Firmware Configuration
Raspberry Pi & Single-Board Computers
Some settings to watch out for in your BIOS before installing Debian that
EFI & BIOS
Older PC systems use a BIOS – or Basic Input/Output System – to handle core functions before the computer has loaded an operating system. The BIOS is used to configure fundamental computer settings that affects how hardware interacts with the operating system.
Modern computer systems use UEFI – or the Unified Extensible Firmware Interface – to manage these settings through a graphic interface.
There are numerous manufacturers who use different BIOS and UEFI for their computer systems. While not possible to give specific recommendations for computer systems, here are some general computer configurations to watch out for.
Disable Unused Hardware
You can increase the overall security of a home server by disabling extraneous hardware as a proactive measure to decrease your cyber attack surface area.
Some common hardware compoycomponents to disable are:
- Serial and Parallel Ports
- Audio Ports
- Bluetooth
- Wireless Internet
Bluetooth Disablecan allbe hardwareleft thaton won'tfor connecting smart devices, but can be insecure. Wireless can be left on to create a local network, but should not be used (serial/parallelas ports,the audio,main etc).connection for a server.
Power-Saving Features
Enable all powersaving features on the CPU.
Disable
Boot (NASes generally are not CPU limited, and with today's multi-core CPUs, hyperthreading is mostly unnecessary). I find that single-threaded performance is slightly better without hyper-threading, though we're talking marginal amounts here.Priority
Disable booting from all HDDs or Controllers (except for the drives I'm actually booting off of).
Power management
Wake on Lan
Keyboard mouse halt
Secure Boot
TPM module
Fast boot
Restart after failure
Network boot
AHCI vs SATA vs RAID