages are the "harden" series. There are about 20 packages of them with about 30 MB to install.
It is also referenced in the Debian Online documentation:
Securing Debian Manual - Automatic hardening of Debian systems
But, you probably don't need this, if you are not running a Web-Server.
It's bloated for home-PC use.
Together with an IPtables firewall and a physical router, where you can physically close ports this should be enough for casual home-PC security.
More complex it will become, when you want to run a Server.
But those people anyway need no tips +tricks.
As a last: In the directory
/var/log
you see everything what's going on with your system.
If anyone also has some tips+tricks, please share.
