#Linux - Basic Security
##Restricting Remote IP Addresses
It is always a good idea to restrict the access to users and hosts that you trust. To do this you need to:
Edit the /etc/hosts.deny and create a rule
sshd: ALL
This will deny access to all hosts. Next, edit the /etc/hosts.allow file and add:
sshd: 192.168.1 201.130.177.31
This will give access to the 192.168.1.0/24 network and the 201.130.177.31 host.
More information on the syntax for hosts.allow and hosts.deny can be found on man hosts_access. Information on additional options can be found on man hosts_options.
##Package Installation
It is strongly encouraged that you should not to do package management with sudo. Packages can run arbitrary scripts, which makes using sudo when running a package manager command is a security risk.
Rather, it is recommended that you first ensure that you have rights to the /usr/local directory. You can do using:
sudo chown -R $USER /usr/local
Where $USER is your username.
That sets your user account as the owner of the /usr/local directory, so that you can just issue normal commands in there. Then you won’t ever have to use sudo when you install node or issue npm commands.
It’s much better this way. /usr/local is supposed to be the stuff you installed, after all.