MDM5hQEc

1security/privacy/anonymity notes (computer) 
2
3TABLE OF CONTENTS 
4•Security/privcy focused OSes with main security features
5•Virus & phishing detection 
6•Domain Name System (DNS) security 
7•Browser security/privacy Add-ons 
8•Good email providers 
9•security/privacy focus Search Engines 
10•Anti-keyloggers 
11•Firewalls 
12•DDoS mitigations
13•memory protection
14•Linux Kernel Security 
15•BSD Kernel security
16•compiler security 
17•hardware security 
18•802.11 network security 
19•Router security 
20•vulnerability scanners 
21•security focused Microkernels 
22•security by isolation programs 
23•network intrusion prevention system (NIPS) and network intrusion detection system (NIDS) 
24•host-based intrusion detection system (HIDS) 
25•packet analyzers
26•network security scanner 
27•disk encryption 
28•security audit tools 
29•Network and applications layer authentication and encryption methods
30•Executable space protections 
31•server security suite 
32•VPNS 
33•proxies 
34•distributing files anonymously 
35•scan websites automatically for common vulnerabilities and errors that can de-anonymize the owner or users 
36•easiest way to add an onion address to a traditional websites
37•proof that bugs and/or highly stealthy malware can go undetected for atleast 1 year or more! 
38•security Vulnerability focused reporting sites
39•protection against Cross-Site Request Forgery (CSRF) 
40•Preventing Remote File Inclusion (RFI) Attacks 
41•cross site scripting (XSS) prevention 
42•defenses against SQL injections 
43•XPath Injection Defenses 
44•problems that have not been solved yet 
45•General and technical Notes
46
47-------------------------------------------------------------------------------------------------------
48Security/privcy focused OSes with main security features
49
50
51Subgraph OS: security by kernal namespaces isolation, The kernel is patched with an unofficial port of grsecurity/PaX, Tor, Metaproxy is configured to redirect outgoing connections to the Tor network, dm-crypt, noscript, apparmor, Application firewall,MAC spoofing with Macouflage, seccomp-bpf whitelisting and blacklisting as part of Oz,most of subgraph is coded in golang,disguise's a user's IP address,prevent ISP spying,Prevent websites from identifying the user,Prevent malware from identifying the user,Circumvent censorship,Hide Tor use from network observers,uses Xpra to isolate X11. (https://subgraph.com/sgos/)
52
53
54
55
56Qubes OS: security by VM isolation, Qubes relys on Xen to enforce domain isolation rather then a monolithic kernal that has millions of lines of coding,LUKS, Whonix,firewall,DispVM template,Type 1 hypervisor,USB VM, secure copy and paste operations, secure copying and transfer of files, and PDF/image sanitization,Yubikey,each AppVM has it own local isolated dummy X server.The main X server that runs in Dom0 and that handles the real display is never exposed to any of the AppVMs directly,and if used with whonix you are able to:1.disguise's a user's IP address 2.prevent ISP spying 3.Prevent websites from identifying the user 4.Prevent malware from identifying the user, 5.Circumvent censorship,Qubes uses hardware memory
57virtualization (HVM) instead of paravirtualization (PV),the Qubes architecture has been reworked to make it more simple,and to add more features more easily for developers,comes with  SaltStack:allows administrators to easily configure their systems. 
58(https://www.qubes-os.org/)
59 
60
61
62
63
64OpenBSD: security by correctness, security by reduced code,  buffer overflows or integer overflows resistant, has the strlcpy and strlcat functions,PF ('firewall' - packet filter plus tools), OpenSSH, Reduced attack surface:no loadable modules, relatively few devices, Virtually no compat code, removed entire Bluetooth stack, Significantly less syscalls (e.g. 200+ syscalls less than FBSD) Cut support for some older architectures, Code Quality:int overflows/signedness bugs, as good as gone in most places,Guard pages,Address space randomization,chroot jail daemons run in restricted environment,ProPolice random stack gap inserted,uses LibreSSL,W^X,uses Doas ( Dedicated OpenBSD application subexecutor) instead of using something like sudo that uses a massive amount of code.
65(https://www.openbsd.org/)
66(https://news.ycombinator.com/item?id=9914693)
67(https://media.defcon.org/DEF%20CON%2025/DEF%20CON%2025%20presentations/DEFCON-25-Ilja-van-Sprundel-BSD-Kern-Vulns-UPDATED.pdf)
68
69
70
71
72
73
74Whonix: security by VM isolation, Tor ,uses apt-transport-tor for stream isolation,outgoing connections forced to go through Tor otherwise blocked, noscript,firewall, HTTPS everywhere,DNS leaks are impossible,replaces NTP with sdwdate, mechanism to disable Tor stacking,Malware with root privileges cannot discover the user's real IP address,Whonix is divided into two parts: Whonix-Workstation for work activities and Whonix-Gateway or proxy to enforce all Internet traffic routing via the Tor network. This security by isolation configuration averts many threats posed by malware, misbehaving applications, and user error,disguise's a user's IP address,prevent ISP spying,Prevent websites from identifying the user,Prevent malware from identifying the user,Circumvent censorship,Secure data transfer to and from a server with scp,Unobserved administration of servers via SSH,With the Whonix design, it is possible to "torify" applications which are not capable of proxy support by themselves,Hide Tor use from network observers,Hide installed software from network observers. (https://www.whonix.org/)
75
76
77
78
79
80Trusted End Node Security (TENS): security by reduced code, DNScrypt, does not mount a local hard drive, Administrator privileges are not required; nothing is installed,run entirely from the computer's RAM,firewall. (https://www.spi.dod.mil/download.htm)  (warning this site appears to not be using https)
81
82
83
84
85
86The Amnesic Incognito Live System (TAILS): Tor, MAC spoofing with macchanger, stream isolation,run entirely from the computer's RAM, LUKS, noscript, outgoing connections forced to go through Tor,firewall,disguise's a user's IP address,prevent ISP spying,Prevent websites from identifying the user,Prevent malware from identifying the user,Circumvent censorship. (https://tails.boum.org/)
87
88
89
90
91Alpine Linux:The kernel is patched with an unofficial port of grsecurity/PaX, and all userland binaries are compiled as Position Independent Executables (PIE) with stack smashing protection,run entirely from the computer's RAM, is built around musl libc and busybox.  (https://www.alpinelinux.org/about/)
92
93
94
95
96
97NOTES 
98
991.Tor helps to protects users by bouncing communications around a distributed network of relays run by volunteers all around the world. Without advanced, end-to-end, netflow correlation attacks, anybody watching a user's Internet connection cannot easily determine the sites visited, and those sites cannot learn the user's physical location.  (https://www.whonix.org/wiki/About)
100
101
102
103
1042.The public scrutiny of security by design has proven to be superior to security through obscurity.This principle asserts that systems must be secure, even if the adversary knows everything about how they work.  (https://www.whonix.org/wiki/Why_Whonix_is_Free_Software)
105
106
107
108
1093.The user is usually the weakess part in security,when it comes to lack of user knowledge in cyber security defenses and what not to do,thats why its important to know as much as you can about cyber security not just installing security software or updating your OS,but knowing how everything works. 
110
111
112
1134.In many parts of the globe, direct connections to the Tor network are censored. It is simple for censors to use technology to block connections, because it only requires maintenance of a real-time blacklist of all publicly known Tor (guard) relays and directory authorities.
114
115In order to try and solve this problem, the Tor project came up with the idea of making a proportion of Tor guard relays only available via relatively private channels. However, since these alternative guard relays ("vanilla bridges") use the same protocol to communicate with the Tor clients as normal guard relays, a censor can simply identify the Tor signature of the network connection and then block it.
116
117Tor developers have recognized that security by obscurity has failed many bridge users, because most are still blocked in repressive environments. This has led to the development of Pluggable Transports (PTs), which help to circumvent censorship by transforming the Tor traffic flow between the Tor client and the bridge so it appears to be "innocent" network traffic, instead of the actual Tor traffic.
118
119Unfortunately, traditional obfusticated bridges - obfs2, obfs3, obfs4 - still depend on censors being unaware of bridge information (like the IP address), which is still a security by obscurity approach. This allows aggressive censors to gradually block known obfusticated bridges by requesting the same information from the Tor Project BridgeDB, as any normal user would do. 
120
121potential solution:Unlike traditional bridges, meek_lite utilizes the concept of collateral freedom.meek_lite has recently proven to perform better in circumventing censorship than other methods. For example, during the 19th National Congress of the Communist Party of China held last month, meek was one of the few effective tools to bypass strengthened Internet censorship.  (https://www.whonix.org/blog/meek_lite-whonix-14)
122
123
124
125
126
127
1285.The privacy-oriented Linux distribution Tails  does not
129support MAC address randomization during network scans.
130Instead, it generates a (new) random MAC address at boot.
131This random address keeps the first 3 bytes of the original
132address, the Organization Unique Identifier (OUI), and
133only randomizes the last three bytes. While not as optimal
134as periodical address changes, it does prevent tracking over
135extended periods of time.
136
137(http://papers.mathyvanhoef.com/asiaccs2016.pdf)
138
139
140
141
142
1436.A zero day exploit is a cyber attack that occurs on the same day a weakness is discovered in software. At that point, it's exploited before a fix becomes available from its creator or maintainer. 
144(https://usa.kaspersky.com/resource-center/definitions/zero-day-exploit)
145
146
147
148
1497.Because the OpenBSD project is based in Canada, no United States export restrictions on cryptography apply, allowing the distribution to make full use of modern algorithms for encryption. Encryption can be found almost everywhere in the operating system, from file transfers to file systems to networking. Pseudo-random number generators are also included in OpenBSD, which ensures that random numbers cannot be predicted based on the system state. Other features include cryptographic hash functions, cryptographic transform libraries, and cryptographic hardware support. (https://www.ibm.com/developerworks/aix/library/au-openbsd.html)
150
151
152
153
154
1558.OpenBSD pioneered IPSEC in general, with IPSEC in the base system since OpenBSD 2.1 (1997)
156(https://home.nuug.no/~peter/openbsd_and_you/#15)
157                       
158
159
160 9.PF, the OpenBSD packet filter, debuted in OpenBSD 3.0 (December 1, 2001)
161
162    Replaced IPFilter (ipf) due to performance and licensing
163
164    High-performance packet filter with (essentially) human-readable config
165
166    Ported to several other systems (FreeBSD → macOS, iOS, NetBSD → Blackberry, OpenBSD → Solaris)
167(https://home.nuug.no/~peter/openbsd_and_you/#16)
168
169
170
171
17210.Most (probably all) OpenBSD developers run OpenBSD on their laptops.
173(https://home.nuug.no/~peter/openbsd_and_you/#25)
174
175
176
17711.Mitigations are inexpensive tweaks which increase the difficulty of performing attack methods.
178(https://www.openbsd.org/papers/bsdtw.pdf)
179
180
181
182
183--------------------------------------------------------------------------------------
184Virus & phishing detection  
185
186
187
188
189Malwarebytes Endpoint Security: Detects and removes zero-hour and known Trojans, worms, adware,spyware, and other malware,employs delete-on-reboot to remove persistent or deeply embedded malware,removes PUP (Potentially Unwanted Program),anti-ransomware technology,malicious website blocking,Real-time protection,Anti-rootkit,Maintains productivity by preserving system uptime and reducing the need for reimaging. Reduces the burden on the IT department,Identifies vulnerable endpoints and aggregates endpoint reporting. Includes XML logging in machine- and human-readable formats for robust analysis,Linking Engine:Signature-less technology that identifies and thoroughly removes all threat artifacts linked with the primary threat payload,Small system footprint.  
190(https://www.malwarebytes.com/business/endpointsecurity/)  
191(https://www.itcadence.net/services/cloud-security/)
192
193
194
195
196
197
198avast! Free: Provides on-access protection from viruses and other malware,Includes a "heuristics engine" to detect previously unknown threats,Includes real-time protection of files, email, web surfing, P2P transfers, instant messages, and even suspicious behavior.  
199(https://www.thebalance.com/avast-free-antivirus-2016-review-1356598)  
200(https://www.avast.com/en-us/free-antivirus-download)
201
202
203
204
205
206webroot secure anywhere: Can recover files encrypted by ransomware. Uses tiny amount of disk space. Very fast scan. Handles unknown malware. Includes firewall.Webroot's cloud-based servers maintain a giant database of known programs, good and bad.When Webroot encounters an unknown program, it sends detailed telemetry to HQ for analysis, and starts monitoring that program. Every action by the suspect gets journaled for possible rollback. Of course, some events can't be rolled back. Transmitting data to an outside source is one example. Webroot doesn't let an unknown program perform that sort of action,that means a valid unknown program might not be fully functional for a while. (https://webrootsupports.weebly.com/)
207
208
209
210
211
212RKhunter (Rootkit Hunter):  is a Unix-based tool that scans for rootkits, backdoors and possible local exploits. It does this by comparing SHA-1 hashes of important files with known good ones in online databases, searching for default directories (of rootkits), wrong permissions, hidden files, suspicious strings in kernel modules, and special tests for Linux and FreeBSD. (http://rkhunter.sourceforge.net/)  
213(https://en.wikipedia.org/wiki/Rkhunter)
214
215
216
217
218
219chkrootkit: locally checks for signs of a rootkit 
220(http://www.chkrootkit.org/)
221
222
223
224
225
226Rogue killer TKZY: is an anti-malware able to detect and remove generic malware and advanced threats like rootkits, rogues, worms.It also detects controversial programs (PUPs) as well as possible bad system modifications/corruptions (PUMs).  (https://www.adlice.com/download/roguekiller/) 
227
228
229
230
231
232
233virustotal: Analyze suspicious files and URLs to detect types of malware including viruses, worms, and trojans. File URL Search.  (https://www.virustotal.com/#/home/upload)
234
235
236
237
238
239urlscan.io: allows you to scan a website and analyze the resources it requests and the domains it contacts. Understand what your website is doing. 
240(https://urlscan.io/)
241
242
243
244UrlQuery.net: is a free online service for testing and analyzing URLs, helping with identification of malicious content on websites. The main focus of urlquery.net is to find and detect suspicious and malicious content on webpages, to help improve the security industry and make the internet a safer place.   
245(https://urlquery.net/about)
246
247
248
249CheckPhish.ai: AI Powered Real-time Phishing Detection system.
250(https://checkphish.ai/)
251
252
253phishcheck.me:  PhishCheck is designed to quickly gather the information required to investigate a suspicious website. Use PhishCheck to check what lies behind a suspicious URL. Our system will screenshot the website, gather information such as WHOIS, ASN, IP Address, IP Geolocation, and record all resources loaded by the website.
254(https://phishcheck.me/#features)
255
256
257
258Hybrid-Analysis.com: malware analysis service for the community that detects and analyzes unknown threats using a unique Hybrid Analysis technology,uses Payload Security's VxStream sandbox.
259(https://decentsecurity.com/#/malware-web-and-phishing-investigation/) 
260(https://www.hybrid-analysis.com/)
261
262
263
264Malwr.com: Shares reports and files publicly.
265(https://decentsecurity.com/#/malware-web-and-phishing-investigation/)
266
267
268
269
270NOTES
2711.Antivirus tools are actually worse than useless. In the case of sophisticated and targeted attacks, the antivirus software can serve as a pathway to exploiting a system's kernel, since they almost always run with administration level privileges.Polymorphic code and kernel rootkits or hardware rootkits essentially render antivirus products helpless.  (https://www.whonix.org/wiki/Malware)
272
273
274
2752.payloads can be completely obfuscated from antivirus detection, but the stub portion remains. The stub is a more difficult portion to obfuscate, because it must remain executable in order to properly perform its job of decrypting and running the original executable. Since the payload changes for each instance, antivirus signatures have to match on the stub portion in order to be able to match more than a single individual piece of malware.In order to obfuscate the stub program, a unique stub generator (USG) can be used. The generator might insert random data in certain unused locations of the stub. It might insert randomized executable operations that have no effect. It might substitute or reorder certain portions of the code. The USG attempts to create a stub that is both unique and that contains as small of an unchanging portion of code as possible to make signature creation more difficult.It is expected that a FUD product will have a relatively short useful lifespan before antivirus companies can reliably detect executables that have been created by it. 
276
277
278the next step in detecting malware is behavior- and reputation-based technologies not depending on signatures. If effective, tricks such as FUD cryptors may be made obsolete by improvements to behavior- and reputation-based detection. 
279(https://www.symantec.com/connect/blogs/fully-undetectable-cryptors-and-antivirus-detection-arms-race)
280
281
282
2833.cloud AVs 
284(https://www.blackhat.com/docs/us-17/thursday/us-17-Kotler-The-Adventures-Of-Av-And-The-Leaky-Sandbox.pdf) 
285
286
287
2884.reporting phishing websites tip:
289
290Right-click the link in the phishing email, and copy the hyperlink. Do not click the link, which is less useful to security companies.
291(https://decentsecurity.com/#/malware-web-and-phishing-investigation/)
292--------------------------------------------------------------------------------------------
293Domain Name System (DNS) security 
294
295
296Quad9: blocks against known malicious domains, preventing your computers and IoT devices from connecting malware or phishing sites. Whenever a Quad9 user clicks on a website link or types in an address into a web browser, Quad9 will check the site against the IBM X-Force threat intelligence database of over 40 billion analyzed web pages and images. Quad9 also taps feeds from 18 additional threat intelligence partners to block a large portion of the threats that present risk to end users and businesses alike.Quad9 also supports DNS over TLS on port 853 (the standard) using an auth name of dns.quad9.net. (https://www.quad9.net/#/about)
297
298
299
300
301Tenta DNS: is a modern, secure DNS alternative that supports both ICANN and OpenNIC roots, DNS over TLS and DNSSEC (DNS Security Extensions).Tenta is also written in Golang.
302(https://tenta.com/blog/post/2017/11/introducing-tenta-dns)
303
304
305
306Stubby:is an application that acts as a local DNS Privacy stub resolver (using DNS-over-TLS). Stubby encrypts DNS queries sent from a client machine (desktop or laptop) to a DNS Privacy resolver increasing end user privacy.
307(https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Daemon+-+Stubby)
308
309
310
311OpenDNS: Built-in identity theft protection,Restrict Internet access to specific white-listed domains for a "locked-down" environment, phishing protection and optional content filtering in addition to DNS lookup,By default, OpenDNS blocks Internet-scale bots from resolving for all OpenDNS users and provides more comprehensive malware site protection for OpenDNS Enterprise users. This means even if the virus has penetrated machines on your network, it is rendered useless because it cannot connect back to the Command and Control Callback.  When you're surfing normally and come across an infected websites, perhaps through ad content or a redirection on web page, OpenDNS will also block that connection from going through, which prevents you from becoming infected in the first place.
312(https://www.opendns.com/home-internet-security/)
313(https://support.opendns.com/hc/en-us/articles/227986707-Understanding-Malware-and-how-OpenDNS-helps)
314(https://en.wikipedia.org/wiki/OpenDNS)
315
316
317
318
319DNScrypt: Encrypts DNS traffic between the user and OpenDNS, preventing any spying, spoofing or man-in-the-middle attacks,uses elliptic-curve cryptography, in particular the Curve25519.
320(UPDATE:This project was taken offline by its creator and maintainer Frank Denis on the 6th December 2018, after announcing in November 2017 that the project needs a new maintainer.)
321(https://www.opendns.com/about/innovations/dnscrypt/)
322(https://github.com/dyne/dnscrypt-proxy/blob/master/README.markdown)
323
324
325
326DNSSEC: vulnerabilities in the DNS combined with technological advances have greatly reduced the time it takes an attacker to hijack any step of the DNS lookup process and thereby take over control of a session to, for example, direct users to their own deceptive Web sites for account and password collection. The only long-term solution to this vulnerability
327is the end-to-end-deployment of a security protocol called DNS Security Extensions – or DNSSEC.In order to eliminate the vulnerability from the Internet, it must be deployed at each step in the lookup from root zone to final domain name (e.g., www.icann.org). Signing the root (deploying DNSSEC on the root zone) is a necessary step in this overall process.Most importantly it does not encrypt data. It just attests to the validity of the address of the site you visit.
328(https://www.icann.org/resources/pages/dnssec-qaa-2014-01-29-en)
329
330
331
332
333DNS over TLS: Encryption provided by TLS eliminates  opportunities for eavesdropping and on-path tampering with DNS
334queries in the network.  
335(https://tools.ietf.org/html/rfc7858)
336
337
338
339
340NOTES 
3411.onion services don't use the insecure Domain Name System (DNS), which means there is no organization like ICANN to oversee a single root registry of onion addresses or to handle ownership dispute resolution of onion addresses. Instead, onion services get strong authentication from using self-authenticating addresses: the address itself is a cryptographic proof of the identity of the onion service. When a client visits an onion service, Tor verifies its identity by using the address as ground truth. (always use  onion addresses on tor) 
342(https://blog.torproject.org/cooking-onions-names-your-onions)
343
344
3452.DNSCrypt provides a panacea to the woes plaguing DNS. It encrypts both the question and answer, making them invisible to snoopers. It also effectively signs the message, so you know that the server you contacted really sent the answer and not an impostor. It's as if someone blocked out the messages on your postcard and the postcard you receive back includes a signature.
346
347Although DNSCrypt provides a significant security advantage, it comes with other disadvantages:
348
349Not completely encrypted: Even though the domain requested (question) and IP address (answer) is hidden, the complete process is not obfuscated. The total number of questions, their relative size and more remain available. Furthermore, it remains trivial to identify that you are, in fact, performing DNS resolution. 
350
351Complex and not well supported: In the world of encryption, it's always safer to go with standardized protocols that have gone through a rigorous review process. Unfortunately DNSCrypt has not been standardized yet, and some of the ways it uses cryptography are unusual. 
352
353Hard to use: Because DNSCrypt isn't standardized, very few programs natively support it, requiring users to download and configure helper applications, significantly increasing the difficulty of use and risk of misconfiguration. 
354(https://tenta.com/blog/post/2017/12/dns-over-tls-vs-dnscrypt)
355
356
357
3583.DNS over TLS takes a completely different approach, establishing a fully encrypted tunnel between your computer and the DNS server. Rather than sending requests in the clear, with just the critical data encrypted, the whole connection is encrypted. Furthermore, since TLS is the encryption protocol used to secure almost all other internet services, the technology is well understood and constantly improved. 
359(https://tenta.com/blog/post/2017/12/dns-over-tls-vs-dnscrypt)
360
361--------------------------------------------------------------------------------------------------------
362Browser security/privacy Add-ons
363
364
365HTTPS everywhere: HTTPS Everywhere is a Firefox, Chrome, and Opera extension that encrypts your communications with many major websites, making your browsing more secure. Many sites on the web offer some limited support for encryption over HTTPS, but make it difficult to use. For instance, they may default to unencrypted HTTP, or fill encrypted pages with links that go back to the unencrypted site. The HTTPS Everywhere extension fixes these problems by using clever technology.
366(https://www.eff.org/https-everywhere)
367
368
369Noscript: The NoScript Firefox extension provides extra protection for Firefox, Seamonkey and other mozilla-based browsers: this free, open source add-on allows JavaScript, Java, Flash and other plugins to be executed only by trusted web sites of your choice.NoScript also provides the most powerful anti-XSS and anti-Clickjacking protection ever available in a browser.NoScript's unique whitelist based pre-emptive script blocking approach prevents exploitation of security vulnerabilities (known, such as Meltdown or Spectre, and even not known yet!) with no loss of functionality.
370(https://noscript.net/)
371
372
373WOT: Ensure your internet safety. WOT secures you against scams, malware, rogue web stores and dangerous links.If you land on a site that has poor reputation based on user ratings, WOT shows you a warning. WOT guides you, but the final decision is yours: you can skip the warning and enter the site, or return to the previous page.
374(https://www.mywot.com/)
375
376
377Ghostery: helps you browse smarter by giving you control over ads and tracking technologies to speed up page loads, eliminate clutter, and protect your data.
378(https://www.ghostery.com/) 
379
380
381Ublock Origin: uBlock Origin is NOT an "ad blocker": it is a wide-spectrum blocker -- which happens to be able to function as a mere "ad blocker". The default behavior of uBlock Origin when newly installed is to block ads, trackers and malware sites -- through EasyList, EasyPrivacy, Peter Lowe’s ad/tracking/malware servers, various lists of malware sites, and uBlock Origin's own filter lists. 
382(https://github.com/gorhill/uBlock/)
383
384
385Privacy Badger: is a browser add-on that stops advertisers and other third-party trackers from secretly tracking where you go and what pages you look at on the web.  If an advertiser seems to be tracking you across multiple websites without your permission, Privacy Badger automatically blocks that advertiser from loading any more content in your browser.  To the advertiser, it's like you suddenly disappeared.Privacy Badger was born out of our desire to be able to recommend a single extension that would automatically analyze and block any tracker or ad that violated the principle of user consent; which could function well without any settings, knowledge, or configuration by the user; which is produced by an organization that is unambiguously working for its users rather than for advertisers; and which uses algorithmic methods to decide what is and isn't tracking. Although we like Disconnect, Adblock Plus, Ghostery and similar products (in fact Privacy Badger is based on the ABP code!), none of them are exactly what we were looking for. In our testing, all of them required some custom configuration to block non-consensual trackers. Several of these extensions have business models that we weren't entirely comfortable with.
