- π Overview
- π Features
- π§ Supported Distros
- π¦ Tools Installed
- βοΈ Installation
- π§° Running the Defender
- π§Ύ License
- πββοΈ Author
- β Support & Contribution
Linux Defender is a robust and easy-to-use Bash script designed to significantly enhance the security posture of your Linux system. Targeting security professionals, enthusiasts, and system administrators, this tool automates the intricate process of installing, configuring, and managing essential security tools across a wide range of popular Linux distributions. With Linux Defender, fortifying your system against threats becomes efficient, practical, and straightforward.
- β
Automated Firewall Management: Effortlessly set up and manage your system's firewall with
ufwandiptablesfor robust network protection. - π¦ Advanced Malware & Rootkit Detection: Integrate powerful scanning tools like
chkrootkit,rkhunter, andclamavto detect and neutralize malicious software. - π Comprehensive System Auditing: Utilize
auditdto meticulously log system activity, providing a detailed trail for security analysis and incident response. - π Enhanced Anonymity & Privacy: Support for TOR for anonymous browsing and optional integration with
Anonsurf(for Kali Linux) to route all traffic through the Tor network. - π§ AI-Powered Assistance: Leverage
TGPTfor intelligent assistance and query resolution directly within your security workflow. - βοΈ Intelligent Distribution Detection: Automatically identifies your Linux distribution (Arch, Debian, Kali, Parrot, Ubuntu) to apply tailored security configurations.
- π‘οΈ Robust System Hardening: Implement critical hardening measures for the kernel, SSH configurations, and control USB device access to minimize attack surfaces.
- π Proactive Auditing & Monitoring: Seamlessly integrate
auditdrules andlogwatchto gain comprehensive insights into system events and security alerts. - π‘ Sophisticated Network Security: Deploy capabilities to detect port scans, mitigate SYN flood attacks, and configure secure DNS settings for enhanced network resilience.
- π€ Secure User & Access Control: Enforce strong password policies, facilitate the setup of SSH two-factor authentication (2FA), and perform checks for potentially risky user accounts.
- ποΈ Filesystem Integrity & Malware Defense: Protect critical system files by making them immutable, schedule regular malware scans, and manage a secure quarantine for suspicious files.
- π Intuitive Usability & Reporting: Benefit from centralized configuration, execute interactive system health checks, and receive automated email notifications for critical security alerts.
- π£ Fail-Safe Mechanisms: Provides clear, manual package installation instructions if automated dependency resolution encounters issues, ensuring smooth setup.
- Arch Linux
- Kali Linux
- Parrot OS
- Debian
- Ubuntu
| Category | Tool(s) |
|---|---|
| Firewall | ufw, iptables |
| Malware Protection | chkrootkit, rkhunter, clamav |
| Monitoring | audit / auditd, inotify-tools, inxi, logwatch |
| Anonymity (Kali) | tor, kali-anonsurf |
| Arch-only Tool | torctl |
| AI | TGPT |
| Hardening | sysctl, modprobe |
| Network Security | iptables, sysctl, resolvconf |
| User Management | pam, libpam-pwquality, libpam-google-authenticator |
| Filesystem | chattr |
| Reporting | postfix, mailutils |
| Core Dependencies | curl, unzip, grep, sort |
Linux Defender offers flexible installation methods to suit your preferences. It is generally recommended to install via your distribution's package manager where possible for system integration and easier updates.
This method involves cloning the repository and running the setup.py script, which automates dependency installation and sets up the linux-defender command system-wide.
git clone https://github.com/0warn/LINUX-DEFENDER.git
cd LINUX-DEFENDER
sudo python3 ./setup.pyThe setup.py script will detect your distribution and install all necessary dependencies, including: auditd, audispd-plugins, logwatch, libpam-pwquality, libpam-google-authenticator, postfix, mailutils, inotify-tools, rkhunter, clamav, ufw, inxi, xterm, curl, unzip, grep, and sort.
For more robust system integration and easier management, package-based installation is recommended.
To install on Debian-based systems (Debian, Ubuntu, Kali, Parrot), you need to build the .deb package first.
-
Build the .deb package: Ensure you have
dpkg-devanddevscriptsinstalled:sudo apt update && sudo apt install -y dpkg-dev devscriptsNavigate to the project root and build the package:dpkg-buildpackage -us -ucThis will generate a.debfile (e.g.,linux-defender_1.3-1_all.deb) in the parent directory. -
Install the package:
sudo dpkg -i ../linux-defender_*.deb -
Resolve dependencies (if prompted):
sudo apt install -f
To install on Arch Linux, use makepkg to build and install the package from the PKGBUILD.
-
Ensure
gitandbase-develare installed:sudo pacman -S --needed git base-devel -
Clone the repository:
git clone https://github.com/0warn/LINUX-DEFENDER.gitcd LINUX-DEFENDER -
Build and install the package:
makepkg -siThis command will handle dependencies, build the package, and install it system-wide.
Once dependencies are installed, execute the script with root privileges:
sudo linux-defenderThis command will initiate the Linux Defender interface, providing access to all hardening operations and security features. You can then navigate through commands such as harden, audit, network, user, filesystem, and reporting to manage your system's security.
This project is licensed under the MIT License.
Built with care and cybersecurity principles by 0warn βSecure it before someone else exploits it.β
For major changes, open an issue first to discuss what you would like to change. If this project helps secure your systems, consider giving it a β on GitHub.