I would like to hear some suggestions how to secure Fedora. Here are the topics :
Antivirus like ClamAv ( installed but isn’t working need help or an alternative)
Disk encryption (Not done )
Keep always the system up to date (Done)
Disable un-neccesasry service like ftp, etc (How ?)
Check Open Ports, don’t expose your box outside ( How do I check my open ports ? )
Don’t disable SElinux (Done )
Don’t execute Script that you don’t know the procedence (Done)
if you use ssh change the default port for something else (Zero usage )
Enable firewall (Done )
A few notes : I didn’t use disk encryption with Fedora because when I tried , the system didn’t recognize my password (it was a simple one just to check if the system worked).
No antivirus is needed you need to look into what you ran and what you don’t.
Make your device always updated and never run untrusted scripts like bash
Full disk encryption is a must have for security.
Next use trusted softwares only use stuff which are opensource.
Use a secure encrypted dns provider who don’t keep logs.
Watch windows and linux is totally different os from the kernel level so be assured. now it is extremely low chance that something harm your device until you give it a sudo access i mean root.
A windows written can’t do anything in linux.
Please understand linux is totally opensource now if there is a vulnerability appears it gets patches in no time now fedora is extremely secure semi rolling distro so you don’t need to worry about anything.
A malware can’t do much without root access now sophisticated malware attacks are extremely low so don’t worry.
And don’t confuse with something like windows.
Is there a way to set up Full disk encryption after Fedora has been installed ?
P.S. A big thank you for clearing up my concerns. I know most of the facts mentioned but I just wanted to hear some other opinions , I guess.
Use a password manager (opensource) and create strong password
Use 2FA when ever possible
Don’t give physical access to someone you don’t know.
As per previous comments while encrypting drive please keep in mind If you loose key, it is impossible to retrieve files a back up is important
Everything you mentioned is a part of my safe PC practice. I just hope the encryption works this time because last time the password was a simple one , which was written on a piece of paper and it still wasn’t recognized. Furthermore, I am also implementing a VPN in the mix and a in browser download scanner.
Anyway thank you for the help.
Vpn is not usefull in general
Because most of the internet is encrypted using some type of encryption uses aes
Now vpn do nothing. Rather it creates a single point of failure which can lead to worse security if you want privacy and a good security use tor. And if you want to use some vpn for geo restricted contains still need to secure webrtc so i will recommend mullvad or ivpn or proton.