386(https://www.eff.org/privacybadger)
387
388
389
390User Agent Switcher: can quickly and easily changes your browser's user-agent. There are 26 popular user-agent strings to choose from!
391(https://addons.mozilla.org/en-US/firefox/addon/user-agent-switcher-revived/)
392
393
394
395
396NOTES 
3971.HTTPS Everywhere can protect you only when you're using sites that support HTTPS and for which HTTPS Everywhere include a ruleset. 
398(https://www.eff.org/https-everywhere)
399
400
4012.The SSL Observatory is a feature in HTTPS Everywhere introduced in version 2.0.1 which analyzes public key certificates to determine if certificate authorities have been compromised,and if the user is vulnerable to man-in-the-middle attacks.
402(https://en.wikipedia.org/wiki/HTTPS_Everywhere)
403
404
4053.In HTTPS, the communication protocol is encrypted by Transport Layer Security (TLS), or formerly, its predecessor, Secure Sockets Layer (SSL). The protocol is therefore also often referred to as HTTP over TLS,or HTTP over SSL.
406(https://en.wikipedia.org/wiki/HTTPS)
407--------------------------------------------------------------------------------------------------------
408 security/privacy/anonymity focused  email providers
409
410
411Riseup.net: Our physical servers are protected in ways that do not allow anyone other than Riseup to access them. They are not hosted “in the cloud”. As an additional measure, all of our servers use full disk encryption that can only be unlocked by Riseup. Additionally, all communications between our servers is also always encrypted.Your e-mails are encrypted individually on our servers, and can only be unlocked and read using your password. This means that Riseup does not have the ability to read your stored emails. Encryption of incoming email is automatic, and only when you login does the mail become decrypted so it can be read. This takes place on the server, which then becomes temporarily trusted while you are authenticated. Because of this feature, your password is critical to your data. If you lose your password, and recovery code, you will not be able to access your account, nor will anyone be able to decrypt your emails.We provide Tor Onion Services (Hidden Services) in case you need to increase your anonymity or circumvent possible blocks to our services.If you send an email to another activist email provider, it will be delivered over Tor Onion Services. This type of relay of email messages protects against traffic correlation and metadata analysis that is possible under normal email delivery. Metadata of who is communicating with whom can be extremely sensitive. In the words of former CIA directory Michael Hayden, “we kill people based on metadata”. We are working to increase participation in this Tor-based email delivery network, and the above list will only increase as time goes on.When you send email with Riseup, your internet address (IP address) is not embedded in the email. With most corporate email providers, anyone who receives your email can figure out your approximate physical location from the internet address included in the email.Our commitment is to keep as little data on you as we can. Unlike corporate providers, we do not log internet addresses of anyone using Riseup services, including email.
412(https://riseup.net/en/email)
413
414
415
416
417
418Protonmail: Messages are stored on ProtonMail servers in encrypted format. They are also transmitted in encrypted format between our servers and user devices. Messages between ProtonMail users are also transmitted in encrypted form within our secure server network. Because data is encrypted at all steps, the risk of message interception is largely eliminated.ProtonMail's zero access architecture means that your data is encrypted in a way that makes it inaccessible to us. Data is encrypted on the client side using an encryption key that we do not have access to. This means we don't have the technical ability to decrypt your messages, and as a result, we are unable to hand your data over to third parties. With ProtonMail, privacy isn't just a promise, it is mathematically ensured. For this reason, we are also unable to do data recovery. If you forget your password, we cannot recover your data.We use only secure implementations of AES, RSA, along with OpenPGP. Furthermore, all of the cryptographic libraries we use are open source. By using open source libraries, we can guarantee that the encryption algorithms we are using do not have clandestinely built in back doors. ProtonMail's open source software has been thoroughly vetted by security experts from around the world to ensure the highest levels of protection.We have invested heavily in owning and controlling our own server hardware at several locations within Switzerland so your data never goes to the cloud. Our primary datacenter is located under 1000 meters of granite rock in a heavily guarded bunker which can survive a nuclear attack. This provides an extra layer of protection by ensuring your encrypted emails are not easily accessible to any third parties. On a system level, our servers utilize fully encrypted hard disks with multiple password layers so data security is preserved even if our hardware is seized.Unlike competing services, we do not save any tracking information. By default, we do not record metadata such as the IP addresses used to log into accounts. As we have no way to read encrypted emails, we do not serve targeted advertisements. To protect user privacy, ProtonMail does not require any personally identifiable information to register.
419(https://protonmail.com/security-details)
420
421
422
423
424Mozilla Thunderbird: The Activity Manager records all the interactions between Thunderbird and your email provider in one place. There’s no more guess work. You only have to look in one place to see everything that’s happening with your email.Thunderbird offers support for user privacy and remote image protection. To ensure a user’s privacy, Thunderbird automatically blocks remote images in email messages.Thunderbird also supports the Do Not Track option. This is associated with Search the Web, but can also be used in other requests for web pages enabled by add-ons.Thunderbird protects you from email scams which try to trick users into handing over personal and confidential information by indicating when a message is a potential phishing attempt. As a second line of defense, Thunderbird warns you when you click on a link which appears to be taking you to a different Web site than the one indicated by the URL in the message.Thunderbird’s update system checks to see if you’re running the latest version, and notifies you when a security update is available. These security updates are small (usually 200KB - 700KB), giving you only what you need and making the security update quick to download and install. Thunderbird’s popular junk mail tools have been updated to stay ahead of spam. Each email you receive passes through Thunderbird’s leading-edge junk mail filters. Each time you mark messages as spam, Thunderbird "learns" and improves its filtering so you can spend more time reading the mail that matters. Thunderbird can also use your mail provider’s spam filters to keep junk mail out of your inbox.At the heart of Thunderbird is an open source development process driven by thousands of passionate, experienced developers and security experts spread all over the world.  
425(here are some good add-ons for Thunderbird: TorBirdy and Enigmail,another good encryption plugin is Off-the-Record (OTR) and I2P-Bote.)
426(https://www.mozilla.org/en-US/thunderbird/features/)
427(https://thetinhat.com/tutorials/messaging/i2p-bote-thunderbird.html)
428
429
430
431
432I2P-Bote:  The main component which embeds security into I2P-Bote is the way in which it employs encryption. Like e-mail, when sending a message to someone over I2P-Bote the sender enters in the receivers address. However, unlike email where the address looks like david@thetinhat.com, I2P-Bote uses cryptographic keys as destinations, which are random numbers and letters. Essentially what this means is that when you send a message to a friend over I2P-Bote you enter in their destination (a long string of random characters), and because their destination is also their public key the email is automatically encrypted using that public key. Therefore, end-to-end encryption is the default in I2P-Bote, and no clear-text messages are ever sent or stored. Moreover, unlike standard email which exposes a large amount of information in the header, mail sent over I2P-Bote sanitizes the headers, removing any gratuitous information, and encrypting whatever remains (such as the subject line).Standard email services are centralized. When a three-letter agency decides to attack one of them (Lavabit) it usually succeeds, causing users to lose their email service, lose access to their previous emails, and have the privacy of those emails compromised. This isn't a problem with I2P-Bote. As mentioned previously, I2P-Bote is decentralized and stores messages in a Distributed Hash Table (DHT). In simple english, this basically means that messages are stored in a database that is spread across I2P-Bote users, making it so that there is no clear target for attack. The messages remain in this hash table for 100 days, during which the recipient is able to download them. The added benefit of storing the messages throughout the network is that it obfuscates your use of I2P-Bote.
433(https://thetinhat.com/tutorials/messaging/i2pbote.html)
434
435
436
437
438
439
440
441
442
443
444BitMessage: is a Peer-to-peer (P2P) asynchronous communications protocol used to send encrypted messages to another person or to many subscribers.It is decentralized and trustless, meaning that you need-not inherently trust any entities like root certificate authorities. It uses strong self-authenticating Bitcoin style addresses which means that the sender of a message cannot be spoofed. Messages for offline recipients are stored for up to 28 days before being deleted. It relies on Proof-of-Work to prevent spamming.BitMessage hides sender/recipient metadata by broadcasting everybody's messages to everybody, acting as a simple private information retrieval (PIR) system.
445(https://www.whonix.org/wiki/E-Mail) 
446
447
448
449
450
451
452NOTES
4531.Use split-GPG for email to reduce the risk of key theft used for encryption / decryption and signing.
454(https://www.whonix.org/wiki/System_Hardening_Checklist#Email)
455
456
4572.Create an AppVM that is exclusively used for email and change the VM's firewall settings to only allow network connections to the email server and nothing else ("Deny network access except...").
458(https://www.whonix.org/wiki/System_Hardening_Checklist#Email)
459
460
4613.Only open untrusted email attachments in a DisposableVM to prevent possible infection. 
462(https://www.whonix.org/wiki/System_Hardening_Checklist#Email)
463
464
4654.Although RiseUp is a secure email service managed by trustworthy advocates of Internet privacy and security, an unusual email service may attract unwarranted attention. It might make more sense in some situations, to blend in by using a popular email service in your country.
466(https://securityinabox.org/en/guide/riseup/web/)
467
468
4695.One of the big issues is that it isn't easy to know whether a message sent to another ProtonMail user is being encrypted to the recipient’s correct public key, which is stored on ProtonMail’s keyserver. For example, if Alice sends Bob a message encrypted to his public key, it's harder for anyone else to read the message. But since ProtonMail distributes the encryption keys to users, it has the technical ability to give Alice its own keys in addition to Bob’s, thus encrypting the messages in a way that would allow it to eavesdrop.This problem is not unique to ProtonMail, says Joseph Bonneau, a technology fellow at the Electronic Frontier Foundation. Apple's iMessage and the now-encrypted WhatsApp have the same flaw. (Services like TextSecure, Silent Circle, and Threema, on the other hand, allow users to verify fingerprints to assure that they have the proper keys for one another, thus mitigating that threat.)Thats why its recommanded to use split-GPG with Protonmail.
470(https://www.wired.com/2015/10/mr-robot-uses-protonmail-still-isnt-fully-secure/)
471
472
473
4746.Email identities were really easy to spoof back in the 90s and early 2000s. Changing the “From” header field was enough to make friends believe an email came from their mother, significant other, or even the FBI. There were websites specially made for this purpose.However, those tricks no longer work thanks to anti-spoofing protections such as DMARC (DKIM / SPF) and anti-spam filters. Today, emails with a spoofed “From” field either go to the spam folder or are completely rejected by the server.Email usage is higher than ever and email is used for everything – from tracking parcels to sharing sensitive data. Unfortunately email is already not a very secure way to communicate.We’ve seen a lot of malware spreading via emails, relying on social engineering techniques to convince users to open unsafe attachments, or click on phishing links. The rise of ransomware distributed over email clearly demonstrates the effectivity of those mechanisms.
475(https://www.mailsploit.com/index)
476
477
478
4797.list of email providers vulnerable to mailsploit:  https://docs.google.com/spreadsheets/d/1jkb_ZybbAoUA43K902lL-sB7c1HMQ78-fhQ8nowJCQk/edit#gid=0
480
481
4828.Web links in email messages are often fraudulent. To be safe, you should retype the link rather than clicking on it. Also, be careful about misspellings, like riseupp.net instead of riseup.net
483(https://riseup.net/en/email)
484
485--------------------------------------------------------------------------------------------------------
486security/privacy focus Search Engines 
487
488
489
490DuckDuckgo: is an Internet search engine that emphasizes protecting searchers' privacy and avoiding the filter bubble of personalized search results. DuckDuckGo distinguishes itself from other search engines by not profiling its users and by deliberately showing all users the same search results for a given search term. DuckDuckGo emphasizes returning the best results, rather than the most results, and generates those results from over 400 individual sources, including key crowdsourced sites such as Wikipedia, and other search engines like Bing, Yahoo!, Yandex, and Yummly. 
491(https://en.wikipedia.org/wiki/DuckDuckGo)
492(https://duckduckgo.com/)
493
494
495Startpage:Ixquick launched Startpage.com to offer its service at a URL that is both easier to remember and spell, and in contrast to ixquick.eu, fetches results from the Google search engine. This is done without saving the users' IP addresses or giving any personal user information to Google's servers.
496(https://en.wikipedia.org/wiki/Ixquick#Startpage.com) 
497(https://www.startpage.com/)
498
499
500
501 Disconnect Search: lets users searching on Google, Bing and Yahoo, as well as Blekko and DuckDuckGo, remain private while doing so.
502(https://techcrunch.com/2013/10/07/disconnect-search-built-by-ex-google-and-ex-nsa-engineers-lets-you-use-google-bing-and-yahoo-without-tracking/)
503(https://search.disconnect.me/)
504
505
506NOTES
5071.Prior to the release of Tor Browser version 4.5, Startpage.com was its default search engine.
508(https://en.wikipedia.org/wiki/Ixquick)
509
510--------------------------------------------------------------------------------------------------------
511Anti-keyloggers 
512
513
514Zemana AntiLogger:Using anti SSL hijacking technology, Zemana AntiLogger shuts down malicious activity before it can even affect your PC. Zemana looks out for all different types of keylogger threat, from webcam to clipboard. It blocks hackers’ ability to turn on your webcam or microphone remotely, or to get information from your private VoIP calls and video chats. It stops keyloggers accessing data on the clipboard, and on the screen through screen capture.It’s the cloud-based technology that helps protect your machine from keyloggers. This system, called IntelliGuard, is always on and it doesn’t simply rely on known definitions but includes access to information on the most current keylogging malware in over 50 malware databases. In addition, Zemana can prevent the risk associated with stealth malware and purposefully installed spyware or keylogger software.
515(http://www.comparedandreviewed.com/anti-keylogger-software/zemana-antilogger/review)
516(https://www.zemana.com/en-US/AntiLogger) 
517
518
519
520
521
522KeyScrambler: encrypts your keystrokes deep in the kernel, as they enter the computer.It then decrypts the keystrokes in the destination application, so you see exactly the keys you’ve typed.Whatever keylogger might be waiting along the crucial path in the operating system has only the encrypted keys – “scrambled” and indecipherable – to record.
523(https://www.technorms.com/830/protect-yourself-from-keyloggers-with-keyscrambler)
524
525
526
527NOTES 
5281.Using a virtual keyboard can help protect against hardware-based keyloggers.Keylogger programs are designed to monitor user's physical key strokes to record passwords, usernames and other vital information. Virtual keyboard allow users to circumvent this security vulnerability, by letting the user enter their password using the mouse.Assuming the keylogger is not capturing the location of the mouse on the screen,and capturing a screenshot image of the screen, or just the area around the mouse pointer,a virtual keyboard can help against a hardware-based keylogger, but keep in mind they are not effective at protecting you from software-based keyloggers.
529(https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/)
530
531
5322.Installing a keylogger onto a PC is a relatively simple procedure. Although antivirus and anti spyware software protect you from such programs, but newly designed keyloggers may slip past them and get installed on your PC, along with other unsuspecting software.
533(https://www.technorms.com/830/protect-yourself-from-keyloggers-with-keyscrambler)
534
535
5363.Perhaps the most important concept to remember here is that keyloggers are just another form of malware.
537(https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/)
538
539--------------------------------------------------------------------------------------------------------
540Firewalls 
541
542
543
544Next Generation Firewall (by check point): Identify, allow, block or limit usage of applications, and features within them,Enable safe Internet use while protecting against threats and malware,Leverage the world's largest application library with more than 6,600 web 2.0 applications,Create granular policy definitions per user and group,Reap the benefits of application control and intrusion protection (IPS), as well as extensibility support for additional security capabilities,To help you make sense out of your security event data, we included SmartLog, an advanced log analyzer that delivers split-second search results providing real-time visibility into billions of log records over multiple time periods and domains.Great security involves limiting and tracking access to sensitive data and resources. With the Next Generation Firewall, your administrators get detailed visibility into the users, groups, applications, machines and connection types on your network so they can assign permissions to the right users and devices. The firewall makes it easy and cost-effective to enforce security policy, giving granular permission control over these entities; this results in superior protection across the entire security gateway. 
545(https://www.checkpoint.com/products/next-generation-firewall/)
546
547
548
549Barracuda NextGen Firewall F-Series (NGF): Layer 7 application profiling, intrusion prevention, web filtering, malware and advanced threat protection, antispam protection, and network access control,F-Series combines highly resilient VPN technology with intelligent traffic management and WAN optimization capabilities,Deploy Barracuda NextGen Firewall F the way you want it: Physical, virtual, or in the cloud,F-Series cloud-ready firewalls are ideal for multi-site enterprises, managed service providers, and other organizations with complex, dispersed network infrastructures,your organization faces zero-hour malware exploits and advanced persistent threats that routinely bypass traditional, signature-based IPS and antivirus engines. Barracuda Advanced Threat Protection gives your security infrastructure the ability to identify and block new, sophisticated threats-without affecting network performance and throughput.
550(https://www.barracuda.com/products/nextgenfirewall_f)
551
552
553
554IPFire:  Updates are digitally signed and encrypted, as well as can be automatically installed by Pakfire (the IPFire package management system). Since IPFire 2.15, the IPFire Linux kernel is patched with the grsecurity patchset, which pro-actively hardens the kernel against various forms of attacks. Most importantly, it protects from zero-day exploits by eliminating entire bug classes and exploit vectors. It makes stack buffer overflows almost impossible to exploit and comes with strict access controls, that make it harder for attackers to cause harm to the system. IPFire employs a Stateful Packet Inspection (SPI) firewall, which is built on top of netfilter (the Linux packet filtering framework),the firewall can be used to control outbound Internet access from any segment,SquidGuard is a URL filter add-on which is connected via the redirector mechanism of the proxy.The package manager Pakfire offers the addon SquidClamAV - a virus scanner for the web proxy. This checks in real-time all web traffic for viruses, utilizing the ClamAV virus definitions and scanning engine.IPFire is also able to use various random hardware number generators to seed the kernel's entropy pool.In contrast to SSL-VPNs, IPsec is hard to set-up. In IPFire, we thought about how to make this technology easy-to-use and as a result, there is a web user interface that handles all settings and takes care of the rest of the configuration for you.It also keeps the tunnels alive and re-establishes them automatically after a remote site has lost the connection.If someone scans the ports of the IPFire-System to see which services are available, the IDS will immediately notice it.
555(https://www.ipfire.org/features)
556
557
558
559Smoothwall Express: supports,Outbound filtering,Timed access,Traffic stats, including per interface and per IP totals for weeks and months,IDS via automatically updated Snort rules,List of bad IP addresses to block,Responsive web interface using AJAX techniques to provide realtime information,Log viewers for all major sub-systems and firewall activity.
560(http://www.smoothwall.org/about/express-feature-list/)
561
562
563
564
565Berkeley Packet Filter (BPF): BPF supports filtering packets, allowing a userspace process to supply a filter program that specifies which packets it wants to receive.Able to filter packets at the kernel level . BPF was designed to be indepented,as such it treats the packets as raw buffers.Each BPF filter is verified before attaching it to a socket.the filter must not contain references or jumps that are out of range,the filter must contain only valid BPF opcodes,the flilter must end with RET opcode,all jumps are forward-loops are not allowed
566(https://en.wikipedia.org/wiki/Berkeley_Packet_Filter)
567(https://www.slideshare.net/kerneltlv/berkeley-packet-filters)
568
569
570
571NOTES
5721.Network intrusion detection systems rely on one, or more means of traffic analysis in order to determine whether or not a given stream of network traffic is suspicious. Network analysts, and system administrators can make use of stateless traffic filters to help them understand what is going on inside of their network(s), where such filters can be used for traffic inspection, filtering, and shaping.
573
574Packets can be filtered based on physical characteristics of the packet header (i.e. the signature) or based on one or more heuristics which would flag the packet as anomalous.   
575(http://tylerfisher.org/bpf/)
576
577
578
579
580
5812.If your firewall works by blocking ports, then you can tell Tor to only use the ports when you start your Tor Browser. Or you can add the ports that your firewall permits by adding "FascistFirewall 1" to your torrc configuration file. By default, when you set this Tor assumes that your firewall allows only port 80 and port 443 (HTTP and HTTPS respectively). You can select a different set of ports with the FirewallPorts torrc option.
582
583
584
585
5863.In complete and utter disregard for the IETF, unused network ports should provide no response even via ICMP. ICMP should be disabled as far as possible.   
587 (https://www.quora.com/What-desktop-OS-kernel-is-the-most-hardened-the-most-unhackable) 
588
589
590
591
5924.port security scan: (https://www.speedguide.net/scan.php)
593
594
595
5965.Another good port scanner: (https://www.grc.com/x/ne.dll?rh1dkyd2)
597
598
599--------------------------------------------------------------------------------------------------------
600DDoS mitigations
601
602Imperva Incapsula: offers comprehensive protection to mitigate any types of DDoS attacks from layer 3, 4 & 7.Features include but not limited to:TCP SYN+ACK, FIN, RESET, ACK, ACK+PSH, Fragment,UDP,Slowloris,Spoofing,ICMP,IGCP,HTTP, connection, DNS flood,Brute force,NXDomain,Ping of death,and more.
603(https://geekflare.com/ddos-protection-service/)
604(https://www.incapsula.com/)
605
606DDoS Deflate: is a lightweight bash shell script designed to assist in the process of blocking a denial of service attack. It utilizes the command below to create a list of IP addresses connected to the server, along with their total number of connections. It is one of the simplest and easiest to install solutions at the software level,and its open sourced.
607(https://github.com/jgmdev/ddos-deflate)
608
609
610Apache mod_evasive module: is an evasive maneuvers module for Apache to provide evasive action in the event of an HTTP DoS or DDoS attack or brute force attack. It is also designed to be a detection tool, and can be easily configured to talk to ipchains, firewalls, routers, and etcetera,and its open sourced.
611(https://github.com/shivaas/mod_evasive)
612
613
614FastNetMon: A high performance DoS/DDoS load analyzer built on top of multiple packet capture engines (NetFlow, IPFIX, sFlow, SnabbSwitch, netmap, PF_RING, PCAP).We detect hosts in the deployed network sending or receiving large volumes of traffic, packets/bytes/flows, per second and perform a configurable action to handle that event. These configurable actions include notifying you, switching off the server, or blackholing the client,and its open sourced.
615(https://github.com/pavel-odintsov/fastnetmon)
616
617
618
619--------------------------------------------------------------------------------------------------------
620memory protection (memory corruption,userland memory protection,direct memory access (DMA),Return Oriented Programming (ROP),heap protection,Metadata protection etc.) 
621
622
623
624MAT - Metadata Anonymisation Toolkit 
625
626Why MAT is not the ultimate solution?
627Mat only removes metadata from your files, it does not anonymise their content, nor handle watermarking, steganography, or any overly customized metadata field/system. Also please note that MAT does its best to scrub as much metadata as possible, it's not really efficient at scrubbing embedded media inside complex formats. For examples, images embedded inside PDF may not be cleaned. 
628(https://mat.boum.org/)
629
630
631
632
633ptmalloc2: was forked from dlmalloc.During early days of linux, dlmalloc was used as the default memory allocator. But later due to ptmalloc2’s threading support, it became the default memory allocator for linux. has undergone several recent changes as of version 2.3.4 it contains numerous security enhancements,increasing the difficulty of exploiting heap corruption vulnerabilities. The glibc heap now contains safe unlinking, and a bunch of other features that raise the bar of exploitation significantly, however, these changes are still relatively minor - and are quite different from the fundamental changes that OpenBSD is making. 
634(https://sploitfun.wordpress.com/2015/02/10/understanding-glibc-malloc/)
635
636
637
638phkmalloc:if you're running one of the BSDs, you're probably running phkmalloc.In practice, phkmalloc has been a little bit more difficult to exploit, though I don't think that this was so much an intentional feature as much as a side effect of the algorithm. It will suffice to say that the two algorithms are distinct and different.
639(https://www.securityfocus.com/columnists/359)
640
641
642
643phkmalloc vs ptmalloc2:Fundamentally, they're both trying to solve the same problems, and both of them are quite effective - I certainly don't want to downplay the effects of the recent changes to ptmalloc2. Perhaps the only fundamental difference between the two, from the perspective of an end-user, is that the OpenBSD implementation will do a better job of preventing heap exploitation through heap data corruption (as opposed to heap management data corruption - sorry if the difference between the two isn't obvious), and the OpenBSD implementation will complain loudly (crash) almost every time there is a problem.
644(https://www.securityfocus.com/columnists/359)
645
646
647
648Malloc hardening: significant randomness, object rotation, meta-data protection, double-free and use-after-free detection, heapoverflow detection, …
649(https://www.openbsd.org/papers/bsdtw.pdf)
650
651
652
653PartitionAlloc: Part of the Google Chrome web browser. It has an out-of-line metadata design such that heap metadata is partitioned or guard paged off from the calling program's buffers. The notable exception, shared with tcmalloc, is freelist pointers, which occupy the freed slots. In PartitionAlloc, freelist pointers are transformed so that dereferencing them faults, and partial pointer overwrites are thwarted.While writing PartitionAlloc, strictly protected heap metadata was a goal. After all, if the metadata is naturally guarded with guard pages then there's less need for code defenses which are trying to detect and stop bad side effects from metadata corruption. Simplicity wins.However, there's an interesting interaction with single byte overflows that provides pause for thought and philosophizing.With an out-of-line metadata design, a single byte overflow off the end of a chunk will hit the first byte of some other chunk. Depending on the different object types that could be in the adjacent chunk, that's potentially a lot of possibilities for the attacker to explore.
