Information Security

How to set up debian before the first network connection?

Good day, gentlemen. Can any experienced linux expert tell me what I need (or can) do in the settings / configurations of pure debian (in my case xfce) before the first connection to the network? Interested in the side of anonymity\security\confidentiality. In order to avoid repetitions, I will write what has already been done:
1. /etc/NetworkManager/NetworkManager.conf - mac-address=random values ​​​​are registered for different types of connection
2.ssh keys are configured, a key is generated for connecting to your own vps, as well as /etc /ssh/ssh_config - changed ports, root login=no, etc.
3./etc/resolv.conf - change server dns to cloudfare and opendns servers
4.as well as disable terminal history in /.bashrc
What else can be done? guides on YouTube \ form and publics on anonymity did not bring results in search of information, everything is rather meager, most manuls go to ready-made oc, like kali and parrot, and in pure debian many packages are not preinstalled and you need a network connection and I would like to protect yourself as much as possible (and, if possible, hide) before its first connection. The last hope for habr)
PS I'm not going to deal with rubbish, I'm just paranoid and this topic is interesting)