ViSN72VS

1security/privacy/anonymity notes (computer) 
2
3TABLE OF CONTENTS 
4•Security/privcy focused OSes with main security features
5•Virus & phishing detection 
6•Domain Name System (DNS) security 
7•Browser security/privacy Add-ons 
8•Good email providers 
9•security/privacy focus Search Engines 
10•Anti-keyloggers 
11•Firewalls 
12•DDoS mitigations
13•memory protection
14•Linux Kernel Security 
15•BSD Kernel security
16•compiler security 
17•hardware security 
18•802.11 network security 
19•Router security 
20•vulnerability scanners 
21•security focused Microkernels 
22•security by isolation programs 
23•network intrusion prevention system (NIPS) and network intrusion detection system (NIDS) 
24•host-based intrusion detection system (HIDS) 
25•packet analyzers
26•network security scanner 
27•disk encryption 
28•security audit tools 
29•Network and applications layer authentication and encryption methods
30•Executable space protections 
31•server security suite 
32•VPNS 
33•proxies 
34•distributing files anonymously 
35•scan websites automatically for common vulnerabilities and errors that can de-anonymize the owner or users 
36•easiest way to add an onion address to a traditional websites
37•proof that bugs and/or highly stealthy malware can go undetected for atleast 1 year or more! 
38•security Vulnerability focused reporting sites
39•protection against Cross-Site Request Forgery (CSRF) 
40•Preventing Remote File Inclusion (RFI) Attacks 
41•cross site scripting (XSS) prevention 
42•defenses against SQL injections 
43•XPath Injection Defenses 
44•problems that have not been solved yet 
45•General and technical Notes
46
47-------------------------------------------------------------------------------------------------------
48Security/privcy focused OSes with main security features
49
50
51Subgraph OS: security by kernal namespaces isolation, The kernel is patched with an unofficial port of grsecurity/PaX, Tor, Metaproxy is configured to redirect outgoing connections to the Tor network, dm-crypt, noscript, apparmor, Application firewall,MAC spoofing with Macouflage, seccomp-bpf whitelisting and blacklisting as part of Oz,most of subgraph is coded in golang,disguise's a user's IP address,prevent ISP spying,Prevent websites from identifying the user,Prevent malware from identifying the user,Circumvent censorship,Hide Tor use from network observers,uses Xpra to isolate X11. (https://subgraph.com/sgos/)
52
53
54
55
56Qubes OS: security by VM isolation, Qubes relys on Xen to enforce domain isolation rather then a monolithic kernal that has millions of lines of coding,LUKS, Whonix,firewall,DispVM template,Type 1 hypervisor,USB VM, secure copy and paste operations, secure copying and transfer of files, and PDF/image sanitization,Yubikey,each AppVM has it own local isolated dummy X server.The main X server that runs in Dom0 and that handles the real display is never exposed to any of the AppVMs directly,and if used with whonix you are able to:1.disguise's a user's IP address 2.prevent ISP spying 3.Prevent websites from identifying the user 4.Prevent malware from identifying the user, 5.Circumvent censorship,Qubes uses hardware memory
57virtualization (HVM) instead of paravirtualization (PV),the Qubes architecture has been reworked to make it more simple,and to add more features more easily for developers,comes with  SaltStack:allows administrators to easily configure their systems. 
58(https://www.qubes-os.org/)
59 
60
61
62
63
64OpenBSD: security by correctness, security by reduced code,  buffer overflows or integer overflows resistant, has the strlcpy and strlcat functions,PF ('firewall' - packet filter plus tools), OpenSSH, Reduced attack surface:no loadable modules, relatively few devices, Virtually no compat code, removed entire Bluetooth stack, Significantly less syscalls (e.g. 200+ syscalls less than FBSD) Cut support for some older architectures, Code Quality:int overflows/signedness bugs, as good as gone in most places,Guard pages,Address space randomization,chroot jail daemons run in restricted environment,ProPolice random stack gap inserted,uses LibreSSL,W^X,uses Doas ( Dedicated OpenBSD application subexecutor) instead of using something like sudo that uses a massive amount of code.
