Linux mint has apparmor built in

Started by someone, October 19, 2025, 04:05:14 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
October 19, 2025, 04:05:14 AM
If any linux users dont know
Thought I would mention that Linux mint has endpoint protection built in
It has default settings, but is readily changeable.
Its all command line but not difficult, watch some utube videos
November 02, 2025, 03:47:43 PM #1
If possible, please include a link to the video so users can find it faster.
Wepaing visit "Drift Boss"
November 04, 2025, 04:02:39 PM #2
Am, almost, sorry.

But what is the news? Apparmor or SELINUX is default. Even in the CIS Benchmarks (Hardening Guidelines) its standard.
Furthermore this is not a Linux forum. OPNsense is built on UNIX.

Also this is not an IDS or even not an IPS....

At least, to give you some useful information: Check AIDE...
November 15, 2025, 04:50:32 AM #3
Apparmor is an endpoint IPS, also Wazuh, and other third party contributions
Which all help protect our operating system and opnsense router
I still cant get opnsense to last more than around two weeks, anything that would help would be a help to us all
November 15, 2025, 11:47:28 AM #4 Last Edit: November 15, 2025, 11:50:38 AM by fastboot
Your comments make it very clear that you are mixing up fundamental concepts, so let me clarify this with precision:

1. AppArmor is not an endpoint IPS.
It is a Mandatory Access Control mechanism. It limits process capabilities but does not inspect traffic, block intrusions, or act as a behavioral prevention system. Presenting it as an IPS shows a misunderstanding of its purpose.

2. Linux Mint does not offer "built-in endpoint protection"
Having AppArmor enabled by default is a basic security measure, not an EDR/XDR or IPS solution. Treating it as such misrepresents what it actually does.

3. Bringing Wazuh into this only demonstrates further confusion.
Wazuh is an entirely separate SIEM/XDR platform that requires a complete backend infrastructure. It is not related to Mint's default configuration and has no connection to AppArmor's functionality.

4. None of this applies to OPNsense.
OPNsense is based on FreeBSD. Linux MAC frameworks like AppArmor or SELinux do not apply here. Mentioning them as protection for OPNsense shows that you are discussing technologies from entirely different systems as if they were interchangeable.

If your OPNsense system becomes unstable after two weeks, you should focus on logs, configuration, hardware, or plugins. Linux security frameworks will not solve a FreeBSD issue.

And to avoid further confusion: OPNsense is a firewall platform, not a router.

This should settle the topic.
Print
Go Up Pages1
User actions