654
655
656
657
658
659Address space layout randomization (ASLR):Attackers are able to a priori pick the right code pieces because parts of the code image of the vulnerable application remain static across different installations. Address space layout randomization (ASLR)  is meant to prevent this kind of code reuse by randomizing the locations of the executable segments of a running
660process. However, in both Linux and Windows, parts of the address space do not change due to executables
661with fixed load addresses, or shared libraries incompatible with ASLR. Furthermore, in some
662exploits, the base address of a DLL can be either calculated dynamically through a leaked pointer,
663or brute-forced.
664
665
666
667
668Selfrando:randomizes Tor browser code to ensure that an attacker doesn't know where the code is on your computer. This makes it much harder for someone to construct a reliable attack--and harder for them to use a flaw in your Tor Browser to de-anonymize you.Software written in C and C++ is exposed to exploitation of memory corruption. Compilers and operating systems include various exploit mitigation mechanisms that prevent certain offensive techniques. Unfortunately, standard mitigations lag behind the offensive techniques used in exploits against browsers, servers, and other frequently targeted software and do not stop a well-resourced adversary.selfrando can be used to harden your software beyond what is possible with current mitigations. Inspired by biodiversity in nature and existing randomizing defenses, selfrando varies the attack surface, i.e., the code layout, by randomizing each function separately. This makes exploit writing harder and increases resilience to information leakage relative to traditional address space layout randomization (ASLR) techniques.
669
670
671
672
673
674RELRO:Hardens ELF programs against loader memory area overwrites by having the loader mark any areas of the relocation table as read-only for any symbols resolved at load-time ("read-only relocations"). This reduces the area of possible GOT-overwrite-style memory corruption attacks. (included in gresecurity)
675
676
677
678
679PAX_USERCOPY:kills heap overflow bug when the memory copy occurs between userspace and kernel space in either direction. The 1st version developed by Spender in 2009 and added into PaX later. HARDENED_USERCOPY is part of PAX_USERCOPY being ported to linux kernel in v4.8.
680
681
682
683
684
685KERNEXEC (included in gresecurity): prevents the kernel from executing data that is writable (including userland data). So modifying the IDT would be mitigated as well.
686(http://blog.siphos.be/2013/05/looking-at-the-local-linux-kernel-privilege-escalation/) 
687
688
689
690
691
692UDEREF stronger than Supervisor Mode Access Prevention (SMAP) (included in gresecurity): The kernel will not de-reference userland pointers in contexts where it expects only kernel pointers. This feature cannot be disabled while the kernel is running.  
693(https://wiki.gentoo.org/wiki/Hardened/PaX_Quickstart)
694
695
696
697
698KERNSEAL (included in gresecurity)
699
700
701
702
703STRUCTGUARD  (included in gresecurity) 
704
705
706
707
708
709Reuse Attack Protector (RAP):RAP is the state of the art in CFI defense and is a ROP mitigation technique,RAP's tags don't depend on the secrecy of the tag values themselves,neither kbouncer nor code randomization can do anything about function pointer hijacking -- RAP ensures that a function pointer can only be used to call a real function, not a gadget, and only a function whose type matches the type hash identified during compile time,and thanks to RAP,Stack Smashing Protector (SSP) is no longer needed.(included in gresecurity) 
710
711
712
713
714
715kBouncer:an efficient and fully transparent ROP mitigation technique that does not requires source code or debug symbols. kBouncer is based on runtime detection of abnormal control transfers using hardware features found on commodity processors. Issues:kbouncer applies its checks using the expensive LBR stack. It's thus only able to apply the checks to the system API level (and then generally only to a subset of those functions, as done in the kbouncer implementation in EMET) to maintain adequate performance. The LBR stack is also limited in size, limiting the call depth that kbouncer can reasonably validate. 
716
717
718
719
720In-place code Randomization:ROP mitigation technique,does not require symbolic debugging information,It is applied directly in third party executables,Does not introduce any runtime overhead,Experimentally proved to be effective against windows 7 ROP attacks,It can also be combined with existing security techniques to further increase the randomization
721entropy,but code randomization techniques are vulnerable to arbitrary read vulnerabilities.While RAP is designed to work in the presence of arbitrary reads and arbitrary writes at arbitrary times.
722
723
724
725
726
727Heap corruption mitigations:heap integrity checks, guard pages, and allocation order randomization
728
729
730
731
732
733IOMMU:Thanks to IOMMU,PCI cards are more resisant to  Direct Memory Access (DMA) based attacks. 
734
735
736
737
738
739You can go to the extreme and turn DMA completely off,losing a huge performance gain from DMA of course.
740
741
742
743
744
745Refuse access to DMA access memory by external devices until after the Windows OS is in control to parse DMA requests. 
746
747
748
749
750
751Ensure unnecessary ports that allow attackers to perform a DMA attack (such as FireWire, Thunderbolt, ExpressCard, PC Card or any other PCI/PCIe Hardware interfaces) are disabled in the Operating Environment, and that normal users are prevented from altering such settings. 
752
753
754
755
756
757Ensure devices are always secured with the use of some form of power up authentication either thru a BIOS power on password or Pre-Boot Authentication (PBA) from a full disk encryption (FDE) product. 
758
759
760
761
762
763If devices are deemed to operating in an unsecure environment, be sure to require the use of hibernation mode and power off when not in use to prevent DMA attacks. 
764
765
766
767
768
769
770No-eXecute (NX) is a processor feature that allows marking of memory pages as non-executable. The feature allows the CPU to help guard the system from attacks by malicious software. When the NX feature is enabled on a system, it prevents malicious software code from being placed in accessible regions of memory to be executed when control reaches that memory location.This was originally invented by AMD. 
771
772
773
774
775
776XD is the acronym for eXecute Disable, which is an Intel specific implementation of NX. It refers to the same feature but Intel chose to call it by a different name. 
777
778
779
780
781XN is the ARM equivalent of the same feature and is the acronym for eXecute Never.
782
783
784
785
786Essentially, both NX, XD and XN are the same and are different names for the same feature in AMD, Intel and ARM respectively.
787
788
789
790
791
792
793 NOTES
7941.Let’s discuss using FDE as a mitigation as the implementation can be tricky: With most encryption products that provide Data-At-Rest (DAR) security, once a legitimate user has successfully authenticated at Pre-Boot, the drive is thereafter “unlocked” and its contents are readable by the operating system and/or any other processes.  If the threat of DMA attacks is considered a major risk, then the primary protection against this is to use interactive Pre-Boot Authentication. 
795
796Some FDE solutions allow for unattended Pre-Boot Authentication (for example BitLocker with TPM protection).  Thus even if the device is powered off when stolen, the attacker can power on the device and it will boot to the OS; similar issues apply to power modes such as Sleep.  Thus, the use of unattended PBA is not recommended to ensure an attacker is prevented from launching such an attack.  (Note: There are circumstances, depending on the risk profile, where unattended PBA via pre-boot networking with a management server acting as the external authenticator mitigates the risk.  Another possible mitigation is to utilize Intel Enterprise Digital Fence. 
797
798A DMA-based attack on software encryption is to gain access to the software Encryption Key as well as all sensitive data that is currently in memory.  The primary mitigation against such an attack is to use Pre-Boot Authentication with single or multi-factor strong credentials. 
799
800A DMA-based attack on a hardware-encrypted drive (SED) such as an Opal drive is an attempt to gain access to the PIN in memory (if it’s stored) that unlocks the SED returning from Sleep mode.  The primary mitigation against this attack is also the use of Pre-Boot Authentication coupled with disabling support of Sleep for the system.  The use of Sleep mode for Self-Encrypting Drives should be strongly cautioned. 
801
802
803
804
805
8062.Due to how modern computing works, basically everything that you have done during a session is stored in the RAM. If an attacker has physical access to your computer when you are running Whonix, it may enable her to recover everything that have been achieved during the session - even if you are using Full Disk Encryption. From typed texts to saved files, including passwords and encryption keys. The more recent the activity, the more likely it is that it is still in the RAM. 
807
808Furthermore, it has been shown that the data present in the RAM might be recoverable for seconds or even minutes after the computer is powered off using a cold boot attack. 
809
810Wipe RAM on shutdown (e.g. using a kexec script) - or do not leave the computer unattended immediately after shutdown. Unfortunately there is not yet an upstream script, to implement wiping the RAM on shutdown. We can not provide a solution for this attack, this is solved nowhere but partially in Tails and Liberte Linux (not checked), waiting for upstream solution. 
811
812
813
814
815
8163.Heap corruption vulnerabilities are one of the most common types of vulnerability that Microsoft addresses through security updates today. These vulnerabilities typically occur as a result of programming mistakes that make it possible to write beyond the bounds of a heap buffer (a spatial issue) or to place a heap allocated object in an unexpected state such as by using the object after it has been freed (a temporal issue). 
817
818
819
820
8214.Return-oriented programming (ROP) has become the primary exploitation technique for
822system compromise in the presence of non-executable page protections. ROP exploits are
823facilitated mainly by the lack of complete address space randomization coverage or the presence
824of memory disclosure vulnerabilities, necessitating additional ROP-specific mitigations.
825Existing defenses against ROP exploits either require source code or symbolic debugging
826information, or impose a significant runtime overhead, which limits their applicability for
827the protection of third-party applications. 
828
829
830
831
8325.Other defenses against code-reuse attacks complementary to ASLR include compiler extensions,
833code randomization, control-flow integrity, and runtime solutions. In practice,
834though, most of these approaches are almost never applied for the protection of the COTS software currently
835targeted by ROP attacks, either due to the lack of source code or debugging information, or due to their
836increased overhead. 
837
838
839
840
841
8426.As code-reuse attacks require precise knowledge of the structure and location of the code to
843be reused, diversifying the execution environment or even the program code itself is a core
844concept in preventing code-reuse exploits. 
845
846
847
848
849
850
8517.Address space layout randomization is probably one of the most widely deployed countermeasures against code-reuse attacks. However, its effectiveness is hindered by code segments left in static locations,while, depending on the randomization entropy, it might be possible to circumvent it using brute-force guessing. Even if all the code segments of a process are fully randomized, vulnerabilities that allow the leakage of memory contents can enable the calculation of the base address of a DLL at runtime.
852
853
854
855
856
857
8588.Intra-DLL randomization at the function, basic block, or instruction level can provide protection for executables
859that do not support ASLR, or against de-randomization attacks through memory leaks.
860
861
862
863
864
865
8669.JOP is similar to ROP, but it uses indirect jump instructions instead of returns to transfer
867control from gadget to gadget. Clearly, constructing JOP programs is far more difficult than ROP because
868the attacker has to maintain a memory region with the payload and manually advance the pointer to the
869next gadget and transfer control to it. The same functionality is conveniently achieved by a single return
870instruction in ROP.
871
872
873
874
87510.Sigreturn-oriented programming  (SROP) is a new attack vector in userland
876where an attacker crafts a fake signal frame on the stack and calls
877sigreturn. The kernel will extract the fake signal frame, which
878contains attacker controlled "saved" registers. The kernel will then
879transfer control to the attacker controlled userland instruction pointer.
880(https://lwn.net/Articles/681704/)
881
882
883
884
88511.Stack/heap protectioned provided by linux kernel has only one single page( 4KB by default in i386) due to some compatibility issues. PaX's implementation doesn't have this problem and its gap is 64KB by default. You can set the number at runtime via "sysctl vm.heap_stack_gap"( We have another auditing item for the hardening solution. Thanks to the full disclosure).
886
887
88812.Use POP3 and SMTP settings, as IMAP leaks more metadata. 
889
890
89113.Since onion services are part of the Tor network, the services and the people connecting to them get more security and privacy; their traffic doesn't even leave the network,the onion services are relied on for metadata-free chat and file sharing.
892
893-------------------------------------------------------------------------------------------------------- 
894Linux Kernel Security 
895
896
897Gresecurity: is a set of patches for the Linux kernel which emphasize security enhancements,such as 1.Preventing direct userland access by kernel. 2.Bounds checks on kernel copies to/from userland. 3.ASLR. 4.Prevents userland code execution by kernel. 5.Prevents kernel stack overflows on x64. 6.Hardened userland memory permissions. 7.Random padding between thread stacks. 8.Hardened BPF JIT against spray attacks. 9.Automatically responds to exploit bruteforcing. 10.Chroot hardening. 11.Prevents users from tricking Apache into accessing other users' files. 12.Provides Trusted Path Execution. 13.role-based access control (RBAC).Just to name a few features.
898
899
900
901
902
903PaX: A major component bundled with grsecurity is PaX. Among other features, the patch flags data memory, the stack, for example, as non-executable and program memory as non-writable. The aim is to prevent memory from being overwritten, which can help to prevent many types of security vulnerabilities, such as buffer overflows. PaX also provides address space layout randomization (ASLR), which randomizes important memory addresses to reduce the probability of attacks that rely on easily predicted memory addresses. 
904
905
906
907
908
909secure computing mode (Seccomp) (merged into the Linux kernel mainline in kernel version 2.6.12): is a computer security facility in the Linux kernel,seccomp allows a process to make a one-way transition into a "secure" state where it cannot make any system calls except exit(), sigreturn(), read() and write() to already-open file descriptors. Should it attempt any other system calls, the kernel will terminate the process with SIGKILL. In this sense, it does not virtualize the system's resources but isolates the process from them entirely.
910
911Linux Containers (LXC): is an operating-system-level virtualization method for running multiple isolated Linux systems (containers) on a single control host (LXC host). It does not provide a virtual machine, but rather provides a virtual environment that has its own CPU, memory, block I/O, network, etc. space and the resource control mechanism. This is provided by namespaces and cgroups features in Linux kernel on LXC host. It is similar to a chroot, but offers much more isolation.
912
913
914Kernel namespaces: A namespace wraps a global system resource in an abstraction that makes it appear to the processes within the namespace that they have their own isolated instance of the global resource. Changes to the global resource are visible to other processes that are members of the namespace, but are invisible to other processes. One use of namespaces is to implement containers.
915
916
917cgroups: is a Linux kernel feature that limits, accounts for, and isolates the resource usage (CPU, memory, disk I/O, network, etc.) of a collection of processes.
918
919
920
921protection rings: the mechanism whereby the OS and CPU conspire to restrict what user-mode programs can do. There are four privilege levels, numbered 0 (most privileged) to 3 (least privileged), and three main resources being protected: memory, I/O ports, and the ability to execute certain machine instructions. At any given time, an x86 CPU is running in a specific privilege level, which determines what code can and cannot do.
922(https://manybutfinite.com/post/cpu-rings-privilege-and-protection/)
923
924
925
926
927STACKLEAK: -reducing the information that can be revealed through kernel stack leak bugs
928          - blocking some uninitialized stack variable attacks
929          - introducing some runtime checks for kernel stack overflow detection
930
931
932
933
934
935KernelAddressSanitizer (KASAN) (included in the Linux kernel 4.0): Detects OOB for both writes and reads,provides strong UAF detection (based on delayed memory reuse),Does prompt detection of bad memory accesses,Prints informative reports.
936
937
938
939
940
941/dev/mem protection: Some applications (Xorg) need direct access to the physical memory from user-space. The special file /dev/mem exists to provide this access. In the past, it was possible to view and change kernel memory from this file if an attacker had root access. The CONFIG_STRICT_DEVMEM kernel option was introduced to block non-device memory access (originally named CONFIG_NONPROMISC_DEVMEM). (included in the Linux kernel 2.6.25) 
942
943
944
945
946
947
948
949/proc/$pid/maps protection: With ASLR, a process's memory space layout suddenly becomes valuable to attackers. The "maps" file is made read-only except to the process itself or the owner of the process. Went into mainline kernel with sysctl toggle in 2.6.22. The toggle was made non-optional in 2.6.27, forcing the privacy to be enabled regardless of sysctl settings (this is a good thing). (Becames non-optional in Linux kernel 2.6.27) 
950
951
952
953
954
955
956
957runtime memory allocation validation:Detect double-frees in kernel space. 
958
959
960
961
962
963
964Restricting access to kernel logs: The kernel logs contain useful information for an attacker trying to exploit kernel vulnerabilities, such as sensitive memory addresses. The kernel.dmesg_restrict flag was to forbid access to the logs without the CAP_SYS_ADMIN capability (which only processes running as root have by default). 
965
966
967
968
969
970
971Restricting access to kernel pointers in the proc filesystem: Enabling kernel.kptr_restrict will hide kernel symbol addresses in /proc/kallsyms from regular users without CAP_SYSLOG, making it more difficult for kernel exploits to resolve addresses/symbols dynamically. This will not help that much on a pre-compiled Arch Linux kernel, since a determined attacker could just download the kernel package and get the symbols manually from there, but if you're compiling your own kernel, this can help mitigating local root exploits. This will break some perf commands when used by non-root users (but many perf features require root access anyway). 
972
973
974
975
976Keep BPF JIT compiler disabled: The Linux kernel includes the ability to compile BPF/Seccomp rule sets to native code as a performance optimization. The net.core.bpf_jit_enable flag should be left at 0 for a maximum level of security.
977This can be helpful in specific domains, but is not usually useful. A JIT compiler opens up the possibility for an attacker to perform a heap spraying attack, where they fill the kernel's heap with malicious code. This code can then potentially be executed via another exploit, like an incorrect function pointer dereference. (gresecurity's GRKERNSEC_BPF_HARDEN solves this)
978
979
980
981
982ptrace scope: Arch enables the Yama LSM by default, providing a kernel.yama.ptrace_scope flag. This flag is enabled by default and prevents processes from performing a ptrace call on other processes outside of their scope without CAP_SYS_PTRACE. While many debugging tools require this for some of their functionality, it is a significant improvement in security. Without this feature, there is essentially no separation between processes running as the same user without applying extra layers like namespaces. The ability to attach a debugger to an existing process is a demonstration of this weakness.
983
984
985
986
987
988hidepid: The kernel has the ability to hide other users' processes, normally accessible via /proc, from unprivileged users by mounting the proc filesystem with the hidepid= and gid=,this greatly complicates an intruder's task of gathering information about running processes, whether some daemon runs with elevated privileges, whether other user runs some sensitive program, whether other users run any program at all, makes it impossible to learn whether any user runs a specific program (given the program doesn't reveal itself by its behaviour), and, as an additional bonus, poorly written programs passing sensitive information via program arguments are now protected against local eavesdroppers.
989
990
991
992
993dmesg restrictions: When attackers try to develop "run anywhere" exploits for vulnerabilties, they frequently will use dmesg output. By treating dmesg output as sensitive information, this output is not available to the attacker. Starting with Ubuntu 12.04 LTS, /proc/sys/kernel/dmesg_restrict can be set to "1" to treat dmesg output as sensitive. Ubuntu Touch kernels have this enabled by default.
994
995
996
997
998Block kexec: Starting with Ubuntu 14.04 LTS, it is now possible to disable kexec via sysctl. CONFIG_KEXEC is enabled in Ubuntu so end users are able to use kexec as desired and the new sysctl allows administrators to disable kexec_load. This is desired in environments where CONFIG_STRICT_DEVMEM and modules_disabled are set, for example.
999
1000
1001
1002
1003Kernel Address Display Restriction: When attackers try to develop "run anywhere" exploits for kernel vulnerabilities, they frequently need to know the location of internal kernel structures. By treating kernel addresses as sensitive information, those locations are not visible to regular local users. Starting with Ubuntu 11.04, /proc/sys/kernel/kptr_restrict is set to "1" to block the reporting of known kernel address leaks. Additionally, various files and directories were made readable only by the root user: /boot/vmlinuz*, /boot/System.map*, /sys/kernel/debug/, /proc/slabinfo
1004
1005
1006
1007
10080-address protection: Since the kernel and userspace share virtual memory addresses, the "NULL" memory space needs to be protected so that userspace mmap'd memory cannot start at address 0, stopping "NULL dereference" kernel attacks. This is possible with 2.6.22 kernels, and was implemented with the "mmap_min_addr" sysctl setting. Since Ubuntu 9.04, the mmap_min_addr setting is built into the kernel. (64k for x86, 32k for ARM.)
1009
1010
1011
1012PAX_REFCOUNT: Reference counter overflow bug can be exploited in scenario where UAF( Use-After-Free) comes into game. PAX_REFCOUNT killed this kind of bug class.It can protects the kernel against integer overflows.
1013
1014
1015
1016PAX_MEMORY_SANITIZE: does poisoning/sanitization the memory on free to reduces the attack surface.
1017
1018
1019
1020
1021SL*B freelist randomization: randomizes the SLAB freelist.  The list is randomized during initialization of a new set of pages.  The order on different freelist sizes is pre-computed at boot for performance.  Each kmem_cache has its own randomized freelist.  Before pre-computed lists are available freelists are generated dynamically. This security feature reduces the predictability of the kernel SLAB allocator against heap overflows rendering attacks much less stable.
1022
1023
1024
1025
1026GRKERNSEC_BRUTE: If you say Y here, attempts to bruteforce exploits against forking daemons such as apache or sshd will be deterred.  When a child of a forking daemon is killed by PaX or crashes due to an illegal instruction, the parent process will be delayed 30 seconds upon every subsequent fork until the administrator is able to assess the situation and restart the daemon.  It is recommended that you also enable signal logging in the auditing section so that logs are generated when a process performs an illegal instruction.
1027(https://xorl.wordpress.com/2010/11/09/grkernsec_brute-exploit-bruteforcing-protection/)
1028
1029
1030
1031GRKERNSEC_PERF_HARDEN: PERF is a  serious attack surface. We can’t bear it running by default in production system.
1032(https://hardenedlinux.github.io/system-security/2016/12/13/kernel_mitigation_checklist.html)
1033
1034
1035
1036NOTES
10371.Using sysctl is a good way to harden the Linux kernel. 
1038
1039
1040
1041
10422.Add link restrictions 
1043Symlinks:
1044
1045A long-standing class of security issues is the symlink-based
1046time-of-check-time-of-use race, most commonly seen in world-writable
1047directories like /tmp. The common method of exploitation of this flaw
1048is to cross privilege boundaries when following a given symlink (i.e. a
1049root process follows a symlink belonging to another user).
1050
1051The solution is to permit symlinks to only be followed when outside
1052a sticky world-writable directory, or when the uid of the symlink and
1053follower match, or when the directory owner matches the symlink's owner. 
1054
1055Applications should just use mkstemp() or O_CREATE|O_EXCL.
1056- True, but applications are not perfect, and new software is written
1057all the time that makes these mistakes; blocking this flaw at the
1058kernel is a single solution to the entire class of vulnerability. 
1059
1060In Linux 3.6,link restrictions are enabled by default. 
1061
1062
1063
1064
10653.kernel process stack overflow are rare and one of the most dangerous vulnerabilities in the kernel (gresecurity solves this  with STACKLEAK and with the removal of thread_info from the kernel and GRKERNSEC_BRUTE helps PaX/Grsecurity also restricted SUID program's RLIMIT_STACK up to 8MB and the environment arg/strings up to 512KB.)
1066(https://github.com/hardenedlinux/grsecurity-101-tutorials/blob/master/notes/stack_clash.md)
1067
1068
1069
1070
10714.use-after-free is a very popular bug class in kernel and it can be exploited by the adversary to gain information or priviledges. (gresecurity solves this with PAX_REFCOUNT and PAX_MEMORY_SANITIZE also helps) 
1072
1073
1074
10755.Return-to-user (ret2usr): redirects corrupted kernel pointers to data residing in user space. (gresecurity solves this with KERNEXEC,and OpenBSD's X^W also solves this ) 
1076(https://hardenedlinux.github.io/system-security/2016/12/13/kernel_mitigation_checklist.html)
1077
1078
1079
10806.Grsecurity kernels also disables user namespaces by default.
1081
1082
10837.An important technique for hardening the system is kernel address-space layout randomization (KASLR), which randomizes the placement of the kernel in the virtual address space at boot time.
1084(https://lwn.net/Articles/738975/)
1085
1086
1087
10888.Daniel Gruss's paper cites a number of hardware-based attacks on KASLR. They use techniques like exploiting timing differences in fault handling, observing the behavior of prefetch instructions, or forcing faults using the Intel TSX (transactional memory) instructions. There are rumors circulating that other such channels exist but have not yet been disclosed. In all of these cases, the processor responds differently to a memory access attempt depending on whether the target address is mapped in the page tables, regardless of whether the running process can actually access that location. These differences can be used to find where the kernel has been placed — without making the kernel aware that an attack is underway. 
1089
1090Solution: Fixing information leaks in the hardware is difficult and, in any case, deployed systems are likely to remain vulnerable. But there is a viable defense against these information leaks: making the kernel's page tables entirely inaccessible to user space. In other words, it would seem that the practice of mapping the kernel into user space needs to end in the interest of hardening the system.
1091(https://lwn.net/Articles/738975/)   (https://gruss.cc/files/kaiser.pdf)
1092
1093
1094
1095
1096
10979.GRKERNSEC_BRUTE disabled: 200 hrs to gain control of EIP, then ~1500 yrs to brute force the PaX's ASLR to getting root shell
1098    
1099    GRKERNSEC_BRUTE enabled: ~1365 days to gain control of EIP, then...you don't wanna know.
1100     (https://github.com/hardenedlinux/grsecurity-101-tutorials/blob/master/notes/stack_clash.md)
1101
1102
1103
1104
1105
110610.PaX's ASLR can defeat offset2lib easily since...2001?