65(https://www.openbsd.org/)
66(https://news.ycombinator.com/item?id=9914693)
67(https://media.defcon.org/DEF%20CON%2025/DEF%20CON%2025%20presentations/DEFCON-25-Ilja-van-Sprundel-BSD-Kern-Vulns-UPDATED.pdf)
68
69
70
71
72
73
74Whonix: security by VM isolation, Tor ,uses apt-transport-tor for stream isolation,outgoing connections forced to go through Tor otherwise blocked, noscript,firewall, HTTPS everywhere,DNS leaks are impossible,replaces NTP with sdwdate, mechanism to disable Tor stacking,Malware with root privileges cannot discover the user's real IP address,Whonix is divided into two parts: Whonix-Workstation for work activities and Whonix-Gateway or proxy to enforce all Internet traffic routing via the Tor network. This security by isolation configuration averts many threats posed by malware, misbehaving applications, and user error,disguise's a user's IP address,prevent ISP spying,Prevent websites from identifying the user,Prevent malware from identifying the user,Circumvent censorship,Secure data transfer to and from a server with scp,Unobserved administration of servers via SSH,With the Whonix design, it is possible to "torify" applications which are not capable of proxy support by themselves,Hide Tor use from network observers,Hide installed software from network observers. (https://www.whonix.org/)
75
76
77
78
79
80Trusted End Node Security (TENS): security by reduced code, DNScrypt, does not mount a local hard drive, Administrator privileges are not required; nothing is installed,run entirely from the computer's RAM,firewall. (https://www.spi.dod.mil/download.htm)  (warning this site appears to not be using https)
81
82
83
84
85
86The Amnesic Incognito Live System (TAILS): Tor, MAC spoofing with macchanger, stream isolation,run entirely from the computer's RAM, LUKS, noscript, outgoing connections forced to go through Tor,firewall,disguise's a user's IP address,prevent ISP spying,Prevent websites from identifying the user,Prevent malware from identifying the user,Circumvent censorship. (https://tails.boum.org/)
87
88
89
90
91Alpine Linux:The kernel is patched with an unofficial port of grsecurity/PaX, and all userland binaries are compiled as Position Independent Executables (PIE) with stack smashing protection,run entirely from the computer's RAM, is built around musl libc and busybox.  (https://www.alpinelinux.org/about/)
92
93
94
95
96
97NOTES 
98
991.Tor helps to protects users by bouncing communications around a distributed network of relays run by volunteers all around the world. Without advanced, end-to-end, netflow correlation attacks, anybody watching a user's Internet connection cannot easily determine the sites visited, and those sites cannot learn the user's physical location.  (https://www.whonix.org/wiki/About)
100
101
102
103
1042.The public scrutiny of security by design has proven to be superior to security through obscurity.This principle asserts that systems must be secure, even if the adversary knows everything about how they work.  (https://www.whonix.org/wiki/Why_Whonix_is_Free_Software)
105
106
107
108
1093.The user is usually the weakess part in security,when it comes to lack of user knowledge in cyber security defenses and what not to do,thats why its important to know as much as you can about cyber security not just installing security software or updating your OS,but knowing how everything works. 
110
111
112
113
1144.The privacy-oriented Linux distribution Tails  does not
115support MAC address randomization during network scans.
116Instead, it generates a (new) random MAC address at boot.
117This random address keeps the first 3 bytes of the original
118address, the Organization Unique Identifier (OUI), and
119only randomizes the last three bytes. While not as optimal
120as periodical address changes, it does prevent tracking over
121extended periods of time.
122
123(http://papers.mathyvanhoef.com/asiaccs2016.pdf)
124
125
126
127
128
1295.A zero day exploit is a cyber attack that occurs on the same day a weakness is discovered in software. At that point, it's exploited before a fix becomes available from its creator or maintainer. 
