Yes, usually you configure your endpoint firewall to block incoming traffic, while allowing all outgoing.

Unless you’re in a very secure zone, like DMZ’s.

The main one everybody uses at least from my knowledge and from what I’ve used over the last 13 years is UFW. That is what you want to use.

I could easily say that for firewalld… 😃

Ufw is typically available/pre-installed with Debian based systems (Debian, Ubuntu, zzz), while Firewalld is typically available on Red Hat Enterprise Linux and derivates (Fedora, CentOS, Rocky, …)

But it boils down to what you prefer, really.

Yes: source

Look into restic, it doesn’t do exactly what you want, but it’s a very powerful backup server and standalone tool

edit typo

Originally this campaign started off as a DnD 5e campaign, but due to WotC’s kneejerk I had a look at pf2e rules and was completely blown away by its cohesiveness and completeness.

But… Tyranny Of Dragons, where the heroes need to battle the cult of the dragon in order to stop them to summon Tiamat. We’re almost half way and having a blast!

You have a couple of options:

• Pathbuilder
• Pathfinder Nexus
• Herolab online
• Wanderers Guide

I prefer the 1st

edit Added Wanderers guide

Technically they didn’t name the cow… Soooo…

Signal will leave…

https://www.theguardian.com/technology/2023/feb/24/signal-app-warns-it-will-quit-uk-if-law-weakens-end-to-end-encryption

Poor thing, it got broken in the mail! Hope you got insurance…

/s

I wouldn’t recommend using anti-virus software. It usually creates a lot more overhead, plus it usually mimics existing solutions already in linux. The only viruses I have ever caught using an anti-virus software on Linux are the test viruses to see if all is working fine.

Anyway, here’s my 20+ enterprise experience recommendations with Linux :

• enable secure boot: will disable launching non-signed kernel modules (prevent root kits)
• enable firewall: and only allow ports you really need.
• SELinux: it is getting better, and it will prevent processes to access resources out of their scope. It can be problematic if you don’t know it (and it is complex to understand). But if it doesn’t hinder you, don’t touch it. I do not know AppArmor, but it is supposed to be similar.
• disable root over ssh: or only allow ssh keys, or disable ssh altogether if you do not need it.
• avoid using root: make sure you have a personal account set up with sudo rights to root WITH password.
• only use trusted software: package managers like apt and rpm tend to have built in functionality to check the state and status of your installed software. Use trusted software repositories only. Often recommended by the distro maintainers. Stay away from use this script scripts unless you can read them and determine if they’re the real thing.

Adhering to these principles will get you a long way!

edit: added section about software sources courtesy of @dragnucs@lemmy.ml