Member-only story
Why I No Longer Trust “Secure by Default” in Linux Server Installs
--
Share
Intro
We all love the idea of a “secure by default” Linux distribution — something we can install and immediately feel safe running. But after auditing dozens of servers, I’ve learned this idea can be dangerously misleading. Even popular distributions like Ubuntu and CentOS come with default settings that can leave you exposed.
Let me walk you through why I stopped trusting this myth — and what I do instead.
1. Open Ports You Didn’t Ask For
Right after a fresh install, I ran a quick ss -tuln and was surprised to see several services already listening.
Most Linux distros install services like Avahi, cups, or even rpcbind by default — services that are often unnecessary and may become attack surfaces.
✅ What I Do Now:
- I run sudo ss -tuln and sudo netstat -plnt right after install.
- Then I shut down and disable anything I don’t recognize:
- sudo systemctl stop avahi-daemon sudo systemctl disable avahi-daemon
2. SSH Settings Are Too Permissive
On one server, I found SSH was enabled for password login and root login — both of which are…
Top comments (0)