1107(https://github.com/hardenedlinux/grsecurity-101-tutorials/blob/master/notes/stack_clash.md)
1108
1109
1110
111111.W & X memory is the cruial condition to physmap spraying.
1112(https://hardenedlinux.github.io/system-security/2016/12/13/kernel_mitigation_checklist.html)
1113
1114
1115
111612.No unwanted driver should be compiled. No unwanted code of any kind should be compiled. All code that can reference kernel-level objects outside the kernel should be disabled.
1117(https://www.quora.com/What-desktop-OS-kernel-is-the-most-hardened-the-most-unhackable)
1118
1119
112014.Linux kernel has been using weak entropy on stack canary for years and it has been fixed( copy+paste from PaX/Grsecurity) and merged in v4.12, while PaX/Grsecurity solved it since 2011.
1121(https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5ea30e4e58040cfd6434c2f33dc3ea76e2c15b05)
1122(https://hardenedlinux.github.io/system-security/2016/12/13/kernel_mitigation_checklist.html)
1123-------------------------------------------------------------------------------------------------------- 
1124OpenBSD Kernel security features
1125
1126Trapsleds: a new mitigation that significantly reduces the amount of nops in the instruction stream, replacing them with trap instructions or jump-over-trap sequences, thereby requiring greater accuracy for targetting potential gadgets. (http://undeadly.org/cgi?action=article&sid=20170622065629)
1127
1128
1129
1130
1131Kernel Address Randomized Link (KARL): a new "link-kit" allows the .o files of the kernel to be relinked in a random order, creating a unique kernel for each boot. /bsd is now non-readable to users, to try to keep the secret.The idea is to randomise how the kernel loads, so that kernel loading gets the same benefits as applies to (for example) application memory in ASLR (address space layout randomisation) – so an attacker can't rely on predictable memory allocations to identify where a buffer overrun might land.
1132(https://www.theregister.co.uk/2017/06/19/thats_random_openbsd_adds_more_kernel_security/)
1133
1134
1135
1136
1137
1138accton: Process accounting is a security method in which an administrator may keep track of system resources used and their allocation among users, provide for system monitoring, and minimally track a user's commands.Process accounting has both positive and negative points. One of the positives is that an intrusion may be narrowed down to the point of entry. A negative is the amount of logs generated by process accounting, and the disk space they may require.   (https://www.freebsd.org/doc/handbook/security-accounting.html)    
1139(https://man.openbsd.org/accton.8)
1140
1141
1142
1143
1144
1145ifstated: daemon runs commands in response to network state changes, which it determines by monitoring interface link state or running external tests.    
1146(https://man.openbsd.org/ifstated.8)
1147
1148
1149
1150
1151
1152pledge: restrict system operations,current process is forced into a restricted-service operating mode. A few subsets are available, roughly described as computation, memory management, read-write operations on file descriptors, opening of files, networking. In general, these modes were selected by studying the operation of many programs using libc and other such interfaces, and setting promises or execpromises.   
1153(https://man.openbsd.org/pledge.2)
1154
1155
1156
1157
1158kbind: update protected memory for lazy-binding,syscall updates the contents of one or more blocks of the process's memory with the supplied replacement data. This is used to efficiently and securely perform lazy-binding.
1159(https://man.openbsd.org/kbind)
1160
1161
1162
1163
1164StackGhost: is a transparent stack protection feature (similar to ProPolice, which is already enabled by default on all OpenBSD architectures) for OpenBSD/sparc was invented and implemented on OpenBSD in 2001,StackGhost uses a unique hardware feature of the Sun sparc architecture (that being: deferred on-stack in-frame register window spill/fill) to detect modifications of return pointers (a common way for exploits to hijack execution paths) transparently, automatically protecting all applications without requiring binary or source modifications.
1165(https://undeadly.org/cgi?action=article&sid=20040523065005)
1166
1167
1168 
1169
1170guard pages: These can help you debug software and also add some measure of security.
1171(https://undeadly.org/cgi?action=article&sid=20031017121955)
1172
1173
1174
1175
1176RETGUARD:  Return-oriented programming (ROP) has become a common technique for compromising systems via a stack-smashing vulnerability. There are various schemes out there for defeating ROP attacks, but a mechanism called "RETGUARD" that is being implemented in OpenBSD is notable for its relative simplicity.
1177(https://lwn.net/Articles/732201/)
1178
1179
1180
1181
1182Privilege separation: Privilege separation, or privsep, is method in OpenSSH by which
1183operations that require root privilege are performed by a separate
1184privileged monitor process.  Its purpose is to prevent privilege
1185escalation by containing corruption to an unprivileged process.
1186(https://github.com/openssh/openssh-portable/blob/master/README.privsep)
1187
1188
1189
1190Privilege revocation: Related to the work on privilege separation, some programs were refactored to drop privileges while holding onto a tricky resource such as a raw socket, reserved port, or modification-locked bpf(4) descriptor, for example ping(8), traceroute(8), etc.
1191(https://www.openbsd.org/innovations.html)
1192
1193
1194
1195GOT and PLT protection by ld.so: first done as part of the W^X work in OpenBSD 3.3, by Dale Rahn and Theo de Raadt. The GOT and PLT regions are read-only outside of ld.so itself. Extended to the .init/.fini sections (constructors and destructors) in OpenBSD 3.4.
1196
1197
1198
1199
1200arc4random: arc4 random number generator uses the key stream generator employed by the arc4 cipher,function returns pseudo-random numbers in the range of 0 to (2**32)-1, and therefore has twice the range of rand(3) and random(3).
1201(https://www.freebsd.org/cgi/man.cgi?query=arc4random)
1202
1203
1204
1205
1206Sigreturn Cookies: To prevent SROP attacks the kernel needs to know or be able to dervive
1207whether a sigreturn it is processing is in response to a legitimate signal the kernel previously delivered.This patch implement the necessary changes to generate a cookie which will be placed above signal frame upon signal delivery to userland. 
1208The cookie is generated using a per-process random value xor'd with the address where the cookie will be stored on the stack.There are some practical problems with the patch still; for example, it will not do the right thing in settings where checkpoint-restore in user space is in use (a restored process will have a new and different random cookie value, but old cookies may still be on the stack). Such problems can be worked around, but they may force the addition of a sysctl knob to turn this protection off in settings where it breaks things. It also does nothing to protect against ROP attacks in general, it just closes off one relatively easy-to-exploit form of those attacks. But, as low-hanging fruit, it is probably worth pursuing; there is no point in making an attacker's life easier.
1209(https://lwn.net/Articles/681704/)
1210(https://lwn.net/Articles/676803/)
1211
1212
1213
1214
1215
1216gcc-local(1) __attribute__((__bounded__)) static analysis annotation and checking mechanism: Started by Anil Madhavapeddy on June 26, 2003 and ported to GCC 4 by Nicholas Marriott. First released with OpenBSD 3.4.
1217(https://www.openbsd.org/innovations.html)
1218
1219
1220
1221malloc(3) randomization implemented by Thierry Deval. Guard pages and randomized (delayed) free added by Ted Unangst. Reimplemented by Otto Moerbeek for OpenBSD 4.4.
1222(https://www.openbsd.org/innovations.html)
1223
1224
1225
1226ASLR: OpenBSD 3.4 was the first widely used operating system to provide it by default.
1227(https://www.openbsd.org/innovations.html)
1228
1229
1230
1231PIE: OpenBSD 5.3 was the first widely used operating system to enable it globally by default, on seven hardware platforms.
1232(https://www.openbsd.org/innovations.html)
1233
1234
1235
1236Random-data memory: the ability to specify that a variable should be initialized at load time with random byte values was implemented in OpenBSD 5.3 by Matthew Dempsky.
1237(https://www.openbsd.org/innovations.html)
1238
1239
1240
1241Stack protector per shared object: using the random-data memory feature, each shared object was given its own stack protector cookie in OpenBSD 5.3 by Matthew Dempsky.
1242(https://www.openbsd.org/innovations.html)
1243
1244
1245
1246Static-PIE: Position-independent static binaries for /bin, /sbin and ramdisks. First released with OpenBSD 5.7.
1247(https://www.openbsd.org/innovations.html)
1248
1249
1250
1251Library order randomization: In rc(8), re-link libc.so, libcrypto, and ld.so on startup, placing the objects in a random order. Theo de Raadt and Robert Peichaer, May 2016, enabled by default since OpenBSD 6.0 and 6.2.
1252(https://www.openbsd.org/innovations.html)
1253
1254
1255
1256Kernel-assisted lazy-binding for W^X safety in multi-threaded programs. A new syscall kbind(2) permits lazy-binding to be W^X safe in multi-threaded programs. Implemented for OpenBSD 5.9 by Philip Guenther in July 2015.
1257(https://www.openbsd.org/innovations.html)
1258
1259
1260
1261Process layouts in memory tightened to remove execute permission from all segmented, non-instruction data and to remove write permission from data that is only modified during loading and relocation. By combining the RELRO (Read-Only after Relocation) design from the GNU project with the original ASLR work from OpenBSD 3.3 and strict lazy-binding work from OpenBSD 5.9, this is applied to not just a subset of programs and libraries but rather to all programs and libraries. Implemented for OpenBSD 6.1 by Philip Guenther in August 2016.
1262(https://www.openbsd.org/innovations.html)
1263
1264
1265
1266Use of fork+exec in privilege separated programs. The strategy is to give each process a fresh & unique address space for ASLR, stack protector -- as protection against address space discovery attacks. Implemented first by Damien Miller (sshd(8) 2004), Claudio Jeker (bgpd(8), 2015), Eric Faurot (smtpd(8), 2016), Rafael Zalamena (various, 2016), and others.
1267(https://www.openbsd.org/innovations.html)
1268
1269
1270
1271Kernel relinking at boot: the .o files of the kernel are relinked in random order from a link-kit, before every reboot. This provides substantial interior randomization in the kernel's text and data segments for layout and relative branches/calls. Basically a unique address space for each kernel boot, similar to the userland fork+exec model described above but for the kernel. Theo de Raadt, June 2017.
1272(https://www.openbsd.org/innovations.html)
1273
1274
1275
1276Rearranged i386/amd64 register allocator order in clang(1) to reduce polymorphic RET instructions: Todd Mortimer, November 20, 2017.
1277(https://www.openbsd.org/innovations.html)
1278
1279
1280
1281MAP_STACK addition to mmap(2) allows opportunistic verification that the stack-register points at stack memory, therefore catching pivots to non-stack memory (sometimes used in ROP attacks). Theo de Raadt, April 12, 2018.
1282(https://www.openbsd.org/innovations.html)
1283
1284---------------------------------------------------------------------------------------------------------
1285compiler security 
1286
1287
1288libc pointer encryption
1289
1290
1291
1292RANDSTRUCT:is a Grsecurity feature randomize the number of sensitive kernel structures at compile time and ported it to the mainline and merged in v4.12. 
1293
1294
1295
1296 
1297timeless:This will cause warnings when the __TIME__, __DATE__ and __TIMESTAMP__ macros are used.
1298
1299
1300
1301-Wformat -Wformat-security:A gcc security feature while not all programs correctly implement the printf hints (like glib's G_GNUC_PRINTF macro), adding this will at least call out simple printf format string vulnerabilities. Any programs whose builds become "noisy" as a result, should be fixed anyway. 
1302
1303
1304
1305-D_FORTIFY_SOURCE=2 -O1:A gcc security feature that compile-time protection against static sized buffer overflows. No known regressions or performance loss. This should be enabled system-wide. 
1306
1307
1308
1309relro:During program load, several ELF memory sections need to be written to by the linker. This flags the loader to turn these sections read-only before turning over control to the program. Most notably this prevents GOT overwrite attacks. 
1310
1311
1312
1313fstack-protector-strong:This is a stronger variant of stackprotector, but without significant performance penalties.This adds safety checks against stack overwrites. This renders many potential code injection attacks into aborting situations. In the best case this turns code injection vulnerabilities into denial of service or into non-issues (depending on the application).Stack Smashing Protector (SSP) *merely detects stack buffer overruns, they are not prevented.*
1314
1315
1316
1317Position Independent Executables (PIE):Position Independent Executable are needed to take advantage of Address Space Layout Randomization, supported by some kernel versions. While ASLR can already be enforced for data areas in the stack and heap (brk and mmap), the code areas must be compiled as position-independent. Shared libraries already do this (-fPIC), so they gain ASLR automatically, but binary .text regions need to be build PIE to gain ASLR. When this happens, ROP (Return Oriented Programming) attacks are much harder since there are no static locations to bounce off of during a memory corruption attack.
1318
1319
1320reproducible builds:Most aspects of software verification are done on source code, as that is what humans can reasonably understand. But most of the time, computers require software to be first built into a long string of numbers to be used. With reproducible builds, multiple parties can redo this process independently and ensure they all get exactly the same result.
1321
1322
1323SANCOV:The sancov gcc plugin inserts a __sanitizer_cov_trace_pc() call at the start of basic blocks.This plugin is a helper plugin for the kcov feature. It supports all gcc versions with plugin support (from gcc-4.5 on).It is based on the gcc commit "Add fuzzing coverage support" by Dmitry Vyukov.
1324
1325
1326
1327cyclomatic_complexity:Compute cyclomatic complexity of functions based on the gcc internal representation.The cyclomatic complexity of a section of source code is the number of linearly independent paths within it. For instance, if the source code contained no control flow statements (conditionals or decision points), the complexity would be 1, since there would be only a single path through the code. If the code had one single-condition IF statement, there would be two paths through the code: one where the IF statement evaluates to TRUE and another one where it evaluates to FALSE, so the complexity would be 2. Two nested single-condition IFs, or one IF with two conditions, would produce a complexity of 3.
1328
1329
1330
1331PAX_LATENT_ENTROPY:Providing enough randomness, especially at early boot, has been a constant struggle for Linux. While on the Intel platform, Ivy Bridge and newer processor models that support RDRAND generally eliminate the problem of entropy starvation at early boot and runtime, older processors and those of other architectures continue to be plagued by this problem. The demonstrable effects of this include weak private keys on embedded systems, weak randomness on VM guests, predictable stack canaries, and more. PaX's latent entropy plugin included in grsecurity addresses the lack of randomness by modifying the instruction streams of functions called only during boot as well as some specific functions at runtime that perform some unpredictable computations from the perspective of an attacker. These functions are modified to produce a nondeterministic value based on the flow of execution. At several points in the boot process and at runtime, this pseudorandom value is mixed in to the entropy pool. Further, a kernel compiled with this plugin will have the various random pools in the kernel initialized at compile-time to random contents.(Now it’s called “latent_entropy” plugin merged in v4.9.)
1332
1333
1334
1335NOTES 
13361.Issues with Stack Smashing Protector (SSP): The SSP implementation in gcc-3.x is not perfect, and can cause problems. In particular C++ code can be built incorrectly when SSP is enabled, although the exact details are not clear at the moment.The SSP implementation in gcc-4.x is completely different, even so far as changing the semantics of the compiler switches. At the time of writing, we have little experience in the SSP implementation in gcc-4.x. 
1337
1338
13392.Issues with PIEs:Ideally, when building a static executable, a shared library, or building without the standard gcc system files, PIE would not be automatically enabled. Unfortunately, the options -static, -shared, -nostdlib and -nostartfiles are link options, so are usually only supplied to the link command of an executable and not to the compilation commands for individual objects. In these cases, -fPIE will be added to the compilation commands when in fact it shouldn't be. This is an unavoidable limitation, since it is impossible to know from a compilation command for an object exactly what the link command is going to be. Indeed in some cases more than one link command can happen using the same objects. Such cases have to be handled by the relevant ebuild on a case-by-case basis. The -nostdlib and -nostartfiles options occur rarely. The -shared option is usually used when the compilation commands have been performed with -fPIC, so the majority of such cases are not a problem. 
1340
1341
13423.Compiler is the bridge between source code and machine code.
1343
1344
13454.The userland heap is a very significant part of an operating system, and it's not something that gets swapped out from a major operating system distribution at a whim.For those of you who don't have a programming background, let me attempt a brief and non-technical explanation of what a heap is. Basically, it's just a management facility for most of the memory that applications use. When an application (such as Mozilla, your command shell, word processor, and so on) needs some memory, it will typically take this memory from the heap. The heap is responsible for handling these requests, which involve handing out chunks of memory when requested, and freeing the chunks when the application is finished with them.
1346
1347
13485.malloc internally invokes either brk or mmap syscall.
1349
1350-------------------------------------------------------------------------------------------------------- 
1351hardware security 
1352
1353Trusted Platform Module (TPM): is a specialized chip on an endpoint device that stores RSA encryption keys specific to the host system for hardware authentication TPM chips can be used with any major operating system and work best in conjunction with other security technologies such as firewalls, antivirus software, smart cards and biometric verification.
1354(https://whatis.techtarget.com/definition/trusted-platform-module-TPM)
1355
1356
1357
1358
1359Intel Trusted Execution Technology (TXT):is a computer hardware technology whose primary goals are: Attestation of the authenticity of a platform and its operating system,assuring that an authentic operating system starts in a trusted environment, which can then be considered trusted,providing of a trusted operating system with additional security capabilities not available to an unproven one. 
1360(https://en.wikipedia.org/wiki/Trusted_Execution_Technology)
1361
1362
1363
1364
1365Intel Boot Guard: Hardware-based boot integrity protection that prevents unauthorized software and malware takeover of boot blocks critical to a  system's function,thus providing added level of platform security based on hardware.
1366(https://www.intel.com/content/dam/www/public/us/en/documents/product-briefs/4th-gen-core-family-mobile-brief.pdf)
1367
1368
1369
1370secure boot: is one feature of Unified Extensible Firmware Interface (UEFI) 2.3.1 specification (Errata C). The feature defines an entirely new interface between operating system and firmware/BIOS.When enabled and fully configured, Secure Boot helps a computer resist attacks and infection from malware. Secure Boot detects tampering with boot loaders, key operating system files, and unauthorized option ROMs by validating their digital signatures. Detections are blocked from running before they can attack or infect the system.
1371(https://www.intel.com/content/www/us/en/support/articles/000006942/boards-and-kits/desktop-boards.html)
1372
1373
1374
1375
1376trusted boot (tboot): is an open source, pre- kernel/VMM module that uses Intel(R) Trusted Execution Technology (Intel(R) TXT) to perform a measured and verified launch of an OS kernel/VMM.
1377(https://trustedcomputinggroup.org/trusted-boot/)
1378
1379
1380
1381
1382coreboot: is an Open Source project aimed at replacing the proprietary BIOS (firmware) found in most computers. coreboot performs a little bit of hardware initialization and then executes additional boot logic, called a payload.With the separation of hardware initialization and later boot logic, coreboot can scale from specialized applications that run directly from firmware, run operating systems in flash, load custom bootloaders, or implement firmware standards, like PC BIOS services or UEFI. This allows for systems to only include the features necessary in the target application, reducing the amount of code and flash space required. 
1383(https://www.coreboot.org/Welcome_to_coreboot)
1384
1385
1386
1387
1388Libreboot: is a free (as in freedom) BIOS or UEFI replacement, initialising the hardware and booting your operating system.Non-free BIOS/UEFI firmware often contains backdoors, can be slow and have severe bugs, and you are left helpless at the mercy of the developers. By contrast, libreboot is fully free software, where anyone can contribute or inspect its code.
1389Libreboot is faster, more secure and more reliable than most non-free firmware. Libreboot provides many advanced features, like encrypted /boot/, GPG signature checking before booting your kernel and more!
1390(https://libreboot.org/)
1391
1392
1393
1394
1395
1396
1397NOTES:
13981.Purchase hardware from manufacturers who support GNU/Linux.
1399
1400
1401
1402
14032.Purchase hardware which supports coreboot/libreboot as a proprietary BIOS replacement. 
1404
1405
1406
1407
14083.Purchase hardware without the need for proprietary drivers or firmware: hdnode.org 
1409
1410
1411
1412
14134.Avoid using wireless devices, since they are insecure.
1414
1415
1416
1417
14185.Preferably disable or remove Bluetooth hardware modules. 
1419
1420
1421
1422
1423
14246.Hardware-specific issues can really only be fixed at the hardware level. At best, software interventions can only provide workarounds.
1425
1426The problem is no hardware exists that consists of entirely Libre firmware. It is very difficult to: analyze the firmware of hardware, wipe potentially compromised versions, or overwrite firmware with a most-likely-clean version. If the firmware being used was Libre Software, it would make verification easier but wouldn't stop infection. Disassembling hardware components (BIOS, disk controllers, CPU, Intel AMT etc.) and flashing them with clean versions offline is so difficult, that it is just cheaper and more convenient to buy new hardware. 
1427
1428
1429
1430
1431
1432
14337.Users should also avoid or disable the commonly deployed PXE boot and Wake-on-Lan (WoL) "features". PXE is implemented either as a Network Interface Card (NIC) BIOS extension or as UEFI code in modern devices (where it can be easily disabled).On most systems, WoL hardware functionality is usually blocked by default and explicitly needs to be enabled using the system BIOS or UEFI.
1434
1435-------------------------------------------------------------------------------------------------------- 
1436802.11 network security
1437
1438Wi-Fi Protected Access 2 (WPA2): is a network security technology commonly used on Wi-Fi wireless networks. It's an upgrade from the original WPA technology, which was designed as a replacement for the older and much less secure WEP.WPA2 further improves the security of a network because it requires using a stronger encryption method called AES.
1439(https://www.lifewire.com/what-is-wpa2-818352) 
1440
1441
1442
1443
1444NOTES 
14451.protects the data messages by generating perpacket keys. Although no security solution can claim to be “bullet-proof,” WPA represents a quantum leap forward in Wi-Fi security.Although recently, Mathy Vanhoef of imec-DistriNet, KU Leuven, discovered a serious weakness in WPA2 known as the Key Reinstallation AttaCK (or KRACK) attack. Their overview, Key Reinstallation Attacks: Breaking WPA2 by forcing nonce reuse, and research paper (Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2, co-authored by Frank Piessens) have created quite a stir in our industry because the press touts that it “breaks Wi-Fi”. 
1446
14472.Disable Wi-Fi Protected Setup (WPS) because it allows any device to connect to the network with the relevant eight-digit PIN.
1448
14493.Do not bother disabling SSID broadcasting since it is trivial to guess.
1450
14514.Do not rely on the WEP and WPA standards which are cryptographically weak and have known security weaknesses. Use the WPA2 standard so only authorized users can use the network.
1452
14535.Use routers that exclusively use WPA2, preferably with the AES standard (CCMP) and not TKIP which is less secure.
1454
14556.Enable the "Block WAN Requests" option to conceal the network from other Internet users.
1456
14577.Limit the number of Dynamic Host Configuration Protocol (DHCP) leases (connects) to the Wi-Fi network to match the number of personal devices owned.
1458
14598.If you must allow use of the Wi-Fi network to visitors, set up a guest network that turns itself off after a set period.
1460
14619.Use the 5-GHz band for Wi-Fi instead of the standard 2.4GHz band (if possible), since the 5 GHz band does not travel as far.
1462
146310.If possible, schedule Wi-Fi networks to turn off at night, and then turn on in the morning. 
1464
146511.If possible, use a dedicated network connection (LAN, WiFi etc.) that is not shared with other potentially compromised computers. 
1466
146712.If using a shared network via a common cable modem/router or ADSL router, configure a de-militarized zone (perimeter network) to restrict Whonix-Gateway accessibility to/from other nodes on the network e.g. printers, phones and laptops. 
1468
146913.A novel approach to counter the replay and fake CTS frame injection DoS attacks caused by not securing the 802.11 control frames is proposed. The solution to improve the current 802.11 control frame protection by generating a unique message authentication code using IAPP framework for key distribution and key management is proposed. SHA-2 or 3, the cryptographic hash function which is used to generate MAC for the control frames is supported by most of the current wireless station adapters which in turn makes this approach very cost effective. 
1470
1471
1472-------------------------------------------------------------------------------------------------------- 
1473Router security 
1474
1475Openwrt:  is a Linux operating system targeting embedded devices. Instead of trying to create a single, static firmware, OpenWrt provides a fully writable filesystem with package management. This frees you from the application selection and configuration provided by the vendor and allows you to customize the device through the use of packages to suit any application. For developers, OpenWrt is the framework to build an application without having to build a complete firmware around it; for users this means the ability for full customization, to use the device in ways never envisioned. 
1476(https://openwrt.org/)
1477
1478
1479
1480
1481pfsense: is an open source firewall/router computer software distribution based on FreeBSD. It is installed on a physical computer or a virtual machine to make a dedicated firewall/router for a network.[5] It can be configured and upgraded through a web-based interface, and requires no knowledge of the underlying FreeBSD system to manage. pfSense is commonly deployed as a perimeter firewall, router, wireless access point, DHCP server, DNS server, and as a VPN endpoint. pfSense supports installation of third-party packages like Snort or Squid through its Package Manager.
1482(https://en.wikipedia.org/wiki/PfSense) 
1483
1484
1485
1486
1487NOTES 
14881.Users should consider upgrading to a commercial-grade router that is normally intended for small businesses as a sensible investment in security. Further, it is safer to have a personally owned routing device that connects to an ISP-provided modem/router in order to maximize administrative control over routing and wireless features of the home network. 
