There is a reason why tools such as Bastille Linux are preferred - they are regularly tested and screened for bugs and issues by the community. If you setup a DIY system, there is no guarantee that it is free of bugs/issues.
Originally Posted by kingcobraa
Then, back on topic....
1. Make sure your system is updated
You can setup automatic security updates by running
(while choosing yes at the prompt)
sudo apt-get install unattended-upgrades
sudo dpkg-reconfigure unattended-upgrades
2. Enable Firewall
You can use either iptables or ufw
I like iptables, but thats just because I'm used to using csf/lfd....
There are plenty of guides on the internet that show you how to deny all traffic by default except for established sessions, so I wont cover this here
3. Setup GrSecurity and PAX
Heres a guide -> http://www.insanitybit.com/2013/06/1...ew-autoconfig/
Read more about GrSecurity here
4. Write your own apparmor rules
Ubuntu runs a MAC (Mandatory Access Control) system called Apparmor. By default, applications such as rhythmbox, pidgin, .etc .etc have read access to lots of areas of your system. You can write apparmor rules to secure them.
There are a few more things that you can read over at http://www.insanitybit.com/2012/12/1...-ubuntu-linux/