I don't use any scripts to harden my operating system because in doing the
hardening tasks myself I can choose at each step how many convenience I'm
willing to sacrifice for security. In my threat model I focus on crackers
from outside because I'm the only person who has physical access to my
computer. Whats your threat model? Is it similar to Micah Lee's threat model?
How many convenience are you willing to give up for security? These are
questions only you are able to answer.
What have I done to increase security? I stopped every service that was
listening on a TCP/IP port. I use grsecurity and compile the libre linux
kernel patched with grsecurity every time an update is available. It hardens
your kernel and increases every other security measure. I have written my own
apparmor profiles for every program that accessing the internet. I disabled
java script and flash. I use epiphany as a web browser and claws mail as a
mail client so that I can use every program with mprotect enabled. I don't
use wifi. I use tails on a different computer where I have removed the hard
drive.
Maybe you think some of these measures matches to your threat model.
