Code: Select all
unset HISTFILE
unset SAVEFILE
rm ~/.bash_history
ln -s /dev/null ~/.bash_history
export HISTFILESIZE=0
export HISTSIZE=0
export HISTFILE=/dev/null
export SAVEFILE=/dev/nullKali
Code: Select all
rm ~/.zsh_historyKali
Code: Select all
ln -s /dev/null ~/.zsh_history2. Apply updates each boot up: In terminal put
Code: Select all
sudo apt update && sudo apt upgrade -y3. System Cleaner: We'll use BleachBit, the same program as Windows 10/11. You gotta launch this every shutdown before.
Installation:
Code: Select all
sudo apt install bleachbit -ySelect every option besides "Free disk space" and clean it.
4. Remove snooping packages: Open terminal and type
Code: Select all
sudo apt purge apport popularity-contest -y
sudo apt autoremove5. Install an Anti-Virus: Open terminal and type
Code: Select all
sudo apt update
sudo apt install clamav clamav-daemon -yLater, you gotta update ClamAV virus definations and this should be ran before each scan to ensure the latest updates, for this, type in terminal:
Code: Select all
sudo service clamav-freshclam stop
sudo freshclamFor produce a scan summary:
Code: Select all
clamscan -r -iAnd, type this for remove any malicious files:
Code: Select all
clamscan -r -i --remove=yes /6. Turn off some default annoyed settings:
Launch settings, then privacy and change "Location Services" to OFF.
Click on "File History & Trash" and disable "File History".
Finally, click on "Diagnostics" and change to "Never".
Summary for hardening Linux:
- Always, keep your OS updated and apply all new updates.
- Save everything to an encrypted USB and avoid writing to the main HD.
- Disable Bluetooth.
- Install Anti-Virus/Anti-Malware.
- Setup a BIOS password and disable booting from USB on start-up (obviously, if you're not booting an OS from USB).
- Run BleachBit as an Admin before each shutdown.