1489
14902.Change the default router username and password to something suitably long and random.
1491 
14923.Turn off Universal Plug and Play (UPnP), which can allow applications to open ports to external computers.
1493
14944.Disable NAT-PMP, since it has similar functionality to UPnP.
1495
14965.Disable the Home Network Administrative Protocol since it allows remote management of network devices.
1497
14986.Port forwarding (if desired by the user) should be limited to a source IP address and/or source IP address subnet.
1499
15007.Keep router firmware up-to-date at all times for better security. Set the self-updating firmware option if it is available.
1501
15028.Do not bind services to the external interface.
1503
15049.Reconfigure the router firewall rules to drop all relevant incoming packets.
1505
150610.Disable the HTTP interface and enable the HTTPS interface instead, preferably on a non-standard port. For example: https://192.168.1.1:82 instead of http://192.168.1.1
1507
150811.Use the browser's incognito or private mode when accessing the administrative interface so the URL is not saved in the browser history.
1509
151012.Change the Service Set ID (SSID) which often leaks router information. Do not use personally identifying information like the apartment number you live in.
1511
151213.Disable cloud-based router management (if offered) because trust is shifted to another person between the user and the router.
1513
151414.Do not use mesh router systems that do not permit local administrative access.
1515
151615.Disable remote administrative access and administrative access over Wi-Fi. Set administrator access only via wired ethernet connections (not possible with mesh routers).
1517
151816.Disable all other remote-access protocols like PING, Telnet and SSH.
1519
152017.Firewall ports should be set to "stealth" rather than "closed" so no response is given to unsolicited external communications from attackers probing the network.
1521
152218.Set logging to on, if the feature is available. This allows for a record of unsolicited incoming connection attempts, attempted logins and so on.
1523
152419.Avoid administrating the router with a smartphone application.
1525
152620.If possible, use a dedicated network connection (LAN, WiFi etc.) that is not shared with other potentially compromised computers. 
1527
152821.If using a shared network via a common cable modem/router or ADSL router, configure a de-militarized zone (perimeter network) to restrict Whonix-Gateway accessibility to/from other nodes on the network e.g. printers, phones and laptops. 
1529
153022.WiFi users should default to the WPA2-AES standard which provides the safest protocol and strongest encryption currently. 
1531
153223.Do not rely on WiFi Protected Set-up (WPS), which has major security flaws.
1533-------------------------------------------------------------------------------------------------------- 
1534vulnerability scanners
1535
1536OpenVAS : created by Greenbone Networks,framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution.The actual security scanner is accompanied with a regularly updated feed of Network Vulnerability Tests (NVTs), over 50,000 in total.
1537(http://www.openvas.org/)
1538
1539
1540
1541Qualys FreeScan (network vulnerablity scanner): scan your network, servers, desktops or web apps for security vulnerabilities,detect security vulnerabilities and the patches needed to fix them,view interactive scan reports by threat or by patch,test websites & apps for OWASP Top Risks and malware,test computers against SCAP security benchmarks.
1542(https://www.qualys.com/forms/freescan/)
1543
1544--------------------------------------------------------------------------------------------------------
1545security focused Microkernels 
1546
1547
1548SeL4: is a high-assurance, high-performance microkernel developed, maintained and formally verified by NICTA (now the Trustworthy Systems Group at Data61) and owned by General Dynamics C4 Systems. It is a member of the L4 family of microkernels,seL4's implementation is formally (mathematically) proved correct (bug-free) against its specification, is proved to enforce strong security properties, and its operations have proved save upper bounds on their worst-case execution times.
1549(https://sel4.systems/About/seL4/) 
1550
1551
1552
1553
1554--------------------------------------------------------------------------------------------------------
1555security by isolation programs
1556
1557
1558XEN : Is a type 1 hypervisor,use more full virtualization options such as Xen can also improve security in the event you plan on running risky applications or browsing dangerous websites,can be used for VM isolation. 
1559(https://wiki.parabola.nu/Security)
1560
1561
1562virtualbox : Type 2 Hypervisor,can be used for VM isolation.
1563(https://www.virtualbox.org/)
1564
1565
1566Linux Containers (LXC): is an operating-system-level virtualization method for running multiple isolated Linux systems (containers) on a single control host (LXC host). It does not provide a virtual machine, but rather provides a virtual environment that has its own CPU, memory, block I/O, network, etc. space and the resource control mechanism. This is provided by namespaces and cgroups features in Linux kernel on LXC host. It is similar to a chroot, but offers much more isolation.
1567(https://en.wikipedia.org/wiki/LXC)
1568
1569
1570Firejail (SUID program) : Firejail is an easy to use and simple tool for sandboxing applications and servers alike. Firejail is suggested for browsers and internet facing applications, as well as any servers you may be running. Firejail is further enhanced when used with Grsecurity.
1571(https://wiki.parabola.nu/Security)
1572
1573
1574bubblewrap: is a setuid sandbox application developed from Flatpak with an even smaller resource footprint than Firejail. While it lacks certain features such as file path whitelisting, bubblewrap does offer bind mounts as well as the creation of user/IPC/PID/network/cgroup namespaces and can support both simple and complex sandboxes.
1575(https://wiki.archlinux.org/index.php/Bubblewrap)
1576
1577
1578chroots: is an operation that changes the apparent root directory for the current running process and their children. A program that is run in such a modified environment cannot access files and commands outside that environmental directory tree. This modified environment is called a chroot jail. 
1579(https://wiki.archlinux.org/index.php/change_root)
1580
1581
1582sandboxie: runs your programs in an isolated space which prevents them from making permanent changes to other programs and data in your computer.
1583(https://www.sandboxie.com/HowItWorks) 
1584
1585
1586NOTES 
1587
15881.A “container” is just a term people use to describe a combination of Linux namespaces and cgroups. Linux namespaces and cgroups ARE first class objects. NOT containers.
1589(https://blog.jessfraz.com/post/containers-zones-jails-vms/)
1590
1591-------------------------------------------------------------------------------------------------------
1592network intrusion prevention system (NIPS) and network intrusion detection system (NIDS) 
1593
1594
1595Bro IDS: Bro comes with analyzers for many protocols, enabling high-level semantic analysis at the application layer.Bro-IDS is a bit different than Snort.In a way Bro is both a signature and anomaly-based IDS. Its analysis engine will convert traffic captured into a series of events. An event could be a user logon to FTP, a connection to a website or practically anything. The power of the system is what comes after the event engine and that's the Policy Script Interpreter. This policy engine has it's own language ( Bro-Script ) and it can do some very powerful and versatile tasks.If you're an analyst and you've wondered "How can I automate some of my work?" then this is the tool you've been looking for.
1596(https://www.alienvault.com/blogs/security-essentials/open-source-intrusion-detection-tools-a-quick-overview)
1597
1598
1599
1600Snort: de-facto standard for IDS and eventually IPS (thanks to community effort!)
1601(https://www.alienvault.com/blogs/security-essentials/open-source-intrusion-detection-tools-a-quick-overview)
1602
1603
1604
1605AlienVault OSSIM (Open Source Security Information Management): integrating a selection of tools designed to aid network administrators in computer security, intrusion detection and prevention.Intended to give security analysts and administrators a view of all the security-related aspects of their system, by combining log management and asset management and discovery with information from dedicated information security controls and detection systems.OSSIM performs these functions using other well-known open-source software security components, unifying them under a single browser-based user interface. OSSIM comes with PRADS,OpenVAS,Snort,Suricata,Tcptrack,Nagios,OSSEC,Munin,NFSen/NFDump,FProbe,OSSIM also includes self developed tools, the most important being a generic correlation engine with logical directive support and logs integration with plugins.Note: Suricata and Snort cannot be used at the same time. Snort is currently being phased out in favor of Suricata.  
1606(https://en.wikipedia.org/wiki/OSSIM)
1607
1608
1609
1610
1611
1612NOTES 
1613There are a number of techniques which attackers are using, the following are considered 'simple' measures which can be taken to evade IDS:
1614
1615
16161.Fragmentation: by sending fragmented packets, the attacker will be under the radar and can easily bypass the detection system's ability to detect the attack signature.
1617
1618
16192.Avoiding defaults: The TCP port utilised by a protocol does not always provide an indication to the protocol which is being transported. For example, an IDS may expect to detect a trojan on port 12345. If an attacker had reconfigured it to use a different port the IDS may not be able to detect the presence of the trojan.
1620
1621
16223.Coordinated, low-bandwidth attacks: coordinating a scan among numerous attackers (or agents) and allocating different ports or hosts to different attackers makes it difficult for the IDS to correlate the captured packets and deduce that a network scan is in progress.
1623
1624
16254.Address spoofing/proxying: attackers can increase the difficulty of the ability of Security Administrators to determine the source of the attack by using poorly secured or incorrectly configured proxy servers to bounce an attack. If the source is spoofed and bounced by a server then it makes it very difficult for IDS to detect the origin of the attack.
1626
1627
16285.Pattern change evasion: IDSs generally rely on 'pattern matching' to detect an attack. By changing the data used in the attack slightly, it may be possible to evade detection. For example, an Internet Message Access Protocol (IMAP) server may be vulnerable to a buffer overflow, and an IDS is able to detect the attack signature of 10 common attack tools. By modifying the payload sent by the tool, so that it does not resemble the data that the IDS expects, it may be possible to evade detection.
1629
1630
16316.An IPS is not the same as an IDS. However, the technology that you use to detect security problems in an IDS is very similar to the technology that you use to prevent security problems in an IPS.
1632(http://searchsecurity.techtarget.com/Do-you-need-an-IDS-or-IPS-or-both)
1633--------------------------------------------------------------------------------------------------------
1634host-based intrusion detection system (HIDS) 
1635
1636OSSEC: is a scalable, multi-platform, open source Host-based Intrusion Detection System (HIDS). It has a powerful correlation and analysis engine, integrating log analysis, file integrity checking, Windows registry monitoring, centralized policy enforcement, rootkit detection, real-time alerting and active response.It runs on most operating systems, including Linux, OpenBSD, FreeBSD, MacOS, Solaris and Windows.
1637(https://ossec.github.io/about.html)
1638
1639
1640
1641
1642NOTES
16431.network intrusion detection (NIDS or IDS) and host intrusion detection (HIDS). These two technologies are very different. They are not redundant in what they do. They are deployed completely differently. They are complementary and cannot be substituted for one another. 
1644
1645Network IDS sits on the network telecommunications media such as an Ethernet network or a wireless network, and passively monitors the contents of packets of information flowing in all directions. IDS looks for types of content, types of services, volumes of services, and source and destination of traffic that shouldn’t be present and alerts upon suspicious activity. IDS does not typically examine changes over time, but alerts on suspicious events which it sees at any one point in time.
1646
1647Host IDS is an entirely different ballgame. It has agents which reside on servers. It monitors several types of changes over time on servers which may indicate security problems. HIDS monitors the dynamic behavior and the state of a computer system and compares what it expects to see with what it actually sees. 
1648(https://www.networkworld.com/article/2228598/security/intrusion-detection--why-do-i-need-ids--ips--or-hids-.html)
1649--------------------------------------------------------------------------------------------------------
1650packet analyzers 
1651
1652
1653packet total: is a free, online PCAP analyzer designed to visualize network traffic, detect malware, and provide analytics for the traffic contained within.  
1654( https://packettotal.com/ )
1655
1656
1657
1658tcpdump: a powerful command-line packet analyzer. 
1659(http://www.tcpdump.org/)
1660
1661-------------------------------------------------------------------------------------------------------
1662network analysis scanners 
1663
1664
1665Wireshark: is network protocol analyzer,it lets you see what’s happening on your network at a microscopic level and is the de facto (and often de jure) standard across many commercial and non-profit enterprises, government agencies, and educational institutions.
1666(https://www.wireshark.org/)
1667
1668
1669Nmap: utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime.  (https://nmap.org/)
1670
1671-------------------------------------------------------------------------------------------------------
1672disk encryption 
1673
1674
1675Linux Unified Key Setup (LUKS): encrypts storage media volumes. 
1676(http://www.forensicswiki.org/wiki/Linux_Unified_Key_Setup_(LUKS) )
1677
1678
1679
1680VeraCrypt: is a free open source disk encryption software for Windows, Mac OSX and Linux. Brought to you by IDRIX (https://www.idrix.fr) and based on TrueCrypt 7.1a.VeraCrypt also solves many vulnerabilities and security issues found in TrueCrypt.As an example, when the system partition is encrypted, TrueCrypt uses PBKDF2-RIPEMD160 with 1000 iterations whereas in VeraCrypt we use 327661. And for standard containers and other partitions, TrueCrypt uses at most 2000 iterations but VeraCrypt uses 655331 for RIPEMD160 and 500000 iterations for SHA-2 and Whirlpool. 
1681(https://www.veracrypt.fr/en/Home.html)
1682
1683
1684
1685
1686
1687NOTES
1688
1689
16901.Question:If I stick to standard operations, and I do not require any of the features from LUKS, what risks am I as a non-expert taking?
1691
1692LUKS partitions have a header that ensures such a partition won't be seen as ext2, vfat, etc. A plain dm-crypt partition may coincidentally end up looking like a unencrypted filesystem, and has a chance of being written to accidentally, destroying your data.
1693
1694LUKS checks if you entered the correct passphrase. If you put in the wrong passphrase, plain dm-crypt won't pick up on this; instead, it will happily give you garbled crypto-mapping which may also coincidentally look like an unencrypted filesystem, and has a chance of being written to accidentally, destroying your data.
1695
1696LUKS stores the type of encryption used, while dm-crypt requires you to supply the same options each time. If, after a period of not using your encrypted device, you find there are a few gaps in your recollection of what the password was, and it turns out you forgot the encryption options as well, you are doubly hosed (this happened to me personally before LUKS existed; the encrypted data wasn't so important so I just reformatted after unsuccessfully trying to get in for an hour or so).
1697(https://security.stackexchange.com/questions/90468/why-is-plain-dm-crypt-only-recommended-for-experts)
1698
1699
1700
17012.It is possible to brute force LUKS with Hashcat.
1702(https://blog.pnb.io/2018/02/bruteforcing-linux-full-disk-encryption.html)
1703
1704-------------------------------------------------------------------------------------------------------
1705security audit tools 
1706
1707
1708Lynis: Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening.  
1709(https://cisofy.com/lynis/)
1710
1711
1712
1713TIGER: The Unix security audit and host intrusion detection tool.  
1714(http://www.nongnu.org/tiger/)
1715
1716
1717
1718Scout2: Security auditing tool for AWS environments. 
1719(https://nccgroup.github.io/Scout2/)
1720
1721
1722
1723prowler: Tool for AWS security assessment, auditing and hardening. It follows guidelines of the CIS Amazon Web Services Foundations Benchmark. 
1724(https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf)
1725
1726
1727
1728lunar: A UNIX security auditing tool based on several security frameworks.  
1729(https://github.com/lateralblast/lunar)
1730
1731-------------------------------------------------------------------------------------------------------
1732Network and applications layer authentication and encryption and secure hash algorithms and password protection (some may support combinations of authentication, integrity, access control, and confidentiality).
1733
1734
1735Quantum cryptography: uses our current knowledge of physics to develop a cryptosystem that is not able to be defeated - that is, one that is completely secure against being compromised without knowledge of the sender or the receiver of the messages. The word quantum itself refers to the most fundamental behavior of the smallest particles of matter and energy: quantum theory explains everything that exists and nothing can be in violation of it.Quantum cryptography is different from traditional cryptographic systems in that it relies more on physics, rather than mathematics, as a key aspect of its security model.
1736(https://searchsecurity.techtarget.com/definition/quantum-cryptography) 
1737
1738
1739
1740
1741SHA3-512 (based off Secure Hash Algorithm 3): is designed to provide a random mapping from a string of binary data to a fixed-size “message digest” and achieve certain security properties. Hash algorithms can be used for digital signatures, message authentication codes, key derivation functions, pseudo random functions, and many other security applications. 
1742(https://csrc.nist.gov/projects/hash-functions/sha-3-project)
1743
1744
1745
1746
1747Elliptic curve cryptography (ECC) (using:Ed25519 and Curve25519): is a public key based , such as RSA , but it is sort of represented in an algebraic structure , ECC offers the same security than RSA but at a smaller footprint , also it’s less cpu intensive so it’s ideal for mobile devices and faster acting networks.
1748(https://hackernoon.com/eliptic-curve-crypto-the-basics-e8eb1e934dc5) 
1749
1750
1751
1752
1753Kerberos: is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. A free implementation of this protocol is available from the Massachusetts Institute of Technology. Kerberos is available in many commercial products as well.
1754(https://web.mit.edu/kerberos/)
1755
1756
1757
1758
1759IP Security Protocol (IPSec):The IP Security (IPsec) architecture comprises a suite of protocols developed to ensure the integrity, confidentiality and authentication of data communications over an IP network.While the flexibility of the IPsec standards has drawn the interest of the commercial sector, this same flexibility has resulted in the identification of several problems with the protocols because of their complexity. As with other security systems, poor maintenance can easily lead to a critical system failure.IPsec may be used in three different security domains: virtual private networks, application-level security and routing security. At this time, IPsec is predominately used in VPNs. When used in application-level security or routing security, IPsec is not a complete solution and must be coupled with other security measures to be effective, hindering its deployment in these domains.
1760(https://www.computerworld.com/article/2561149/security0/ipsec--how-it-works-and-why-we-need-it.html)
1761
1762
1763
1764
1765Advanced Encryption Standard (AES) (using 256 bit): is a symmetric block cipher chosen by the U.S. government to protect classified information and is implemented in software and hardware throughout the world to encrypt sensitive data.The selection process for this new symmetric key algorithm was fully open to public scrutiny and comment; this ensured a thorough, transparent analysis of the designs submitted.
1766(http://searchsecurity.techtarget.com/definition/Advanced-Encryption-Standard) 
1767
1768
1769
1770
1771Rivest-Shamir-Adleman (RSA) (using 4096 bit): is a cryptosystem for public-key encryption, and is widely used for securing sensitive data, particularly when being sent over an insecure network such as the Internet. Public-key cryptography, also known as asymmetric cryptography, uses two different but mathematically linked keys, one public and one private. The public key can be shared with everyone, whereas the private key must be kept secret. In RSA cryptography, both the public and the private keys can encrypt a message; the opposite key from the one used to encrypt a message is used to decrypt it. This attribute is one reason why RSA has become the most widely used asymmetric algorithm: It provides a method of assuring the confidentiality, integrity, authenticity and non-reputability of electronic communications and data storage.RSA derives its security from the difficulty of factoring large integers that are the product of two large prime numbers. Multiplying these two numbers is easy, but determining the original prime numbers from the total -- factoring -- is considered infeasible due to the time it would take even using today’s super computers.
1772(http://searchsecurity.techtarget.com/definition/RSA)
1773
1774
1775
1776
1777GNU Privacy Guard (GPG) (based off PGP): is free encryption software that's compliant with the OpenPGP (RFC4880) standard. Using GPG you can encrypt (and decrypt) files that contain sensitive data, such as protected health information (PHI) regulated by the Health Insurance Portability and Accountability Act (HIPAA) privacy and security rules.
1778(https://kb.iu.edu/d/awio) 
1779
1780
1781
1782
1783Secure Socket Shell (SSH):  is a network protocol that provides administrators with a secure way to access a remote computer. SSH also refers to the suite of utilities that implement the protocol. Secure Shell provides strong authentication and secure encrypted data communications between two computers connecting over an insecure network such as the Internet.
1784(http://searchsecurity.techtarget.com/definition/Secure-Shell) 
1785
1786
1787
1788
1789Transport Layer Security (TLS): Transport Layer Security (TLS) is the successor to Secure Sockets Layer (SSL) for achieving secure transmission across the Internet. But TLS and SSL aren't identical, is a protocol that provides privacy and data integrity between two communicating applications. It's the most widely deployed security protocol used today, and is used for Web browsers and other applications that require data to be securely exchanged over a network, such as file transfers, VPN connections, instant messaging and voice over IP.Key differences between SSL and TLS that make TLS a more secure and efficient protocol are message authentication, key material generation and the supported cipher suites, with TLS supporting newer and more secure algorithms. TLS and SSL are not interoperable, though TLS currently provides some backward compatibility in order to work with legacy systems.
1790(http://searchsecurity.techtarget.com/definition/Transport-Layer-Security-TLS)
1791(http://searchenterprisewan.techtarget.com/tip/TLS-Network-encryption-beyond-SSL-with-Transport-Layer-Security) 
1792
1793
1794
1795
1796Salt: In password protection, salt is a random string of data used to modify a password hash. Salt can be added to the hash to prevent a collision by uniquely identifying a user's password, even if another user in the system has selected the same password. Salt can also be added to make it more difficult for an attacker to break into a system by using password hash-matching strategies because adding salt to a password hash prevents an attacker from testing known dictionary words across the entire system.
1797(http://searchsecurity.techtarget.com/definition/salt)
1798
1799
1800
1801
1802
1803NOTES 
1804
18051.Many protocols like SSH, OpenPGP, S/MIME, and SSL/TLS rely on RSA for encryption and digital signature functions.
1806
1807
1808
18092.IPsec is an end-to-end security scheme operating in the Internet Layer of the Internet Protocol Suite, while some other Internet security systems in widespread use, such as Transport Layer Security (TLS) and Secure Shell (SSH), operate in the upper layers at the Transport Layer (TLS) and the Application layer (SSH). Hence, only IPsec protects all application traffic over an IP network. IPsec can automatically secure applications at the IP layer. 
1810
1811
1812
18133.IPSec controls whether a user can connect to the computer at the IP layer, not the application layer. 
1814
1815
1816
18174.For confidentiality, PGP encrypts messages with an efficient single-key or conventional encryption algorithm known as IDEA. It then uses RSA to encrypt, with the receiver's public key, the IDEA key used to encrypt the message. The receiver can use RSA to recover the IDEA key and use that key to recover the message. 
1818
1819
1820
1821
18225.What do Digital Signatures Prove and What They DO NOT Prove:
1823
1824Digital Signatures show that someone who had access to the private key has made a signature. It is an indication, that its contents have not been tampered (so, integrity is preserved) and can indicate, that a given file is authentic.Digital Signatures do not prove any other property, e.g. that the file is not malicious. In fact there is nothing that could stop people from signing a malicious program. 
1825
1826The point is, of course, that people need to choose to trust some people, e.g. Linus Torvalds, Microsoft, etc. and assume that if a file(s) was indeed signed by those individuals, then indeed it should not be malicious and buggy in some horrible way. But the decision of whether to trust certain people is beyond the scope of digital signatures. 
1827
1828
1829
1830
18316.Now, researchers have presented proof that digitally signed malware is much more common than previously believed. What's more, it predated Stuxnet, with the first known instance occurring in 2003. The researchers said they found 189 malware samples bearing valid digital signatures that were created using compromised certificates issued by recognized certificate authorities and used to sign legitimate software. In total, 109 of those abused certificates remain valid. The researchers, who presented their findings Wednesday at the ACM Conference on Computer and Communications Security, found another 136 malware samples signed by legitimate CA-issued certificates, although the signatures were malformed.
1832(https://arstechnica.com/information-technology/2017/11/evasive-code-signed-malware-flourished-before-stuxnet-and-still-does/)
1833
1834
1835
1836
1837
18387.IP Security Protocol (IPSec), which the operating systems uses rather than relying on the inherently insecure TCP/IP Version 4 (IPV4). (IPV4 chooses to trust just about everybody and everything.) IPSec encrypts and validates packets to protect the privacy of data and to ensure that no changes are made to packets during the delivery process. IPSec became an integral piece of the standard Internet Protocol with the introduction of TCP/IP Version 6 (IPV6), making the future of the Internet more secure by default.
1839
1840
1841
1842
18438.SSL should be done using LibreSSL. 
1844(https://www.quora.com/What-desktop-OS-kernel-is-the-most-hardened-the-most-unhackable)
1845
1846
1847
18489.entropy is the randomness collected by an operating system or application for use in cryptography or other uses that require random data.
1849
1850Basically, when you’re generating keys (let’s say RSA 2048) you need true random numbers. You don’t want them to be deterministic (based on a timestamp or some vague ID): cryptography relies on good randomness.
1851For example, when you boot up a computer, how can this randomness be different from any other computer? This is especially a big issue for IoT devices (routers) with very few sources of entropy — and yet they (sometimes) have to generate keys at boot-time! Resulting in hosts sharing the same keys due to bad randomness. 
1852(https://blog.0day.rocks/introducing-the-first-ever-shitpost-based-rng-c5422bfce257)
1853
1854
1855
1856
185710.60% of HTTPS and SSH hosts served non-unique public keys.
1858(http://web.stanford.edu/class/ee380/Abstracts/150513-slides.pdf)
1859
1860
1861
1862
186311.How can we add entropy on Linux?
1864One basic trick is to move your mouse and type random things on your keyboard. The Linux kernel will automatically add these inputs as entropy bits. But one cannot do that all day long, right?
1865(https://blog.0day.rocks/introducing-the-first-ever-shitpost-based-rng-c5422bfce257)
1866
1867
1868
186912.To help prevent websites from having data breaches the website owners should have salted hashes not just hashes but salted as well.
