DEV Community

Faruk
Faruk

Posted on • Originally published at Medium

Why You Should Never Trust Default Configurations on a Fresh Linux Install | by Faruk Ahmed | Jul, 2025

Member-only story

Why You Should Never Trust Default Configurations on a Fresh Linux Install

--

1

Share

Intro

Many admins assume a fresh install of Ubuntu or Red Hat is secure out of the box. I used to think the same — until I realized how much was silently exposed. Default configurations are designed for usability, not security. In this blog, I’ll show you what I now check and lock down immediately after every Linux install.

1. Unnecessary Services Are Running

Fresh installs often start services you don’t need — like Bluetooth, cups, or even Avahi (zeroconf).

🔍 Check:

sudo systemctl list-units --type=service --state=running
Enter fullscreen mode Exit fullscreen mode

🛠️ Fix:

sudo systemctl disable --now avahi-daemonsudo systemctl disable --now cups
Enter fullscreen mode Exit fullscreen mode

2. SSH Is Too Open

On Ubuntu, SSH is often enabled — even if you didn’t configure it.

🔍 Check:

sudo systemctl status ssh
Enter fullscreen mode Exit fullscreen mode

🛠️ Fix:

# Only allow your IPsudo ufw allow from <your_ip> to any port 22
Enter fullscreen mode Exit fullscreen mode
# Disable root login and password authsudo nano /etc/ssh/sshd_config# Set:PermitRootLogin no  PasswordAuthentication no
Enter fullscreen mode Exit fullscreen mode

👉 Read Full Blog on Medium Here

Top comments (0)