To open a terminal Ctrl + Alt + T User configuration through the terminal or go to System > Administration > Users and

Groups Please Ensure that you properly configure your users so that they are se cured. Users cat /etc/shadow cat /etc/passwd sudo passwd sudo passwd [user] sudo passwd -l [user you want to disable] Groups cat /etc/group sudo deluser [user] [groupname] [the group the user is in] Updates throught Terminal or go to System > Administration > Update Manager Please Make sure you update from terminal and your graphical user interface sudo apt-get update sudo apt-get upgrade Turn on Automatic Updates Go to System > Administration > Software Sources > updates and turn on automatic updates. Remove autologin through system > Administration > login screen Ensure that you remove autologin. Securing OpenSSH sudo Nano /etc/ssh/sshd_config (change permit root login to no) Prootocol 2 PermitRootLogin no PermitEmptyPasswords no Banner /etc/issue IgnoreRhosts yes

RhostsAuthentication no RhostsRSAAuthentication no HostbasedAuthentication no LoginGraceTime 1m SyslogFacililty AUTH AllowUser [Name of user] DenyUSer [NAme of User] MaxStartups 10 Securing SU sudo nano /etc/pam.d/su Comment out any setting allowing access to su without a password. configuring the sudoers file sudo nano /etc/sudoers Comment out any individual who isn't a admin. Creating a pre-login banner sudo nano /etc/motd [Type your own mesage] Changing the hostname sudo Nano /etc/hostname [Type your own mesage] Local security policies sudo apt-get install libpam-cracklib sudo nano /etc/pam.d/common-password retry=3 minlen=8 difok=3 remember=12 deny=5 PASS_MIN_DAYS - Set to 7 days PASS_MAX_DAYS - Set from 30 days to 90 days PASS_WARN_AGE - Set to 14 days Services sudo apt-get rcconf Disable vsftpd, inspired, postfix, apache2*, mysqld*

postgresqld, dovecot, spool. Unless readme says otherwise. Port scanning sudo apt-get nmap sudo nmap 127.0.0.1[This lists all open ports] sudo netstat -punta sudo lsof -i sudo Ps aux | grep port # Turning on the firewall and blocking specific ports sudo ufw enable sudo ufw deny port #(This is to block specific ports) sudo apt-get install iptables sudo iptables -L[This lists all existing rules for ] Removing Uneccessary Packages through terminal or go to System > Administration > Synaptic Package Manager Ensure that you remove the packages for the programs you stop. rpm -qi [package name] Anti-virus sudo apt-get install clamav sudo fresh clam sudo clamscan Root Kit check sudo apt-get install rkhunter sudo rkhunter --check 2ndry rootkit checker sudo apt-get install chkrootkit sudo chkrootkit Making the Home Directory Private chmod 700 /home/* Stopping shares between windows and Linux comps sudo /etc/init.d/samba stop Also go to System > Preferences > Personnel File sharing and make sure it is not

sharing any files. Notes: Use aptitude if preferred. Note that it may need to be installed. Reboot as necessary sudo reboot Saving menu settings as a text document Use the following format: Command-save > /directory where you want it to be saved/name you want to give it Use rm to remove any item you want. To exit from a directory use cd .. optional: Installing a gui sudo apt-get install ubuntu-desktop reseting network connections sudo ifconfig sudo ifdown [Name of connection you want to kill] sudo ifup [Name of connection you want to kill]