1870
1871-------------------------------------------------------------------------------------------------------
1872Executable space protections 
1873
1874Data Execution Prevention (DEP): is a security feature that can help prevent damage to your computer from viruses and other security threats. Harmful programs can try to attack Windows by attempting to run (also known as execute) code from system memory locations reserved for Windows and other authorized programs. These types of attacks can harm your programs and files.DEP can help protect your computer by monitoring your programs to make sure that they use system memory safely. If DEP notices a program on your computer using memory incorrectly, it closes the program and notifies you.
1875(http://www.dell.com/support/article/it/it/itbsdt1/sln288643/what-is-data-execution-prevention-dep-?lang=en)
1876
1877
1878
1879
1880W^X: and "Once-writable, never executable" are both sub-cases of DEP. DEP is about making read accesses, and execution accesses, distinct (a writable page is also a readable page). W^X is about using DEP to enforce a specific policy, which is that a given page can never be writable and executable at the same time.  
1881(https://security.stackexchange.com/questions/18936/what-attacks-does-a-wx-policy-prevent-against)
1882
1883
1884
1885NOTES
1886
18871.Bypassing DEP and NX requires a cool trick called Return-Oriented Programming.
1888
1889------------------------------------------------------------------------------------------------------- 
1890server security suite
1891
1892Atomic Secured Linux (ASL): is an easy-to-use, out-of-the-box Unified Security Suite add-on for Linux systems designed to protect your servers against zero-day threats.
1893(https://aws.amazon.com/marketplace/review/product-reviews?asin=B01M0WZ19N)
1894
1895
1896
1897-------------------------------------------------------------------------------------------------------
1898VPNS 
1899
1900
1901ExpressVPN: AES-256 encryption, no logging, Kill Switch, P2P servers, 3 simultaneous connections, DNS Leak Protection feature, 94 countries with 1500+ servers, works with netflix, unlimited bandwidth, Located in Safe Jurisdiction: British Virgin Islands, Cost: $6.67/mo and up,supported platforms: Windows, Mac, Android, Linux (best UI in the industry), iPhone and iPad, Different routers, Different web browsers, PROTOCOLS: OpenVPN, SSTP, L2Tp/IPsec, and PPTP, TOR Compatible. 
1902(https://thebestvpn.com/reviews/expressvpn/)
1903(https://www.expressvpn.com/)
1904
1905
1906
1907NordVPN: Kill Switch, No logs, 60 Countries with Servers 3350+, DNS Leak Protection, 6 simultaneous connections,TOR Compatible, Netflix: Yes, Torrenting: Yes, Cost: $2.75/mo and up, Access to their DoubleVPN servers which encrypts data twice, Jurisdiction: Panama
1908(https://thebestvpn.com/reviews/nordvpn/)  
1909
1910
1911
1912
1913
1914ipvanish: Protocols: OpenVPN, SOCKS5, and Others, No Logs, AES-256 encryption, 60+ countries with 1000+ servers, platforms: Windows, Mac, iOS, Android, Routers, Linux, cost $6.49/$8.99/$10.00, cons: does not work with netflix,No TOR Compatability.
1915(https://thebestvpn.com/reviews/ipvanish/) 
1916(https://www.ipvanish.com/)
1917
1918
1919
1920Riseup VPN (bitmask): protection against ISP surveillance,bypass government censorship,break free from a corporate firewall,secure your Wi-Fi connection: Any time you use a public Wi-Fi connection, everyone else using that access point can spy on your traffic. Riseup VPN will prevent this.
1921(https://riseup.net/en/vpn)
1922
1923
1924
1925
1926
1927iVPN: located in Gibraltar,the Data Protection Act of 2004 keeps the private information of Gibraltar citizens safe and forces businesses to respect user information,The VPN service supports the following devices and operating systems:PC,Mac,Linux/GNU,iPad,iPhone,Android,NAS,Routers,IVPN works simultaneously on as many as five devices,this VPN provides 37 servers 14 countries,And the company offers an integrated firewall that acts as a “kill switch.” The company even claims that it’s more secure than a traditional one,IVPN also offers IPv6 and DNS leak protection,Payment methods include credit cards, debit cards, PayPal, BitCoin, and cash payments,they use AES-256 encryption with 4096-bit RSA keys,New encryption keys are generated every hour providing perfect forward secrecy,Torrenting is allowed with IVPN,does not log anything even your cookies or bandwidth usage,The yearly plan is only $5 per month.
1928(https://thebestvpn.com/reviews/ivpn/)
1929
1930
1931
1932
1933OpenVPN: creates an encrypted UDP or TCP connection (if you don’t understand what that means, it’s IT-talk for computers being able to communicate to one another) that uses Open SSL encryption. This makes it an ideal protocol for VPNs because the connection and encryption make it almost indistinguishable from standard HTTPS traffic. So, if your goal is to access geoblocked content from streaming websites that block VPNs, like Netflix, you’re more likely going to succeed using OpenVPN. This is also why OpenVPN is better than PPTP because even though the latter is faster, it has a higher chance of getting blocked.The extra encryption level also makes OpenVPN an ideal protocol for those using a VPN to stay secure. On top of OpenSSL encryption, OpenVPN supports IPv6 and can add an HMAC Firewall, which identifies packets of data and provides an additional layer of security.You can use the OpenVPN application to create your own VPN, but it requires a lot of technical aspects that the average VPN user will not know how to configure. It is hard to set up manually and should only be attempted if you have a background in IT. However, many top VPN providers use OpenVPN, and their platform makes it very simple to install and run with little or no configuration from the user.
1934(https://www.vpnmentor.com/reviews/open-vpn/#)
1935
1936
1937
1938NOTES 
19391.You -> VPN -> Tor
1940
1941You can very well decrease your anonymity by using VPN/SSH in addition to Tor.If you know what you are doing you can increase anonymity, security and privacy.
1942
1943Most VPN/SSH provider log, there is a money trail, if you can't pay really anonymously. (An adversary is always going to probe the weakest link first...). A VPN/SSH acts either as a permanent entry or as a permanent exit node. This can introduce new risks while solving others.
1944
1945Who's your adversary? Against a global adversary with unlimited resources more hops make passive attacks (slightly) harder but active attacks easier as you are providing more attack surface and send out more data that can be used. Against colluding Tor nodes you are safer, against blackhat hackers who target Tor client code you are safer (especially if Tor and VPN run on two different systems). If the VPN/SSH server is adversary controlled you weaken the protection provided by Tor. If the server is trustworthy you can increase the anonymity and/or privacy (depending on set up) provided by Tor.
1946
1947VPN/SSH can also be used to circumvent Tor censorship (on your end by the ISP or on the service end by blocking known tor exits). 
1948
1949
1950
1951
19522.Do not use a VPN as an anonymity solution. If you're looking for a trusted entry into the Tor network, or if you want to obscure the fact that you're using Tor, setting up a private server as a bridge works quite well.
1953
1954VPNs encrypt the traffic between the user and the VPN provider, and they can act as a proxy between a user and an online destination. However, VPNs have a single point of failure: the VPN provider. A technically proficient attacker or a number of employees could retrieve the full identity information associated with a VPN user. It is also possible to use coercion or other means to convince a VPN provider to reveal their users' identities.
1955
1956
1957
19583.Is it possible to completely disable logging?The command «log/dev/null» on Linux completely removes all the logs of OpenVPN service. Owing to the settings, you can completely disable the logging of any connections to the OpenVPN server. 
1959
1960
1961
19624.Multihop Technology:This basically allows you to “chain” VPN servers, so that your data is routed between two VPN servers as it travels between you and the internet.
1963
1964
19655.An insecure connection is still insecure: Although Riseup VPN will anonymize your location and protect you from surveillance from your ISP, once your data is securely routed through riseup.net it will go out on the internet as it normally would. Therefore, you should still use secure connections (TLS) when available (ie https over http, imaps over imap, etc).
1966
1967
19686.Even though some VPNs claim they do not log,they do monitor some lesser important data, such as: Service performance data (for recommending most suitable servers),E-mail address,Payment data (but you can also use bitcoins).
1969That’s the regular stuff that most (if not all) VPN providers are logging and it’s nothing you should be worried about. 
1970
1971
19727.List of VPN leak via Web RTC 
1973(https://docs.google.com/spreadsheets/d/1Nm7mxfFvmdn-3Az-BtE5O0BIdbJiIAWUnkoAF_v_0ug/htmlview?sle=true#gid=0)
1974
1975
1976
19778.You can check for Web RTC leakage here: (https://ip.voidsec.com/)
1978
1979
1980-------------------------------------------------------------------------------------------------------- 
1981proxies 
1982
19831.Privoxy: is a proxy server that uses application-layer filtering. HTTP traffic passed through Privoxy will have certain privacy-oriented rules applied to them. For example, Privoxy will block ads, detect and disable click-tracking scripts, disabling pop-ups, etc.
1984(https://security.stackexchange.com/questions/45606/how-tor-privoxy-vidalia-and-polipo-are-getting-together)
1985
1986
1987--------------------------------------------------------------------------------------------------------
1988distributing files or data anonymously 
1989
1990secure drop:is designed to use two physical servers: a public-facing server that stores messages and documents, and a second that performs security monitoring of the first. The code on the public-facing server is a Python web application that accepts messages and documents from the web and GPG-encrypts them for secure storage. This site is only made available as a Tor Hidden Service, which requires sources to use Tor, thus hiding their identity from both the SecureDrop server and many types of network attackers. Essentially, it’s a more secure alternative to the "contact us" form found on a typical news site. Every source who visits the site is given a unique "codename." The codename lets the source establish a relationship with the news organization without revealing his/her real identity or resorting to e-mail. They can enter the code name on a future visit to read any messages sent back from the journalist, or submit additional documents and messages under the same persistent, but pseudonymous, identifier. The source is known by a different and unrelated code name on the journalist’s side. All of the source’s submissions, and replies to the source from journalists, are grouped together into a collection. Every time there’s a new submission by a source, their collection is bumped to the top of the submission queue. 
1991(https://securedrop.org/faq)
1992
1993
1994
1995OnionShare:is an open source tool that lets you securely and anonymously share a file of any size.
1996(https://onionshare.org/) 
1997--------------------------------------------------------------------------------------------------------
1998scan websites automatically for common vulnerabilities and errors that can de-anonymize the owner or users 
1999
2000
2001OnionScan:has two primary goals: We want to help operators of hidden services find and fix operational security issues with their services. We want to help them detect misconfigurations and we want to inspire a new generation of anonymity engineering projects to help make the world a more private place.Secondly we want to help researchers and investigators monitor and track Dark Web sites. In fact we want to make this as easy as possible. Not because we agree with the goals and motives of every investigation force out there - most often we don't. But by making these kinds of investigations easy, we hope to create a powerful incentive for new anonymity technology. 
2002(https://onionscan.org/)
2003
2004--------------------------------------------------------------------------------------------------------
2005easiest way to add an onion address to a traditional websites
2006
2007Enterprise Onion Toolkit (EOTK): adds an onion address to a traditional website. 
2008(https://www.bleepingcomputer.com/news/security/quickly-add-an-onion-url-to-your-site-with-the-enterprise-onion-toolkit-eotk-/)
2009
2010-------------------------------------------------------------------------------------------------------
2011proof that bugs and/or highly stealthy malware can go undetected for atleast 1 year or more!
2012
2013
20141.Orpheus' Lyre: In 2017 Two implementations of the Kerberos authentication protocol received patches this week against a vulnerability that allowed a threat actor to bypass authentication procedures.The vulnerability was discovered by a team of three researchers, who dubbed it "Orpheus' Lyre." Researchers tracked down the flaw to Kerberos versions released in 1996.Orpheus' Lyre exploits a part of the Kerberos protocol named "tickets." These are messages exchanged between network nodes, and are used to authenticate services and users.Not all parts of a ticket are encrypted when sent through the network. Kerberos implementations usually rely on checking the encrypted parts of a Kerberos message to authenticate users and services.Researchers said they found a way to force the Kerberos protocol to use the plaintext and non-encrypted part for authentication procedures.
2015
2016
2017
2018
20192.Dirty COW: is a computer security vulnerability for the Linux kernel that affects all Linux-based operating systems  It is a local privilege escalation bug that exploits a race condition in the implementation of the copy-on-write mechanism in the kernel's memory-management subsystem.Because of the race condition, with the right timing, a local attacker can exploit the copy-on-write mechanism to turn a read-only mapping of a file into a writable mapping. Although it is a local privilege escalation, remote attackers can use it in conjunction with other exploits that allow remote execution of non-privileged code to achieve remote root access on a computer.The attack itself does not leave traces in the system log! The vulnerability has existed in the Linux kernel since version 2.6.22 released in September 2007, and there is information about it being actively exploited at least since October 2016.
2020
2021
2022
2023
20243.Heartbleed: is a security bug in the OpenSSL cryptography library, which is a widely used implementation of the Transport Layer Security (TLS) protocol. It was introduced into the software in 2012 and publicly disclosed in April 2014. Heartbleed may be exploited regardless of whether the vulnerable OpenSSL instance is running as a TLS server or client. It results from improper input validation (due to a missing bounds check) in the implementation of the TLS heartbeat extension, thus the bug's name derives from heartbeat. The vulnerability is classified as a buffer over-read, a situation where more data can be read than should be allowed.
2025
2026
2027
2028
20294.POODLE: which stands for "Padding Oracle On Downgraded Legacy Encryption",is a man-in-the-middle exploit which takes advantage of Internet and security software clients' fallback to SSL 3.0.If attackers successfully exploit this vulnerability, on average, they only need to make 256 SSL 3.0 requests to reveal one byte of encrypted messages.POODLE exemplifies a vulnerability that succeeds thanks to a mechanism designed for reducing security for the sake of interoperability. When designing systems in domains with high levels of fragmentation, then, extra care is appropriate. In such domains graceful security degradation may become common. (SSL version 3.0 was released in 1996,so potentially this bug can be as old as 1996!)
2030
2031
2032
2033
20345.Shellshock: also known as Bashdoor,is a family of security bugs in the widely used Unix Bash shell, the first of which was disclosed on 24 September 2014. Many Internet-facing services, such as some web server deployments, use Bash to process certain requests, allowing an attacker to cause vulnerable versions of Bash to execute arbitrary commands. This can allow an attacker to gain unauthorized access to a computer system.The first bug causes Bash to unintentionally execute commands when the commands are concatenated to the end of function definitions stored in the values of environment variables.Within days of the publication of this, intense scrutiny of the underlying design flaws discovered a variety of related vulnerabilities (CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, and CVE-2014-7187); which Ramey addressed with a series of further patches.Analysis of the source code history of Bash shows the bugs had existed since Bash version 1.03 released in September 1989!
2035
2036
2037
2038
20396.VENOM(Virtualized Environment Neglected Operations Manipulation ): is a security vulnerability in the virtual floppy drive code used by many computer virtualization platforms. This vulnerability may allow an attacker to escape from the confines of an affected virtual machine (VM) guest and potentially obtain code-execution access to the host. Absent mitigation, this VM escape could open access to the host system and all other VMs running on that host, potentially giving adversaries significant elevated access to the host’s local network and adjacent systems.The VENOM bug has existed since 2004, though it has reportedly not been exploited in the wild yet.
2040
2041
2042
2043
20447.Meltdown: breaks the most fundamental isolation between user applications and the operating system. This attack allows a program to access the memory, and thus also the secrets, of other programs and the operating system.If your computer has a vulnerable processor and runs an unpatched operating system, it is not safe to work with sensitive information without the chance of leaking the information. This applies both to personal computers as well as cloud infrastructure.There are patches against Meltdown for Linux, Windows, and OS X.Meltdown has potentially existed since 1995.
2045(https://meltdownattack.com/)      
2046(https://lwn.net/Articles/738975/)
2047
2048
2049
2050
20518.Spectre: breaks the isolation between different applications. It allows an attacker to trick error-free programs, which follow best practices, into leaking their secrets. In fact, the safety checks of said best practices actually increase the attack surface and may make applications more susceptible to Spectre.Spectre is harder to exploit than Meltdown, but it is also harder to mitigate.However, it is possible to prevent specific known exploits based on Spectre through software patches.Spectre has potentially existed since 1995.
2052(https://meltdownattack.com/)      
2053(http://lists.llvm.org/pipermail/llvm-commits/Week-of-Mon-20180101/513630.html)
2054
2055
2056
2057
2058
20599.Slingshot: Researchers have discovered malware so stealthy it remained hidden for six years despite infecting at least 100 computers worldwide.which means it was likely developed on behalf of a well-resourced country, researchers with Moscow-based Kaspersky Lab reported Friday.The ability for such a full-featured piece of malware to remain hidden for so long is one of the things that makes it so advanced.One of the ways Slingshot concealed itself was its use of an encrypted virtual file system that was typically located in an unused part of the hard drive. By segregating malware files from the file system of the infected computer, Slingshot stood a much better chance of remaining undetected by antivirus engines. Other stealth techniques included encrypting all text strings in its various modules, calling system services directly to bypass so-called hooks used by security products, and the ability to shut down components when forensic tools are loaded.Infected computers were located primarily in Kenya and Yemen, but also in Afghanistan, Libya, Congo, Jordan, Turkey, Iraq, Sudan, Somalia, and Tanzania. Most of the victims appeared to be targeted individuals. Some, however, were government organizations and institutions.
2060(https://arstechnica.com/information-technology/2018/03/potent-malware-that-hid-for-six-years-spread-through-routers/)
2061
2062
2063
2064
2065
206610.Backdoor Regin: Researchers have unearthed highly advanced malware they believe was developed by a wealthy nation-state to spy on a wide range of international targets in diverse industries, including hospitality, energy, airline, and research.Regin likely required months or years to be completed and contains dozens of individual modules that allowed its operators to tailor the malware to individual targets.To remain stealthy, the malware is organized into five stages, each of which is encrypted except for the first one. Executing the first stage triggers a domino chain in which the second stage is decrypted and executed, and that in turn decrypts the third stage, and so on. Analyzing and understanding the malware requires researchers to acquire all five stages. Regin contains dozens of payloads, including code for capturing screenshots, seizing control of an infected computer's mouse, stealing passwords, monitoring network traffic, and recovering deleted files.Symantec researchers believe Regin was a sprawling framework that was used in multiple campaigns that data back to 2008 and possibly several years earlier.There is still much Symantec doesn't know about Regin. So far, company researchers are aware of only about 100 infections, a number that seems small for such a sprawling framework of malware.The researchers have yet to uncover the command and control system the attackers used to communicate with infected computers, and they still don't have any educated hunches about the country behind the malware. The malware is known to have been active from 2008 until 2011, when it was abruptly pulled by its operators for unknown reasons.Regin, which is the name Microsoft assigned to the underlying trojan, resurfaced in 2013. Symantec researchers became aware of the malware in December of that year. 
2067(https://arstechnica.com/information-technology/2014/11/highly-advanced-backdoor-trojan-cased-high-profile-targets-for-years/)
2068
2069
2070
2071
207211.ProjectSauron/Remsec: Security experts have discovered a malware platform that's so advanced in its design and execution that it could probably have been developed only with the active support of a nation-state.The malware—known alternatively as "ProjectSauron" by researchers from Kaspersky Lab and "Remsec" by their counterparts from Symantec—has been active since at least 2011 and has been discovered on 30 or so targets.Its ability to operate undetected for five years is a testament to its creators, who clearly studied other state-sponsored hacking groups in an attempt to replicate their advances and avoid their mistakes.Much of ProjectSauron resides solely in computer memory and was written in the form of Binary Large Objects, making it hard to detect using antivirus.Because of the way the software was written, clues left behind by ProjectSauron in so-called software artifacts are unique to each of its targets. That means that clues collected from one infection don't help researchers uncover new infections.Unlike many malware operations that reuse servers, domain names, or IP addresses for command and control channels, the people behind ProjectSauron chose a different one for almost every target.In all, Project Sauron is made up of at least 50 modules that can be mixed and matched to suit the objectives of each individual infection.The main purpose of the malware platform was to obtain passwords, cryptographic keys, configuration files, and IP addresses of the key servers related to any encryption software that was in use.Infected groups include government agencies, scientific research centers, military organizations, telecommunication providers, and financial institutions in Russia, Iran, Rwanda, China, Sweden, Belgium, and possibly in Italian-speaking countries.
2073(https://arstechnica.com/information-technology/2016/08/researchers-crack-open-unusually-advanced-malware-that-hid-for-5-years/)
2074
2075
2076
2077
2078
207912.Stuxnet: In January 2010, inspectors with the International Atomic Energy Agency visiting the Natanz uranium enrichment plant in Iran noticed that centrifuges used to enrich uranium gas were failing at an unprecedented rate. The cause was a complete mystery—apparently as much to the Iranian technicians replacing the centrifuges as to the inspectors observing them.Five months later a seemingly unrelated event occurred. A computer security firm in Belarus was called in to troubleshoot a series of computers in Iran that were crashing and rebooting repeatedly. Again, the cause of the problem was a mystery. That is, until the researchers found a handful of malicious files on one of the systems and discovered the world's first digital weapon.Stuxnet, as it came to be known, was unlike any other virus or worm that came before. Rather than simply hijacking targeted computers or stealing information from them, it escaped the digital realm to wreak physical destruction on equipment the computers controlled.Stuxnet has already been at work silently sabotaging centrifuges at the Natanz plant for about a year. An early version of the attack weapon manipulated valves on the centrifuges to increase the pressure inside them and damage the devices as well as the enrichment process. Centrifuges are large cylindrical tubes—connected by pipes in a configuration known as a "cascade"—that spin at supersonic speed to separate isotopes in uranium gas for use in nuclear power plants and weapons. Stuxnet 0.5 could spread only by infecting Step 7 project files—the files used to program Siemens PLCs. This version, however, could spread via USB flash drives using the Windows Autorun feature or through a victim’s local network using the print-spooler zero-day exploit that Kaspersky Lab, the antivirus firm based in Russia, and Symantec later found in the code.It's not clear how long it took Stuxnet to reach its target after infecting machines at Neda and the other companies, but between June and August the number of centrifuges enriching uranium gas at Natanz began to drop.Stuxnet was first identified by the infosec community in 2010, but development on it probably began in 2005. Despite its unparalleled ability to spread and its widespread infection rate, Stuxnet does little or no harm to computers not involved in uranium enrichment. When it infects a computer, it checks to see if that computer is connected to specific models of programmable logic controllers (PLCs) manufactured by Siemens. PLCs are how computers interact with and control industrial machinery like uranium centrifuges.
2080(https://www.wired.com/2014/11/countdown-to-zero-day-stuxnet/)
2081(https://www.csoonline.com/article/3218104/malware/what-is-stuxnet-who-created-it-and-how-does-it-work.html)
2082
2083
2084
2085
2086
208713.Flame: The malware, dubbed "Flame" after one of the dozens of modules available for it, immediately evoked memories of Stuxnet. As sophisticated as Stuxnet and a related piece of espionage software known as Duqu are, the latest piece of malware is probably orders of magnitude more sophisticated. When fully installed, its size is a whopping 20MB, and it also uses SQLite databases and dynamically generated code that uses the Lua programming language. Such characteristics suggest the malware, which Kaspersky estimates has been found on about 1,000 computer systems so far, could only have been written by a large team of highly skilled software engineers.Kaspersky, in a report published Monday, said it found evidence showing Flame had managed to remain undetected for at least two years.At least 20 modules available for the malware bring a menu of highly advanced spying capabilities to the unknown people who control it. One plugin turns on the internal microphone of infected machines so Skype conversations can be secretly monitored in real time. A separate module scans nearby Bluetooth-enabled devices for names and phone numbers stored in contact lists. A third monitors machine activity by taking screenshots every 15 to 60 seconds, depending on whether Outlook or another targeted application is in use, and uses SSL-protected connections to send the images to the attackers. Flame can also sniff traffic passing over local networks to siphon user names, passwords, password hashes, and other sensitive data that attackers can use to further monitor their targets.Flame also contains some advanced features that were first found in Stuxnet. An infection mechanism that exploits a Windows "Autorun" feature in USB drives is one such example, as is its ability to propagate within local networks by exploiting a Windows print-spool vulnerability Microsoft patched in 2010. It's not clear if the developers had access to the same advanced vulnerability the Stuxnet architects had or if they simply added similar functionality based on the huge body of research that followed Stuxnet's discovery.The code contained about 6,500 lines of Lua scripts alone, researchers from BitDefender said.The fact that the software works as well as it does on such a small number of computers also suggests that huge amounts of debugging and quality assurance work was painstakingly devoted to making sure it worked precisely as it was intended. 
