Debian comes with several harden packages, designed to make a computer more secure. My needs are very simple: word processing and Web browsing. I do not run any special servers, do not use SSH, telnet, etc. The only software that should use the Internet, that I know of, is iceweasel and apt.
harden packages suitable for these needs?In a default user installation, there is only ssh as server application installed which you can simply uninstall via aptitude remove openssh-server or via any other package manager you use.
Restricting network access for applications is difficult. {{ EDIT: However, there is now Leopard Flower developed which seems to provides the features you need (per-process firewall, interactive user interface). }} See Per process firewall? for more information about the topic. Without using complicate solutions, you can only restrict network access to special users via the iptables owner module.
As normal user you do not need any harden-* packages. They either conflict on unsafe packages, which you probably have not installed anyway, or install security packages which are for normal systems too complicated to configure and maintain - like network intrusion systems.
Collected from the Internet
Please contact [email protected] to delete if infringement.
Comments