130(https://usa.kaspersky.com/resource-center/definitions/zero-day-exploit)
131
132
133
134
1356.Because the OpenBSD project is based in Canada, no United States export restrictions on cryptography apply, allowing the distribution to make full use of modern algorithms for encryption. Encryption can be found almost everywhere in the operating system, from file transfers to file systems to networking. Pseudo-random number generators are also included in OpenBSD, which ensures that random numbers cannot be predicted based on the system state. Other features include cryptographic hash functions, cryptographic transform libraries, and cryptographic hardware support. (https://www.ibm.com/developerworks/aix/library/au-openbsd.html)
136
137
138
139
140
1417.OpenBSD pioneered IPSEC in general, with IPSEC in the base system since OpenBSD 2.1 (1997)
142(https://home.nuug.no/~peter/openbsd_and_you/#15)
143                       
144
145
146 8.PF, the OpenBSD packet filter, debuted in OpenBSD 3.0 (December 1, 2001)
147
148    Replaced IPFilter (ipf) due to performance and licensing
149
150    High-performance packet filter with (essentially) human-readable config
151
152    Ported to several other systems (FreeBSD → macOS, iOS, NetBSD → Blackberry, OpenBSD → Solaris)
153(https://home.nuug.no/~peter/openbsd_and_you/#16)
154
155
156
157
1589.Most (probably all) OpenBSD developers run OpenBSD on their laptops.
159(https://home.nuug.no/~peter/openbsd_and_you/#25)
160
161
16210.Although OpenBSD has a major problem. 
163(https://www.csoonline.com/article/3250653/open-source-tools/is-the-bsd-os-dying-some-security-researchers-think-so.html)
164
165
166
16711.Mitigations are inexpensive tweaks which increase the difficulty of performing attack methods.
168(https://www.openbsd.org/papers/bsdtw.pdf)
169
170
171
172
173--------------------------------------------------------------------------------------
174Virus & phishing detection  
175
176
177
178
179Malwarebytes Endpoint Security: Detects and removes zero-hour and known Trojans, worms, adware,spyware, and other malware,employs delete-on-reboot to remove persistent or deeply embedded malware,removes PUP (Potentially Unwanted Program),anti-ransomware technology,malicious website blocking,Real-time protection,Anti-rootkit,Maintains productivity by preserving system uptime and reducing the need for reimaging. Reduces the burden on the IT department,Identifies vulnerable endpoints and aggregates endpoint reporting. Includes XML logging in machine- and human-readable formats for robust analysis,Linking Engine:Signature-less technology that identifies and thoroughly removes all threat artifacts linked with the primary threat payload,Small system footprint.  
180(https://www.malwarebytes.com/business/endpointsecurity/)  
181(https://www.itcadence.net/services/cloud-security/)
182
183
184
185
186
187
188avast! Free: Provides on-access protection from viruses and other malware,Includes a "heuristics engine" to detect previously unknown threats,Includes real-time protection of files, email, web surfing, P2P transfers, instant messages, and even suspicious behavior.  