2088(https://arstechnica.com/information-technology/2012/05/spy-malware-infecting-iranian-networks-is-engineering-marvel-to-behold/)
2089
2090
2091
2092
2093Gauss: Researchers have uncovered yet another state-sponsored computer espionage operation that uses state-of-the-art software to extract a wealth of sensitive data from thousands of machines located mostly in the Middle East."Gauss," as Kaspersky Lab researchers have dubbed the malware, was devised by the same "factory" or "factories" responsible for the Stuxnet worm used to disrupt Iran's nuclear program, as well as the Flame and Duqu Trojans. Some researchers say the latter two malware titles may have provided the reconnaissance needed for operations such as Stuxnet. Gauss is known to have infected 2,500 computers connected to Kaspersky's cloud-based security system, and researchers with the firm say tens of thousands of additional machines may also be affected. The highest concentration of attacks are found in Lebanon, followed by Israel and the Palestinian territories.Like Duqu and Flame, Gauss is highly modular, and it shares a "fair deal of code" with Flame. Its developers failed to remove debugging information before unleashing the malware, however, allowing researchers to uncover details about the computers used to develop the malware. A version developed in December and January, for instance, resided in the Windows directory c:\documents and settings\flamer\desktop\gauss_white_1, providing another clue it has close ties to Flame, which is also known as Flamer and didn't come to light until May. Gauss and Flame also share a similar command and control infrastructure, code references, and encryption subroutines. Gauss, which appears to be an homage to the German mathematician and scientist Johann Carl Friedrich Gauss, comes from the name one of the developers gave to the main module. Developers appear to have named other modules after famous mathematicians and philosophers Kurt Godel and Joseph-Louis Lagrange.Another curious discovery is Gauss' ability to steal and monitor data from the clients of Citibank and PayPal, as well as several Lebanese banks."This is actually the first time we’ve observed a nation-state cyber-espionage campaign with a banking Trojan component," Kaspersky researchers wrote. "It is not known whether the operators are actually transferring funds from the victim’s bank accounts or whether they are simply monitoring finance/funding sources for specific targets."Gauss comes with plenty of other tantalizing unknowns. It's programmed to collect technical details about an infected computer's network connections, processes and folders, BIOS, CMOS, RAM, and local and removable drives. It's configured to upload that data to five command-and-control servers that were shut down last month before Kaspersky could infiltrate them.A Gauss component that infects USB drives exploits the same Microsoft Windows vulnerability used to spread Stuxnet and Flame from computer to computer even when they're not connected to the Internet. Microsoft patched the bug affecting files with .LNK extensions two years ago, but because so many "air-gapped" computers don't regularly receive software updates, it's likely many of the victims remained vulnerable, Roel Schouwenberg, a senior Kaspersky researcher, told Ars.Adding to the intrigue, Gauss contains an encrypted payload that Kaspersky researchers so far have been unable to unlock. It's loaded onto USB sticks that are inserted into Gauss-infected machines and executed when they're plugged into uninfected computers later, but only under unknown conditions. A mysterious subroutine searches for detailed system configurations and rifles through hundreds of directories and uses a cryptographically hashed result of that data as the secret key. Kaspersky has appealed for help from "world-class cryptographers" in decrypting the contents so they can learn exactly what the module is doing. Kaspersky researchers can be e-mailed at theflame@kaspersky.com.
2094(https://arstechnica.com/information-technology/2012/08/nation-sponsored-malware-has-mystery-warhead/)
2095
2096
2097
2098
2099--------------------------------------------------------------------------------------------------------
2100helpful security  Vulnerability focused reporting sites
2101
2102
2103Common Vulnerabilities and Exposures (CVE)
2104https://cve.mitre.org/
2105
2106
2107Open Threat Exchange (OTX)
2108https://www.alienvault.com/open-threat-exchange
2109
2110
2111Browse Exploit Database
2112https://www.exploit-db.com/browse/
2113
2114
2115Security Advisories for Firefox
2116https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/
2117
2118
2119Intel security advisory
2120(https://security-center.intel.com/advisories.aspx)
2121
2122
2123computer security resource center
2124https://csrc.nist.gov/news
2125
2126security focus
2127https://www.securityfocus.com/vulnerabilities
2128
2129
2130Secunia Research Community
2131https://secuniaresearch.flexerasoftware.com/advisories/search/
2132
2133
2134
2135---------------------------------------------------------------------------------------------------------
2136protection against Cross-Site Request Forgery (CSRF) 
2137
2138We recommend two separate checks as your standard CSRF defense that does not require user intervention. This discussion ignores for the moment deliberately allowed cross origin requests (e.g., CORS). Your defenses will have to adjust for that if that is allowed. 
2139
2140
21411.Check standard headers to verify the request is same origin
2142
21432.AND Check CSRF token 
2144
2145(for a full explanation go here: https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet )
2146
2147
2148
2149--------------------------------------------------------------------------------------------------------
2150Preventing Remote File Inclusion (RFI) Attacks 
2151
2152
21531.Never use arbitrary input data in a literal file include request.
2154
2155
21562.Use a filter to thoroughly scrub input parameters against possible file inclusions.
2157
2158
21593.Build a dynamic whitelist.
2160
2161
2162NOTES
21631.The RFI is a cousin to the nefarious XSS cross-site scripting attack. Both are forms of code injection, although the RFI is less sophisticated. As such, it is also more easily prevented. 
2164
2165
21662.Like all code injection attacks, RFI is a result of allowing unsecure data into a secure context. The best way to prevent an RFI attack is to never use arbitrary input data in a literal file include request. 
2167
2168
2169(for a full explanation go here: http://www.esecurityplanet.com/browser-security/how-to-prevent-remote-file-inclusion-rfi-attacks.html )
2170-------------------------------------------------------------------------------------------------------- 
2171cross site scripting (XSS) defense
2172
21731.HTML Escape Before Inserting Untrusted Data into HTML Element Content 
2174
2175
2176
21772.Attribute Escape Before Inserting Untrusted Data into HTML Common Attributes 
2178
2179
2180
21813.JavaScript Escape Before Inserting Untrusted Data into JavaScript Data Values 
2182
2183
2184
21854.HTML escape JSON values in an HTML context and read the data with JSON.parse 
2186
2187
2188
21895.CSS Escape And Strictly Validate Before Inserting Untrusted Data into HTML Style Property Values 
2190
2191
2192
21936.URL Escape Before Inserting Untrusted Data into HTML URL Parameter Values 
2194
2195
2196
2197
21987.Prevent DOM-based XSS 
2199
2200
2201
2202
22038.Use HTTPOnly cookie flag 
2204
2205Preventing all XSS flaws in an application is hard, as you can see. To help mitigate the impact of an XSS flaw on your site, OWASP also recommends you set the HTTPOnly flag on your session cookie and any custom cookies you have that are not accessed by any Javascript you wrote. This cookie flag is typically on by default in .NET apps, but in other languages you have to set it manually.
2206
2207
2208
2209
22109.Implement Content Security Policy 
2211
2212There is another good complex solution to mitigate the impact of an XSS flaw called Content Security Policy. It's a browser side mechanism which allows you to create source whitelists for client side resources of your web application, e.g. JavaScript, CSS, images, etc. CSP via special HTTP header instructs the browser to only execute or render resources from those sources.
2213
2214
2215
221610.Use an Auto-Escaping Template System
2217
2218Many web application frameworks provide automatic contextual escaping functionality such as AngularJS strict contextual escaping and Go Templates. Use these technologies when you can.
2219
2220
2221
222211.Use the X-XSS-Protection Response Header 
2223
2224This HTTP response header enables the Cross-site scripting (XSS) filter built into some modern web browsers. This header is usually enabled by default anyway, so the role of this header is to re-enable the filter for this particular website if it was disabled by the user. 
2225
2226
2227(for a full explanation go here: https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet )
2228--------------------------------------------------------------------------------------------------------
2229defenses against SQL injections 
2230
2231Defense Option 1: Prepared Statements (with Parameterized Queries) 
2232
2233The use of prepared statements with variable binding (aka parameterized queries) is how all developers should first be taught how to write database queries. They are simple to write, and easier to understand than dynamic queries. Parameterized queries force the developer to first define all the SQL code, and then pass in each parameter to the query later. This coding style allows the database to distinguish between code and data, regardless of what user input is supplied.
2234
2235Prepared statements ensure that an attacker is not able to change the intent of a query, even if SQL commands are inserted by an attacker. In the safe example below, if an attacker were to enter the userID of tom' or '1'='1, the parameterized query would not be vulnerable and would instead look for a username which literally matched the entire string tom' or '1'='1. 
2236
2237
2238
2239
2240
2241
2242
2243
2244Defense Option 2: Stored Procedures
2245
2246Stored procedures are not always safe from SQL injection. However, certain standard stored procedure programming constructs have the same effect as the use of parameterized queries when implemented safely* which is the norm for most stored procedure languages. They require the developer to just build SQL statements with parameters which are automatically parameterized unless the developer does something largely out of the norm. The difference between prepared statements and stored procedures is that the SQL code for a stored procedure is defined and stored in the database itself, and then called from the application. Both of these techniques have the same effectiveness in preventing SQL injection so your organization should choose which approach makes the most sense for you. 
2247
2248
2249
2250
2251
2252
2253Defense Option 3: White List Input Validation 
2254
2255Various parts of SQL queries aren't legal locations for the use of bind variables, such as the names of tables or columns, and the sort order indicator (ASC or DESC). In such situations, input validation or query redesign is the most appropriate defense. For the names of tables or columns, ideally those values come from the code, and not from user parameters. But if user parameter values are used to make different for table names and column names, then the parameter values should be mapped to the legal/expected table or column names to make sure unvalidated user input doesn't end up in the query. Please note, this is a symptom of poor design and a full re-write should be considered if time allows. 
2256
2257
2258
2259
2260
2261
2262
2263Defense Option 4: Escaping All User Supplied Input 
2264
2265This technique should only be used as a last resort, when none of the above are feasible. Input validation is probably a better choice as this methodology is frail compared to other defenses and we cannot guarantee it will prevent all SQL Injection in all situations.
2266
2267This technique is to escape user input before putting it in a query. It is very database specific in its implementation. Its usually only recommended to retrofit legacy code when implementing input validation isn't cost effective. Applications built from scratch, or applications requiring low risk tolerance should be built or re-written using parameterized queries, stored procedures, or some kind of Object Relational Mapper (ORM) that builds your queries for you.
2268
2269This technique works like this. Each DBMS supports one or more character escaping schemes specific to certain kinds of queries. If you then escape all user supplied input using the proper escaping scheme for the database you are using, the DBMS will not confuse that input with SQL code written by the developer, thus avoiding any possible SQL injection vulnerabilities.
2270
2271
2272
2273Additional Defenses 
2274
2275To minimize the potential damage of a successful SQL injection attack, you should minimize the privileges assigned to every database account in your environment. Do not assign DBA or admin type access rights to your application accounts. We understand that this is easy, and everything just ‘works’ when you do it this way, but it is very dangerous. Start from the ground up to determine what access rights your application accounts require, rather than trying to figure out what access rights you need to take away. Make sure that accounts that only need read access are only granted read access to the tables they need access to. If an account only needs access to portions of a table, consider creating a view that limits access to that portion of the data and assigning the account access to the view instead, rather than the underlying table. Rarely, if ever, grant create or delete access to database accounts.
2276
2277If you adopt a policy where you use stored procedures everywhere, and don’t allow application accounts to directly execute their own queries, then restrict those accounts to only be able to execute the stored procedures they need. Don’t grant them any rights directly to the tables in the database.
2278
2279SQL injection is not the only threat to your database data. Attackers can simply change the parameter values from one of the legal values they are presented with, to a value that is unauthorized for them, but the application itself might be authorized to access. As such, minimizing the privileges granted to your application will reduce the likelihood of such unauthorized access attempts, even when an attacker is not trying to use SQL injection as part of their exploit.
2280
2281While you are at it, you should minimize the privileges of the operating system account that the DBMS runs under. Don't run your DBMS as root or system! Most DBMSs run out of the box with a very powerful system account. For example, MySQL runs as system on Windows by default! Change the DBMS's OS account to something more appropriate, with restricted privileges.
2282
2283
2284
2285(for a full explanation go here: https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet )
2286-------------------------------------------------------------------------------------------------------- 
2287XPath Injection Defenses 
2288
22891.Just like the techniques to avoid SQL injection, you need to use a parameterized XPath interface if one is available, or escape the user input to make it safe to include in a dynamically constructed query. If you are using quotes to terminate untrusted input in a dynamically constructed XPath query, then you need to escape that quote in the untrusted input to ensure the untrusted data can't try to break out of that quoted context. 
2290
22912.Another better mitigation option is to use a precompiled XPath query. Precompiled XPath queries are already preset before the program executes, rather than created on the fly after the user's input has been added to the string. This is a better route because you don't have to worry about missing a character that should have been escaped.
2292(https://www.owasp.org/index.php/XPATH_Injection)
2293
2294
2295
2296--------------------------------------------------------------------------------------------------------
2297problems that have not been solved yet
2298
2299
23001.Tor is vulnerable to statistical "traffic confirmation" attacks, where the adversary watches traffic at both ends of a circuit and confirms his guess that they're communicating. It would be really nice if we could use cover traffic to confuse this attack. But there are three problems here:
2301
2302.Cover traffic is really expensive. And *every* user needs to be doing it. This adds up to a lot of extra bandwidth cost for our volunteer operators, and they're already  pushed to the limit.
2303
2304.You'd need to always be sending traffic, meaning you'd need to always be online. Otherwise, you'd need to be sending end-to-end cover traffic -- not just to the first hop, but all the way to your final destination -- to prevent the adversary from correlating presence of traffic at the destination to times when you're online. What does it mean to send cover traffic to -- and from -- a web server? That is not supported in most protocols.
2305
2306.Even if you *could* send full end-to-end padding between all users and all destinations all the time, you're *still* vulnerable to active attacks that block the padding for a short time at one end and look for patterns later in the path. 
2307(https://www.torproject.org/docs/faq.html.en#SendPadding)
2308
2309
2310
2311
2312
2313
23142.Security researchers have raised the alarm for years about the Intel remote administration feature known as the Management Engine. The platform has a lot of useful features for IT managers, but it requires deep system access that offers a tempting target for attackers; compromising the Management Engine could lead to full control of a given computer. Now, after several research groups have uncovered ME bugs, Intel has confirmed that those worst-case fears may be possible.
2315(https://www.wired.com/story/intel-management-engine-vulnerabilities-pcs-servers-iot/)
2316
2317UPDATE:It might Now be Possible To Disable & Strip Down Intel's ME  
2318(https://phoronix.com/scan.php?page=news_item&px=Intel-ME-Cleaning  Via an open-source, third-party tool called me_cleaner )
2319
2320
2321
2322
2323
23243.It seems that there will always be bugs,or exploits,in the coding of programs,OSes,etc. and that there will never be error-free/bug free coding of programs,thats why theres a constant need for updating,your hardware,software,program, etc. even when patches or fixes are implemented that just brings more coding involved,and potentially create more bugs due to that one fix you created for that 1 bug.The best we can do is reduce the amount of coding,and make sure our very own patches don't create more bugs or exploits.
2325
2326
2327
2328
2329
23304.Trust is an issue,at some point you have to trust,that someone at the manufactory of your computer that you bought did not put a backdoor or any malware,on your new computer,other examples include but are not limited to your internet service provider (ISP),server operator,Tor developers etc. 
2331
2332
2333
2334
23355.The host system clock synchronization mechanism still uses unauthenticated NTP from a single source. This is not optimal, but there is no real solution to this problem.A potential attack vector is created by this NTP behavior; the ISP and/or time server could either inadvertently or maliciously introduce a significant clock skew, or the host clock could simply malfunction. 
2336(https://www.whonix.org/wiki/Advanced_Security_Guide)
2337
2338
2339
23406.Unfortunately, it is not yet possible to set a random clock offset for Qubes-Whonix VMs to prevent clock correlation attacks since it is unsupported by Xen. A related issue is denying Qubes-Whonix access to "clocksource=xen", which may not be possible without Linux kernel and/or Xen patches.
2341(https://www.whonix.org/wiki/Advanced_Security_Guide)
2342
2343
2344
2345--------------------------------------------------------------------------------------------------------
2346General and technical Notes 
2347
23481.In linux use sudo instead of su.
2349(https://wiki.parabola.nu/Security) 
2350
2351
2352
2353
2354
23552.It is possible to tighten the security so much as to make your system unusable,do it without over doing it. 
2356(https://wiki.archlinux.org/index.php/security)
2357
2358
2359
2360
23613.Never reuse an address space.
2362
2363
2364
2365
2366
23674.Avoid using secure shell without requiring SSH keys,to help mitigate brute force attacks. 
2368
2369
2370
2371
23725.when using SSH, implement Fail2ban so only key authentication is allowed.
2373
2374
2375
2376
2377
23786.download over TLS and even better to verify the gpg signatures,and even better then those two is to obtain the software or item you want  by creating by source code. 
2379
2380
2381
2382
2383
23847. Intel Software Guard Extensions (SGX) supposedly has the ability to create a secure enclave within a potentially compromised OS. (update:here are some known weaknesses of SGX: https://github.com/jovanbulck/sgx-pte  and  https://www.techrepublic.com/article/spectre-like-attack-exposes-entire-contents-of-intels-sgx-secure-enclave/)
2385
2386
2387
23888.The good that comes with Unikernels: a smaller codebase,no shell and even no System calls, and also removing hardware emulation.
2389(http://unikernel.org/blog/2017/unikernels-are-secure) 
2390
2391
2392
23939.The bad that comes with unikernels: (https://thenewstack.io/unikernels-will-create-security-problems-solve/)
2394
2395
2396
2397
2398
239910.TCP timestamps are disabled by default in Qubes R3.1 and above.
2400(https://www.whonix.org/wiki/Computer_Security_Education#Microphone)
2401
2402
2403
2404
240511.qubes-url-redirector: is a browser's extension to improve security. It's for Qubes OS and it's written using standard WebExtension APIs. It permits to manage which VM is responsible to open links, obviously redirection happens before any TCP connection is made. Furthermore, through context menu entries, you can open a specific link in a custom way. Currently you can open links in: DVM, a default-VM, a specific VM and in this VM. 
2406(https://github.com/raffaeleflorio/qubes-url-redirector)
2407
2408
2409
2410
2411
241212.Constantly check for updates of outdated hardware and software programs and drivers. 
2413
2414
2415
2416
2417
2418
2419
242013.Apply a BIOS password for BIOS set up and boot. 
2421(https://www.whonix.org/wiki/System_Hardening_Checklist)
2422
2423
2424
2425
2426
242714.In Qubes always open untrusted files in DispVM.
2428(https://www.qubes-os.org/doc/dispvm/)
2429
2430
2431
2432
243315.Most .bat's that you will see online will be malicious. Some are good though.Always open .bat files with caution.  
2434(https://softwap.blogspot.cz/2013/04/basic-of-hacking-complete-source-must.html)
2435
2436
2437
2438
2439
244016.Be weary of vulnerable apt-get  downloads through untrusted Tor exit relays. 
2441(https://www.whonix.org/wiki/Advanced_Security_Guide)
2442
2443
2444
2445
2446
244717.Users should understand that the system clock inside Whonix is set to UTC to prevent against time zone leaks. This means it may be a few hours ahead or behind the user's host system clock. It is strongly recommended not to change this setting. 
2448(https://www.whonix.org/wiki/Advanced_Security_Guide)
2449
2450
2451
2452
2453
245418.The Whonix-Gateway state should not be suspended or saved. It is far better to power off the Whonix-Gateway if it is no longer needed. 
2455(https://www.whonix.org/wiki/Advanced_Security_Guide)
2456
2457
2458
2459
2460
246119.Similarly, if users suspend or save the Whonix-Workstation state, the clock will again lag behind the correct value.This can be manually fixed inside Whonix-Workstation by running: Start Menu -> Applications -> System -> Whonix Timesync. 
2462(https://www.whonix.org/wiki/Advanced_Security_Guide)
2463
2464
2465
2466
2467
2468
246920.If the host clock value is grossly inaccurate - more than one hour in the past or more than 3 hours in future - Tor cannot connect to the Tor network.This is easily solved by manually fixing the clock on the host, then powering the Whonix-Gateway off and on again. 
2470(https://www.whonix.org/wiki/Advanced_Security_Guide)
2471
2472
2473
2474
2475
247621.Another side effect of a significantly inaccurate host clock concerns operating system (OS) updates and cryptographic verification on the host. Until the host clock is manually fixed, it may no longer be possible to download updates or verify SSL certificates with the host browser. 
2477(https://www.whonix.org/wiki/Advanced_Security_Guide)
2478
2479
2480
2481
2482
2483
248422.Users should always check whether a host clock defect relates to an empty battery before assuming the ISP is tampering with NTP. 
2485(https://www.whonix.org/wiki/Advanced_Security_Guide)
2486
2487
2488
2489
2490
2491
249223.Spoofing the initial virtual hardware clock offset is useful to prevent Clock Correlation Attacks. 
2493(https://www.whonix.org/wiki/Advanced_Security_Guide)
2494
2495
2496
2497
2498
2499
250024.For greater security, higher performance and a lower resource footprint, consider using an experimental MirageOS-based unikernel firewall that can run as a QubesOS ProxyVM. 
2501(https://www.whonix.org/wiki/System_Hardening_Checklist)
2502
2503
2504
2505
2506
2507
250825.Store encrypted back-ups on a separate back-up disk that is already encrypted with LUKS or dm-crypt.
2509
2510
2511
2512
2513
2514
251526.Two things that have not been name spaced as of yet are time and kernel keystrings. 
2516(https://blog.jessfraz.com/post/two-objects-not-namespaced-linux-kernel/)
2517
2518
2519
2520
2521
252227.Deactivate TransPort Test for better Stream Isolation. 
2523
2524
2525
2526
2527
252828.Run all instances of Tor Browser in an uncustomized Whonix-Workstation DisposableVM in Qubes-Whonix.
2529(https://www.whonix.org/wiki/Tor_Browser)
2530
2531
2532
2533
2534
2535
2536
253729.Selfrando significantly improves security over standard address space layout randomization (ASLR) techniques currently used by Firefox and other mainstream browsers. 
2538(https://motherboard.vice.com/en_us/article/z43zpw/tor-is-teaming-up-with-researchers-to-protect-users-from-fbi-hacking)
2539
2540
2541
2542
2543
2544
254530.TCP Initial Sequence Numbers mitigation. 
2546(https://tools.ietf.org/html/rfc6528)
2547
2548
2549
2550
2551
2552
255331.set RELRO to "Full RELRO" instead of "Partial RELRO". 
2554
2555
2556
2557
2558
255932.always use HTML5 instead of adobe flash. 
2560
2561
2562
2563
2564
2565
256633.From time to time a user asks which incoming/outgoing ports are required by Whonix-Gateway. The answer is:
2567
2568Incoming: none.
2569Outgoing: all.
2570
2571An alternative technique for controlling ports might be corridor (a Tor traffic whitelisting gateway), since it can act as a firewall.
2572(https://www.whonix.org/wiki/Advanced_Security_Guide)
2573
2574
2575
2576
257734.JSONP (JSON with Padding) is a method commonly used to bypass the cross-domain policies in web browsers. (You are not allowed to make AJAX requests to a web page perceived to be on a different server by the browser.) Solution:should look to use Cross-Origin Resource Sharing (CORS) where possible.
2578(https://www.nytimes.com/2015/06/13/technology/chinese-hackers-circumvent-popular-web-privacy-tools.html) 
2579
2580
2581
2582
258335.Mainframes: are notoriously difficult to get access to, making security testing difficult, if not impossible.Ayoub Elaassal, a security auditor at consulting firm Wavestone, was one of the lucky few who were able to access a mainframe for an audit.It didn't take him too long to find a vulnerability that, if exploited, could have given him root access to a mainframe and its vital, sensitive data."We could potentially compromise the whole system, and to whatever we want -- like intercepting transactions and issuing wire transfers,"
2584(https://www.zdnet.com/article/hacking-mainframe-black-hat-talk-secure-platform/)
2585
2586 
2587
2588
258936.NTP is a buggy and ancient protocol. Flaws in NTP clients can be remotely exploited to give an attacker control over the system,uninstall  NTP clients on the host operating system and disable systemd's timdatectl NTP synchronization feature,this prevents time-related attack vectors which rely on leakage of the host time,and add sdwdate (Secure Distributed Web Date). 
2590(https://www.whonix.org/wiki/Time_Attacks)
2591
2592
2593
2594
2595
2596
259737.Block incoming ICMP messages (and any traffic in general) with iptables or any of its frontends.Disable ICMP timestamps and TCP timestamps on the host operating system to prevent leakage of: system information, host time, system uptime, and fingerprinting of devices behind a router. 
2598(https://www.whonix.org/wiki/Time_Attacks)
2599
2600
2601
2602
2603
260438.If a Trusted Platform Module (TPM) is available, use AEM protection to attest that only desired (trusted) components are loaded and executed during the system boot. Unauthorized modifications to BIOS or the boot partition will be notified.
2605(https://www.whonix.org/wiki/System_Hardening_Checklist)
2606
2607
2608
2609
2610
2611
2612
261339.Avoid dual booting,even if you are using encryption on your Qubes installation, /boot is still unprotected and could be maliciously modified by the other OS possibly leading to Qubes itself being maliciously modified. 
2614(https://www.qubes-os.org/doc/multiboot/)
2615
2616
2617
2618
261940.Open-source hardware is also not perfectly secure, since it is not "stateless", that is, lacking any persistent storage.
2620(https://www.whonix.org/wiki/Computer_Security_Education)
2621
2622
2623 
2624
262541.CONFIG_GRKERNSEC_RANDSTRUCT_PERFORMANCE  = increased security if turned off 
2626
262742.CONFIG_GRKERNSEC_TPE  = Cool feature that can prevent things from executing everywhere, no performance hit. 
2628
262943.CONFIG_GRKERNSEC_SYSFS_RESTRICT = Might not work with Wayland and/or systemd ? 
