Solus OS Basic Security Guide for New Users
December 24, 2021
In this blog, I show you Firewalls, Encryption, Anti-Virus, & Hosts files to help you ensure your Solus OS is a lot more secure than an unprotected one.
Solus is a curated rolling release with a goal that no updates should break anything to new users. So most users are running very up to date and not holding back in fear that they would need to fix something that an update broke.
Solus uses quite new mainline kernels, usually about 3rd point release and then updates them often, only after most bugs of a new major release are ironed out.
CVEs are patched very quickly and are pushed into the stable repos as quickly as possible and out of schedule. Usually stable is synced with unstable on fridays, with only exceptions if there is a major bug or there is an ongoing stack update.
There are as little out of tree patches as possible both in kernel and all packages, and that policy is very strict.
The package build process is very transparent, from pspecx8664.xml you can clearly see what files changed from with a package update and that allows the core team to quickly verify that nothing got screwed up. Here is phabricator: https://dev.getsol.us
When you first get solus and installing on your SSD, Make sure to setup full disk encryption to make your disk drive have encrypted scrambles from hackers or surveillances. (Bonus: Once you finished installing the os on your ssd, Full disk encrypt your other drives to be safe.)
Install firewall in the package manager by searching “ufw” and install both packages: Once you have installed both packages, you can either go in the terminal or use the gui to enable the ufw. (Bonus: If you want to be a chad, You can install it with the terminal like so: sudo eopkg install ufw, Then do sudo ufw enable + sudo ufw status to check if it’s enabled.)
Install a Anti-virus for protecting other users: Solus OS do not need a anti-virus, But if needed if your paranoid and want to protect users that do not use solus os or any linux distro. If the users only use windows / mac instead. So the best linux alternative for a anti-virus is clamav or sophos. I will not help you install it as i do not use one just use your brain.
Configuring your host file to block threats and give extra layer security: First thing to do is go into your terminal, Type this command in your terminal, “sudo nano /etc/hosts”. Once you have done that now you can use the arrow keys and scroll down to the bottom where you need to copy and paste these recommended host file settings here at these links: