Member-only story
Why You Should Never Trust Default Configurations on a Fresh Linux Install
--
1
Share
Intro
Many admins assume a fresh install of Ubuntu or Red Hat is secure out of the box. I used to think the same — until I realized how much was silently exposed. Default configurations are designed for usability, not security. In this blog, I’ll show you what I now check and lock down immediately after every Linux install.
1. Unnecessary Services Are Running
Fresh installs often start services you don’t need — like Bluetooth, cups, or even Avahi (zeroconf).
🔍 Check:
sudo systemctl list-units --type=service --state=running
🛠️ Fix:
sudo systemctl disable --now avahi-daemonsudo systemctl disable --now cups
2. SSH Is Too Open
On Ubuntu, SSH is often enabled — even if you didn’t configure it.
🔍 Check:
sudo systemctl status ssh
🛠️ Fix:
# Only allow your IPsudo ufw allow from <your_ip> to any port 22
# Disable root login and password authsudo nano /etc/ssh/sshd_config# Set:PermitRootLogin no PasswordAuthentication no
Top comments (0)