2630
263144.CONFIG_GRKERNSEC_NO_RBAC = If RBAC isn't going to be used it's better to turn this on to prevent any abuse, no performance hit.
2632
263345.CONFIG_GRKERNSEC_IO = No performance hit.
2634
263546.CONFIG_PAX_MEMORY_UDEREF = Some virtualisations solutions can take a huge performance hit with this security setting. 
2636
263747.CONFIG_PAX_MEMORY_SANITIZE = 3% performance hit on single CPU system. 
2638
263948.CONFIG_PAX_MEMORY_STACKLEAK = 1% performance hit on single CPU system.
2640
264149.CONFIG_PAX_MEMORY_STRUCTLEAK = Even less performance hit than STACKLEAK.
2642
264350.GRKERNSEC_CONFIG_PRIORITY_SECURITY = Choose this option if security is of highest priority for this deployment of grsecurity.  UDEREF, kernel stack clearing, clearing of structures intended for userland, and freed memory sanitizing will be enabled for this kernel.In a worst-case scenario, these features can introduce a 20% performance hit  
2644(UDEREF on x64 contributing half of this hit). 
2645(https://github.com/subgraph/subgraph-os-issues/issues/237)
2646
2647
2648
2649
265051.People who built computers in the early 2000's will tell you BIOS updates are risky, and they were, but not anymore. 
2651(https://decentsecurity.com/securing-your-computer/)
2652
2653
2654
2655
265652.Good programming lanuages for security might be golang,D,Rust, and Ada. 
2657
2658
2659
2660
2661
266253.Most programming languages higher level than C are much more secure when it comes to programming errors like Heartbleed's. Examples that primarily compile to machine code include D, Rust and Ada. 
2663(https://security.stackexchange.com/questions/55723/are-there-secure-languages)
2664
2665
2666
2667
2668
266954.Whonix-Workstation Security:In Qubes-Whonix the best practice is to use DisposableVMs for all your internet activity. Alternatively, periodically delete your Whonix-Workstation AppVM(s) and create fresh instances from the Whonix-Workstation TemplateVM.  
2670(https://www.whonix.org/wiki/Security_Guide)
2671
2672
2673
2674
267555.Use a Yubikey to enhance the security of Qubes user authentication, mitigate the risk of password snooping, and to improve USB keyboard security.The Qubes Yubikey provides an easy way to integrate the Yubikey into your existing Qubes user authentication in order to mitigate the risk of having someone or something snooping on your keyboard while you type your password.
2676
2677It has been designed to be used with a USB AppVM to protect against USB based attacks. 
2678(https://www.qubes-os.org/doc/yubi-key/)
2679
2680
2681
2682
268356.For greater security, advanced users should consider configuring the OS to avoid making core dumps. If possible, preventing access to process memory is also advisable, along with secure storage of the file system.Although core dumps are typically readable only by root,but may contain sensitive data (such as passwords or cryptographic keys), which are written to disk following a crash.
2684(https://www.whonix.org/wiki/Computer_Security_Education#Microphone)
2685
2686
2687 
268857.websites can easily determine whether you have allowed JavaScript for them, and if you disable JavaScript by default but then allow a few websites to run scripts (the way most people use NoScript), then your choice of whitelisted websites acts as a sort of cookie that makes you recognizable (and distinguishable), thus harming your anonymity.  
2689(https://superuser.com/questions/1232146/why-noscript-isnt-activated-by-default-in-tor-browser)
2690
2691
2692
2693
2694
269558.SQL Injection flaws are introduced when software developers create dynamic database queries that include user supplied input. To avoid SQL injection flaws is simple. Developers need to either: a) stop writing dynamic queries; and/or b) prevent user supplied input which contains malicious SQL from affecting the logic of the executed query. 
2696(https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet)
2697
2698
2699
2700
2701
270259.Configure sys-whonix to use corridor as a filtering gateway to ensure only connections to Tor relays pass through. This provides an additional fail-safe to protect from accidental clearnet leaks that might arise from hypothetical Whonix bugs.
2703(https://www.whonix.org/wiki/System_Hardening_Checklist)
2704
2705
2706
2707
2708
270960.Anonymity is compromised if another NAT network adapter is added to the Whonix-Workstation. If this advice is disregarded, then your identity is leaked if/when infection occurs. Therefore, it is strongly recommended to always update over the Tor network. Although Tor updating is slow by comparison, it prevents inadvertent leaks. 
2710(https://www.whonix.org/wiki/Security_Guide)
2711
2712
2713
2714
271561.Avoid using wireless keyboards and mice because most send data unencrypted. Even if this wasn't the case, there is no way to verify the robustness of the cryptography involved in proprietary products. A local adversary (up to 100 meters away) can sniff keystrokes and inject their own, allowing them to take over the machine. 
2716(https://www.whonix.org/wiki/Computer_Security_Education#Microphone)
2717
2718
2719
2720
2721
2722
272362.Torrify apt-get traffic on the host to prevent fingerprinting and leakage of sensitive security information.Apt-transport-tor is a package that allows host operating systems or non-Whonix-Workstation VMs that are not behind a torifying gateway (like Whonix-Gateway) to torify their apt-get traffic for individual repositories. 
2724
2725Strictly speaking, there is no need to use apt-transport-tor inside Whonix VMs since all traffic is already routed over Tor. apt-get is stream isolated using a preconfigured uwt wrapper. In other words, apt-get in Whonix is already talking to a Tor SocksPort. Nevertheless, apt-transport-tor will be the default in Whonix 14 because it provides better error handling and stream isolation. 
2726(https://www.whonix.org/wiki/Advanced_Security_Guide)
2727
2728
2729
2730
2731
2732
273363.TCP timestamps provide protection against wrapped sequence numbers,but the downside of TCP timestamps is adversaries can remotely calculate the system uptime (and boot time) of the machine and the host's clock down to millisecond precision. These calculated uptimes (and boot times) can also help to detect hidden network-enabled operating systems, as well as link spoofed IP and MAC addresses together and more. 
2734To prevent this information being available to an adversary, it is recommended that TCP timestamps are disabled on any operating systems being used. The less information available to attackers, the greater the security.Disable TCP Timestamps via kernel sysctl. Note this boolean disables it for both IPv4 and IPv6 - both are controlled by the same sysctl option. 
2735(https://www.whonix.org/wiki/Computer_Security_Education#Microphone)
2736
2737
2738
2739
2740
2741
274264.Ada language is designed to prevent common programming errors as much as possible and is used in critical systems where a system bug might have catastrophic consequences.Many issues can be mitigated through proper coding style, code review, unit tests, etc. but having them done at the language level means that you get it for free.It is also worth adding that despite the fact that a language designed for security such as Ada removes many classes of bugs, there is still nothing stopping you from introducing business logic bugs that the language doesn't know anything about. 
2743(https://books.google.com/books?id=0U1ODwAAQBAJ&pg=PT2384&lpg=PT2384&dq=Ada+language+is+designed+to+prevent+common+programming+errors+as+much+as+possible+and+is+used+in+critical+systems+where+a+system+bug+might+have+catastrophic+consequences&source=bl&ots=IFpsvGgiAU&sig=-q1DHgz87ti472Z9KxGIs0tDbqk&hl=en&sa=X&ved=2ahUKEwih38iLla_aAhWC7oMKHQxMBtQQ6AEwAXoECAAQOA#v=onepage&q=Ada%20language%20is%20designed%20to%20prevent%20common%20programming%20errors%20as%20much%20as%20possible%20and%20is%20used%20in%20critical%20systems%20where%20a%20system%20bug%20might%20have%20catastrophic%20consequences&f=false)
2744
2745
2746
2747
2748
2749
275065.Do not use C (and C++)
2751
2752Technically, it is possible to write an implementation of C which would be "safe" and still formally conforms to the C standard, but at a steep price (for instance, you have to make free() a no-operation, so allocated memory is allocated "forever"). Nobody does that. 
2753(https://security.stackexchange.com/questions/55723/are-there-secure-languages)
2754
2755
2756
2757
2758
275966.Metrics Portal:provides analytics for the Tor network, including graphs of its available bandwidth and estimated userbase;
2760   
2761   Atlas:is a web application to learn about currently running Tor relays; and
2762   
2763   ExoneraTor:answers the question of whether there was a Tor relay running on a given IP address on a given date.  
2764(https://www.torproject.org/projects/projects.html.en)
2765(https://blog.torproject.org/atlas-recent-improvements)
2766(https://exonerator.torproject.org/)
2767
2768
2769
2770
2771
2772
2773
277467.USBKill is an anti-forensics script written in the aftermath of the SilkRoad trial. Its purpose is to trigger protection events that prevents adversaries from siphoning files/installing malware/running a mouse jiggler. It creates a USB white-list of allowed devices of which anything else plugged into the machine causes it to erase the computer's RAM and immediately shutdown. This can be adjusted to exclude all devices. It can also be used in reverse, with a white-listed flash drive in the USB port attached to the user's wrist via a lanyard serving as a key. In this instance, if the flash drive is forcibly removed, the program will initiate the desired routines.
2775(https://www.whonix.org/wiki/Advanced_Security_Guide)
2776
2777
2778
2779
278068.The MAC address is normally not traceable because it is not passively sent to computers beyond the local router.However, other computers on the local network can potentially log it.Also,due to weaknesses in current spoofing methods it is likely the MAC address can be enumerated via the physical characteristics of the Wi-Fi card.If users intend to use an untrusted, public network then MAC spoofing should be considered.Spoofing is only necessary if you expect to travel with your laptop or PC. It is not required for home PCs that do not change locations.
2781(https://www.whonix.org/wiki/Computer_Security_Education)
2782
2783
2784
2785
2786
278769.If the user's home network has a cable modem internet connection, the ISP either provides the cable modem device as part of the service or requires pre-registration of the MAC address of the self-provided cable modem in order to setup the service.
2788
2789If a user manages to hack or change the MAC address of the modem, the service would immediately cease functioning because the IP address assignment is apportioned for, and bound to, that specific MAC address. As a result, when connecting from behind a cable modem/NAT router, MAC address spoofing of the computer's ethernet adapter may be pointless. If a user is traced, the trackable endpoint will be the MAC address of the cable modem device.
2790(https://www.whonix.org/wiki/Computer_Security_Education)
2791
2792
2793
2794
2795
2796
2797
279870.In the case of flash based storage like SSDs and USBs, never storing data unencrypted in the first place is the only solution to protecting data.
2799
2800Unlike HDDs overwriting data on SSDs is no longer effective in wiping the disk.The most important consequence of this is that old passwords may still be around, potentially for a very long time because fast erase by overwriting the header and key-slot area is insecure.Example: You change your password because you notice it was exposed to shoulder-surfing or CCTV recording. On a SSD the old password is still retrievable and can be used to decrypt the master key and your data because secure overwriting no longer works as with magnetic disks.
2801
2802Also wear-leveling mechanisms like TRIM leak information about the filesystem that can aid forensics.You must keep TRIM disabled (the default) during Linux LUKS-encrypted installs.
2803(https://www.whonix.org/wiki/Advanced_Security_Guide) 
2804
2805
2806
2807
280871.Cache-based side-channel attacks are a serious problem in multi-tenant environments, for example, modern cloud data centers. We address this problem with Cloak, a new technique that uses hardware transactional memory to prevent adversarial observation of cache misses on sensitive code and data. We show that Cloak provides strong protection against all known cache-based side-channel attacks with low performance overhead.
2809We demonstrate the efficacy of our approach by retrofitting vulnerable code with Cloak and experimentally confirming immunity against state-of-the-art attacks. We also show that by applying Cloak to code running inside Intel SGX enclaves we can effectively block information leakage through cache side channels from enclaves, thus addressing one of the main weaknesses of SGX. 
2810(https://www.microsoft.com/en-us/research/publication/strong-efficient-cache-side-channel-protection-using-hardware-transactional-memory/)
2811
2812
2813
2814
281572.Here is a list of additional programming language features that (I think) make it much harder to write unsafe code. The first five features expand the compiler's capabilities in reasoning about your code, so you, a human being prone to error making, don't have to*. In addition, these features also should make it easier for a fellow human being, an auditor, to reason about your code. OpenSSL's source code is often described as a mess and a language stricter than C could have helped to make it easier to reason about. The last two features are about context issues that affect security as well.
2816
28171.A strict type system: Makes it easier to reason about program correctness. Eliminates certain input attacks.
2818
28192.Immutable by default: having immutable values as the primary data container means it is much easier to reason about the state of your program.
2820
28213.Disabled or restricted unsafety: Don't allow scary things such as pointer arithmetic (e.g. Go), or, at least only allow it if wrapped in big fat warnings (Rust). Note that a language lacking in pointer arithmetic completely is excluded for use in a huge number of applications that require low level access.
2822
28234.Compile time taint checking: expand the type system to allow identifying tainted values: values that depend in some way based on input. The compiler could then (conditionally) forbid operations with a tainted value that leak information to outside observers, such as branching on such a value. This could prevent or at least migitate certain classes of timing attacks. As far as I know, these are only available in static code analysis tools, and not in compilers themselves?
2824
28255.Dependent types: dependent types are a means to tell the compiler that "here is an Int whose values are between 2 and 87" or "here is a String of maximum length 12 containing only alphanumeric characters". Failure to meet these requirements results in compilation failure, and not a runtime failure with likely unsecure results. This feature is available in Idris and some theorem prover languages.
2826
28276.Absence of garbage collection: Garbage collection is a big problem for language safety - it creates garbage collection pauses in your program. These pauses leak information about the state of your program and allow timing attacks to happen. When the garbage collector is invoked is impossible (or at best incredibly hard) to predict as a developer, however, and subject to huge changes for even the smallest amount of code changes.
2828
28297.Performance, portability & interopability: It may be fine if you have need for a secure and slow program that only runs on the PowerPC platform, but don't expect anyone else to use it for a cross-platform TLS library. OpenSSL is popular precisely because it's fast and runs everywhere from obscure MIPS-based routers to massively parrallel SPARC servers and everything in between. Furthermore any program or runtime in the world can interface with OpenSSL as a library because it uses C calling conventions.
2830From my limited knowledge of languages, no language does all of these. Rust is an example of a language that covers many - it is strict, immutable by default, has restricted unsafety, does not require garbage collection and is quite performant and portable. Compile time taint checking and dependent types presently appear to be exotic features that require either additional static code analysis tools or new languages, unfortunately. 
2831(https://security.stackexchange.com/questions/55723/are-there-secure-languages)
2832
2833
2834
2835
2836
2837
2838
283973.We study the effectiveness of countermeasures for traffic analysis attacks within our proposed framework. Two basic countermeasure strategies are (a) to pad the traffic with constant interarrival times of packets (CIT) or (b) to pad the
2840traffic with variable interarrival times (VIT). Our experiments show that CIT countermeasures fail when the adversary uses sample variance or sample entropy of packet interarrival times for statistical analysis. On the other hand,
2841VIT countermeasures are effective regardless of which sample statistics are used by the adversary. These observations
2842are validated by analysis of detection rates based on sample
2843distributions of packet interarrival times.
2844Key Words - packet interarrival times, traffic analysis attacks, statistical analysis, statistical pattern recognition
2845(https://ieeexplore.ieee.org/abstract/document/1203483/)
2846
2847
2848
2849
2850
285174.Security researchers have successfully broken one of the most secure encryption algorithms, 4096-bit RSA, by listening — yes, with a microphone — to a computer as it decrypts some encrypted data. The attack is fairly simple and can be carried out with rudimentary hardware. 
2852
2853Acoustic cryptanalysis, carried out by Daniel Genkin, Adi Shamir (who co-invented RSA), and Eran Tromer, uses what’s known as a side channel attack. A side channel is an attack vector that is non-direct and unconventional, and thus hasn’t been properly secured. For example, your pass code prevents me from directly attacking your phone — but if I could work out your pass code by looking at the greasy smudges on your screen, that would be a side channel attack. In this case, the security researchers listen to the high-pitched (10 to 150 KHz) sounds produced by your computer as it decrypts data. 
2854
2855Acoustic cryptanalysis is actually surprisingly dangerous. Imagine if you were decrypting some files in a library, coffee shop, or other public space — someone could obtain your decryption key just by placing their phone near your computer. Alternatively, an attacker could use spear phishing to put malware on your phone that listens for the decryption key. With HTML5 and Flash able to access the microphone, it would be possible to build a website that listens for encryption keys too. The researchers propose one particularly nefarious scenario: Put a microphone into a co-located server, slot it into a rack in a data center, and then scoop up the encryption keys from hundreds of nearby servers. 
2856
2857If you want to keep your data secure, you only really have two viable options: Heavy-duty encryption, physical security, and ideally both at the same time. If an attacker can’t get physically close to your data, it instantly becomes much harder to steal it. As far as mitigating acoustic cryptanalysis attacks, you either implement physical security — keep your laptop in a sound-tight box, or never let anyone near your computer when you’re decrypting data — or you need to use a “sufficiently strong wide-band noise source.” Something like a swooping, large-orchestra classical concerto would probably do it.
2858(https://www.extremetech.com/extreme/173108-researchers-crack-the-worlds-toughest-encryption-by-listening-to-the-tiny-sounds-made-by-your-computers-cpu)
2859
2860
2861
2862
2863
2864
2865
286675.Normally the dial-up or broadband provider knows your name, postal address and non-anonymous payment method. If Tor or Whonix is compromised, then an adversary only needs to pressure the service provider to confirm your identity. This is not the case if using an anonymous WiFi adapter plugged or integrated into the Whonix-Gateway.
2867
2868For safer use, it is recommended to:
2869
28701.Buy the WiFi adapter anonymously in a store, second-hand or on the street.
28712.Never provide personal data during a purchase.
28723.Do not use the adapter for prior, non-anonymous activity. Some providers or hotspots log MAC addresses and the username (if paid).
28734.If possible, only use free hotspots or pay for them anonymously. Otherwise abstain from paid hotspots.
28745.For greater security, always use a new, distant, random, non-circular hotspot location. 
2875(https://www.whonix.org/wiki/Security_Guide)
2876
2877
2878
2879
2880
2881
288276.Onionizing Repositories 
2883
2884When Whonix, Debian and Qubes packages are installed or updated, default settings point to repositories with a http:// URL.However, experimental Tor hidden services are already available for the Whonix, Debian and Qubes packages. 
2885
2886There are several security and privacy benefits of using Tor hidden services: 
2887
28881.The user cannot be uniquely targeted for malicious updates (attackers are forced to attack everyone requesting the update).
28892.The package repository, or observers watching it, can't track what programs are installed.
28903.The ISP cannot easily learn what packages are fetched.
28914.End-to-end authentication and encryption provides protection against man-in-the-middle attacks e.g. version downgrade attacks. 
2892(https://www.whonix.org/wiki/Security_Guide#Onionizing_Repositories)
2893
2894
2895
2896
2897
289877.Attention must also be given to changing the usual Tor entry guards used for connections.Entry guard changes are necessary for every Tor instance on the user's machine host (apt-transport-tor) and guest.An authentication technique can fingerprint devices - and also track user devices as a side-effect - by observing inter-packet timings on a LAN's wire-segment. The timing effects are the result of how various components in a machine create packets.Fortunately, this technique cannot be used to identify devices across the internet.This technique can be defeated by inducing random delays in a machine's packet stream. Since there is no concern about impersonating other devices on the LAN, it doesn't matter that such an authentication system will view such machines as "unknown". 
2899(https://www.whonix.org/wiki/Computer_Security_Education)
2900
2901
2902
2903
2904
290578.not related to security but still helpful https://gyazo.com/c73be243e9508b7f82f0a15fea607930 
2906
2907
2908
2909
2910
2911
291279.Locking down your web site (in Apache) 
2913
2914If you are the owner of a web site and have SSL security on it, you can “lock it down” so that the only cipher that your web site supports is “256-bit AES”.  This takes the choice out of the end user’s hands — either they use AES or they don’t connect securely.  This is a good thing to do for very sensitive sites.  However, the “danger” is that some of your users may be using web browsers that do not support AES (like old versions Internet Explorer), and thus will not have any access to your site unless they change browsers.
2915
2916To lock your site down to support 128-bit and 256-bit AES only (to get AES but not require 256-bit, so that some browsers like iPhone and such will work), you would add to your Apache httpd.conf file:
2917
2918SSLCipherSuite AES256-SHA:AES128-SHA
2919
2920This can be added globally, in a virtual host, or even in your .htaccess file.  It will ensure that any successful connection to your site will use one of these ciphers.  Just be sure to add it to the secure settings for your site and not just the insecure site area!
2921
2922In general, for a high security configuration for Apache, you will want to support only TLS v1.0+ and only NIST-recommended cipher suites. 
2923(https://www.scribd.com/document/15841912/How-does-SSL-or-TLS-work)
2924
2925
2926
2927
2928
292980.apt-offline is an Offline APT Package Manager.
2930
2931apt-offline can fully update and upgrade an APT based distribution without connecting to the network, all of it transparent to APT.
2932
2933apt-offline can be used to generate a signature on a machine (with no network). This signature contains all download information required for the APT database system. This signature file can be used on another machine connected to the internet (which need not be a Debian box and can even be running windows) to download the updates. The downloaded data will contain all updates in a format understood by APT and this data can be used by apt-offline to update the non-networked machine.
2934
2935apt-offline can also fetch bug reports and make them available offline. 
2936(https://packages.debian.org/stretch/apt-offline)
2937
2938
2939
2940
2941
294281.VM images that are built with frozen sources rather than current sources (including Whonix)
2943is that latest stable releases sometimes contain vulnerable, remotely exploitable applications that are very likely to be used over untrusted networks that are in a position to run man-in-the-middle attacks. One example of this is [CVE-2014-6273] in apt-get.Self-created builds from source code using current sources would solve this.Although using Current Sources comes with its own issues. 
2944(https://www.whonix.org/wiki/Advanced_Security_Guide)
2945
2946
2947
2948
2949
2950
2951
295282.Cleaning a Compromised System
2953So, you didn’t patch the system and it got hacked. What to do? Well, let’s see:
2954
2955
2956
2957You can’t clean a compromised system by patching it. Patching only removes the vulnerability. Upon getting into your system, the attacker probably ensured that there were several other ways to get back in.
2958
2959
2960
2961You can’t clean a compromised system by removing the back doors. You can never guarantee that you found all the back doors the attacker put in. The fact that you can’t find any more may only mean you don’t know where to look, or that the system is so compromised that what you are seeing is not actually what is there.
2962
2963
2964
2965You can’t clean a compromised system by using some “vulnerability remover.” Let’s say you had a system hit by Blaster. A number of vendors (including Microsoft) published vulnerability removers for Blaster. Can you trust a system that had Blaster after the tool is run? I wouldn’t. If the system was vulnerable to Blaster, it was also vulnerable to a number of other attacks. Can you guarantee that none of those have been run against it? I didn’t think so.
2966
2967
2968
2969You can’t clean a compromised system by using a virus scanner. To tell you the truth, a fully compromised system can’t be trusted. Even virus scanners must at some level rely on the system to not lie to them. If they ask whether a particular file is present, the attacker may simply have a tool in place that lies about it. Note that if you can guarantee that the only thing that compromised the system was a particular virus or worm and you know that this virus has no back doors associated with it, and the vulnerability used by the virus was not available remotely, then a virus scanner can be used to clean the system. For example, the vast majority of e-mail worms rely on a user opening an attachment. In this particular case, it is possible that the only infection on the system is the one that came from the attachment containing the worm. However, if the vulnerability used by the worm was available remotely without user action, then you can’t guarantee that the worm was the only thing that used that vulnerability. It is entirely possible that something else used the same vulnerability. In this case, you can’t just patch the system.
2970
2971
2972
2973You can’t clean a compromised system by reinstalling the operating system over the existing installation. Again, the attacker may very well have tools in place that tell the installer lies. If that happens, the installer may not actually remove the compromised files. In addition, the attacker may also have put back doors in non-operating system components.
2974
2975
2976
2977You can’t trust any data copied from a compromised system. Once an attacker gets into a system, all the data on it may be modified. In the best-case scenario, copying data off a compromised system and putting it on a clean system will give you potentially untrustworthy data. In the worst-case scenario, you may actually have copied a back door hidden in the data.
2978
2979
2980
2981You can’t trust the event logs on a compromised system. Upon gaining full access to a system, it is simple for an attacker to modify the event logs on that system to cover any tracks. If you rely on the event logs to tell you what has been done to your system, you may just be reading what the attacker wants you to read.
2982
2983
2984
2985You may not be able to trust your latest backup. How can you tell when the original attack took place? The event logs cannot be trusted to tell you. Without that knowledge, your latest backup is useless. It may be a backup that includes all the back doors currently on the system.
2986
2987
2988
2989The only way to clean a compromised system is to flatten and rebuild. That’s right. If you have a system that has been completely compromised, the only thing you can do is to flatten the system (reformat the system disk) and rebuild it from scratch (reinstall Windows and your applications).Although there are State-Sponsored malicious firmware that can create a secret storage vault that can survive military-grade disk wiping and reformatting, making sensitive data stolen from victims available even after reformatting the drive and reinstalling the operating system. 
2990(https://arstechnica.com/information-technology/2015/02/how-omnipotent-hackers-tied-to-the-nsa-hid-for-14-years-and-were-found-at-last/) 
2991(https://technet.microsoft.com/en-us/library/cc700813.aspx)