189(https://www.thebalance.com/avast-free-antivirus-2016-review-1356598)  
190(https://www.avast.com/en-us/free-antivirus-download)
191
192
193
194
195
196webroot secure anywhere: Can recover files encrypted by ransomware. Uses tiny amount of disk space. Very fast scan. Handles unknown malware. Includes firewall.Webroot's cloud-based servers maintain a giant database of known programs, good and bad.When Webroot encounters an unknown program, it sends detailed telemetry to HQ for analysis, and starts monitoring that program. Every action by the suspect gets journaled for possible rollback. Of course, some events can't be rolled back. Transmitting data to an outside source is one example. Webroot doesn't let an unknown program perform that sort of action,that means a valid unknown program might not be fully functional for a while. (https://webrootsupports.weebly.com/)
197
198
199
200
201
202RKhunter (Rootkit Hunter):  is a Unix-based tool that scans for rootkits, backdoors and possible local exploits. It does this by comparing SHA-1 hashes of important files with known good ones in online databases, searching for default directories (of rootkits), wrong permissions, hidden files, suspicious strings in kernel modules, and special tests for Linux and FreeBSD. (http://rkhunter.sourceforge.net/)  
203(https://en.wikipedia.org/wiki/Rkhunter)
204
205
206
207
208
209chkrootkit: locally checks for signs of a rootkit 
210(http://www.chkrootkit.org/)
211
212
213
214
215
216Rogue killer TKZY: is an anti-malware able to detect and remove generic malware and advanced threats like rootkits, rogues, worms.It also detects controversial programs (PUPs) as well as possible bad system modifications/corruptions (PUMs).  (https://www.adlice.com/download/roguekiller/) 
217
218
219
220
221
222
223virustotal: Analyze suspicious files and URLs to detect types of malware including viruses, worms, and trojans. File URL Search.  (https://www.virustotal.com/#/home/upload)
224
225
226
227
228
229urlscan.io: allows you to scan a website and analyze the resources it requests and the domains it contacts. Understand what your website is doing. 
230(https://urlscan.io/)
231
232
233
234UrlQuery.net: is a free online service for testing and analyzing URLs, helping with identification of malicious content on websites. The main focus of urlquery.net is to find and detect suspicious and malicious content on webpages, to help improve the security industry and make the internet a safer place.   
235(https://urlquery.net/about)
236
237
238
239CheckPhish.ai: AI Powered Real-time Phishing Detection system.
240(https://checkphish.ai/)
241
242
243phishcheck.me:  PhishCheck is designed to quickly gather the information required to investigate a suspicious website. Use PhishCheck to check what lies behind a suspicious URL. Our system will screenshot the website, gather information such as WHOIS, ASN, IP Address, IP Geolocation, and record all resources loaded by the website.
244(https://phishcheck.me/#features)
245
246
247
248Hybrid-Analysis.com: malware analysis service for the community that detects and analyzes unknown threats using a unique Hybrid Analysis technology,uses Payload Security's VxStream sandbox.
249(https://decentsecurity.com/#/malware-web-and-phishing-investigation/) 
250(https://www.hybrid-analysis.com/)
251
252
253
254Malwr.com: Shares reports and files publicly.
255(https://decentsecurity.com/#/malware-web-and-phishing-investigation/)
256
257
258
259
260NOTES
2611.Antivirus tools are actually worse than useless. In the case of sophisticated and targeted attacks, the antivirus software can serve as a pathway to exploiting a system's kernel, since they almost always run with administration level privileges.Polymorphic code and kernel rootkits or hardware rootkits essentially render antivirus products helpless.  (https://www.whonix.org/wiki/Malware)
262
263
264
2652.payloads can be completely obfuscated from antivirus detection, but the stub portion remains. The stub is a more difficult portion to obfuscate, because it must remain executable in order to properly perform its job of decrypting and running the original executable. Since the payload changes for each instance, antivirus signatures have to match on the stub portion in order to be able to match more than a single individual piece of malware.In order to obfuscate the stub program, a unique stub generator (USG) can be used. The generator might insert random data in certain unused locations of the stub. It might insert randomized executable operations that have no effect. It might substitute or reorder certain portions of the code. The USG attempts to create a stub that is both unique and that contains as small of an unchanging portion of code as possible to make signature creation more difficult.It is expected that a FUD product will have a relatively short useful lifespan before antivirus companies can reliably detect executables that have been created by it. 
266
267
268the next step in detecting malware is behavior- and reputation-based technologies not depending on signatures. If effective, tricks such as FUD cryptors may be made obsolete by improvements to behavior- and reputation-based detection. 
