Securing Ubuntu Out of Box

Ubuntu, and linux in general comes 'Script Kiddie' secure out of the box. Just not Uber paranoid secure. By which I mean you will never ever ever be completely secure! Decentrailize your data, and encrypt it. Anyway though, here are some 3 important things you can do to make things harder on an attacker.

1. Reconfigure Shared Memory
Add this line to /etc/fstab

tmpfs /dev/shm tmpfs defaults,ro 0 0

2. Disable SSH root login

In /etc/ssh/sshd_config change:

PermitRootLogin yes

to

PermitRootLogin no

3. Limit the use of su (Super User, yeah that's that thing you want to protect.)

sudo chown root:admin /bin/su
sudo chmod 04750 /bin/su

Things you can do that might annoy you.

A. Enable Automatic Updates

System -> Administration -> Software Sources

Then under updates tab -> Check, check for updates
Then under updates tab -> Install security updates without confirmation

Secure your home folder and your personal file hard drives. (If you don't already have them encrypted.)

Type: chmod 0700 /home/