After installing Ubuntu as your primary OS, you should have protected against USB Rubber Ducky payloads, defended against hard drive forensics, and reduced the overall attack surface against physical strikes. When defending against network-based attacks, you'll want to minimize hardware disclosures, prevent packet sniffers, harden firewall rules, and much more.
To be more specific, in this part of mini-series for strengthening your primary Ubuntu installation, you'll learn to spoof your MAC address to trick passive attackers, disable unused networking services such as CUPS and Avahi, create specific firewall rules to block data exfil on certain ports, and prevent hackers from sniffing passwords and cookies in your packets with a VPN.
If you missed the previous article, you should check out part one to learn more about my motivations for starting this four-part guide — even if you already have Ubuntu installed and just want to lock it down.
[embedded content]
Step 1: Defend Against Hardware Enumeration
When connecting to new Wi-Fi networks and routers, spoof the Wi-Fi adapter's MAC address. This won't prevent a motivated attacker from learning which operating system you're using but it may confuse and prevent them from discovering hardware information.
For example, a hacker on a coffee shop Wi-Fi network might focus their attacks on non-Apple devices. If you appear on the network with an Apple MAC address, the attacker may completely ignore your device. Or, they might try some macOS-specific attack against your device which won't work, be ..
Support the originator by clicking the read the rest link below.
){kind=link}