I am a grateful home user of Rocky Linux workstation edition.
Before RL I was using Fedora workstation.
I decided to move away from Fedora because the upgrade from version 33 to 34 bricked the OS. I wanted something more stable, and RL fits the bill perfectly. I really enjoy using RL as a workstation and am thankful that RL has been created.
I had assumed (rightly or wrongly) when using Fedora workstation that it was pretty well pre-configured from a security point of view.
I noticed that RL workstation has less software pre-configured than Fedora.
And this has made me wonder if there are security related things that I should be installing or setting up with RL.
However, I am not a Linux sys admin (just a retired engineer) and so my knowledge as to how to secure RL workstation is limited.
In the past I have posted topics on this forum asking about eg what servers are running by default on RL, if any. I have tried to learn about eg making sure services such as ssh and http are not running. I believe running these kind of servers on a workstation, if they are not needed, can be a security risk. I was concerned about someone being able to connect to my RL workstation and see my data stored on local disk, etc.
I have installed firewall-config and set the default zone to Drop.
The problem with me asking just about servers, is that I don’t know what else to ask about. As Rumsfeld would have said “I dont know what I dont know” and so I am afraid I am not asking the right questions about security because I dont know what to ask about. I am concerned there are things I should be doing but I am not aware of them.
And so I would like to post this topic - how do I ensure that RL workstation is secure or make RL workstation secure?
I realize this may be a big topic, but it is a very important one to me.
I think it means identifying what is already pre-installed or configured in RL workstation that makes it secure, and what can be done to make it more secure.
Any help is appreciated.
I would also be happy to offer to help with documentation - I think I could be helpful in writing docs for workstation setup. I have made posts or tried to help with posts related to RL setup in general (non security), and I think it would be good to have some of those in the docs as well.
Thanks ahead of time…