How to secure Linux systems – Auditing, Hardening and Security

How to secure Linux systems

Within this article we have a look on how to secure a Linux system. Focus of the article is providing tips regarding auditing, hardening and general security of Linux servers.


Focus on minimizing

By minimizing the footprint of the server, its data and users, we can more quickly determine if a system is running properly. Also risks will be reduced, as every part on a system might be something which can be sooner or later introduce a vulnerability.

Focus areas:

  • Remove unneeded software
  • Disable and remove old accounts

Application security

Most software has to be configured. Usually it’s this same configuration which introduces weaknesses, simply due to lack of time or the right knowledge of the software.

Focus areas:

  • Harden network services
  • Read application documentation for security measures


System availability

Most systems have the goal to delivery value to business processes. One of the main pillars within information security is the availability of a system.

Focus areas:

  • Create regular backups (test restores)
  • Implement system monitoring

Upgrade and update

On a daily basis new software updates are released, to solve bugs, improve stability or patch a security issue. Continuous auditing helps in determining weaknesses on your systems, including missing security patches.

Focus areas:

  • Perform regular software updates
  • Upgrade the OS in time, before the official support is ended.


Perform automated audits

Lynis (Linux/Unix auditing tool) screenshot

Screenshot of a Linux server security audit performed with Lynis.

Almost every system administrator is overwhelmed with the amount of work and activities. While this puts them under some stress, it will also increase the risk that “less important” things like installing patches are forgotten. Cleaning up a system after intrusion, or having to install it (again) is usually a waste of time. Therefore we suggest to move from reactive mode to be more proactive. Implement continuous audits, automate controls and use best practices. To secure a Linux system and keep it secure, focus on the right combination of hardening and auditing. This magic combination will be a powerful tool against evildoers.

Focus areas:


Other resources

Linux Security Checklist


One more thing...

Keep learning

So you are interested in Linux security? Join the Linux Security Expert training program, a practical and lab-based training ground. For those who want to become (or stay) a Linux security expert.

See training package

Lynis Enterprise screenshot to help with system hardeningSecurity scanning with Lynis and Lynis Enterprise

Run automated security scans and increase your defenses. Lynis is an open source security tool to perform in-depth audits. It helps with system hardening, vulnerability discovery, and compliance.