269(https://www.symantec.com/connect/blogs/fully-undetectable-cryptors-and-antivirus-detection-arms-race)
270
271
272
2733.cloud AVs 
274(https://www.blackhat.com/docs/us-17/thursday/us-17-Kotler-The-Adventures-Of-Av-And-The-Leaky-Sandbox.pdf) 
275
276
277
2784.reporting phishing websites tip:
279
280Right-click the link in the phishing email, and copy the hyperlink. Do not click the link, which is less useful to security companies.
281(https://decentsecurity.com/#/malware-web-and-phishing-investigation/)
282--------------------------------------------------------------------------------------------
283Domain Name System (DNS) security 
284
285
286Quad9: blocks against known malicious domains, preventing your computers and IoT devices from connecting malware or phishing sites. Whenever a Quad9 user clicks on a website link or types in an address into a web browser, Quad9 will check the site against the IBM X-Force threat intelligence database of over 40 billion analyzed web pages and images. Quad9 also taps feeds from 18 additional threat intelligence partners to block a large portion of the threats that present risk to end users and businesses alike.Quad9 also supports DNS over TLS on port 853 (the standard) using an auth name of dns.quad9.net. (https://www.quad9.net/#/about)
287
288
289
290
291Tenta DNS: is a modern, secure DNS alternative that supports both ICANN and OpenNIC roots, DNS over TLS and DNSSEC (DNS Security Extensions).Tenta is also written in Golang.
292(https://tenta.com/blog/post/2017/11/introducing-tenta-dns)
293
294
295
296Stubby:is an application that acts as a local DNS Privacy stub resolver (using DNS-over-TLS). Stubby encrypts DNS queries sent from a client machine (desktop or laptop) to a DNS Privacy resolver increasing end user privacy.
297(https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Daemon+-+Stubby)
298
299
300
301OpenDNS: Built-in identity theft protection,Restrict Internet access to specific white-listed domains for a "locked-down" environment, phishing protection and optional content filtering in addition to DNS lookup,By default, OpenDNS blocks Internet-scale bots from resolving for all OpenDNS users and provides more comprehensive malware site protection for OpenDNS Enterprise users. This means even if the virus has penetrated machines on your network, it is rendered useless because it cannot connect back to the Command and Control Callback.  When you're surfing normally and come across an infected websites, perhaps through ad content or a redirection on web page, OpenDNS will also block that connection from going through, which prevents you from becoming infected in the first place.
302(https://www.opendns.com/home-internet-security/)
303(https://support.opendns.com/hc/en-us/articles/227986707-Understanding-Malware-and-how-OpenDNS-helps)
304(https://en.wikipedia.org/wiki/OpenDNS)
305
306
307
308
309DNScrypt: Encrypts DNS traffic between the user and OpenDNS, preventing any spying, spoofing or man-in-the-middle attacks,uses elliptic-curve cryptography, in particular the Curve25519.
310(UPDATE:This project was taken offline by its creator and maintainer Frank Denis on the 6th December 2018, after announcing in November 2017 that the project needs a new maintainer.)
311(https://www.opendns.com/about/innovations/dnscrypt/)
312(https://github.com/dyne/dnscrypt-proxy/blob/master/README.markdown)
313
314
315
316DNSSEC: vulnerabilities in the DNS combined with technological advances have greatly reduced the time it takes an attacker to hijack any step of the DNS lookup process and thereby take over control of a session to, for example, direct users to their own deceptive Web sites for account and password collection. The only long-term solution to this vulnerability
317is the end-to-end-deployment of a security protocol called DNS Security Extensions – or DNSSEC.In order to eliminate the vulnerability from the Internet, it must be deployed at each step in the lookup from root zone to final domain name (e.g., www.icann.org). Signing the root (deploying DNSSEC on the root zone) is a necessary step in this overall process.Most importantly it does not encrypt data. It just attests to the validity of the address of the site you visit.
318(https://www.icann.org/resources/pages/dnssec-qaa-2014-01-29-en)
319
320
321
322
323DNS over TLS: Encryption provided by TLS eliminates  opportunities for eavesdropping and on-path tampering with DNS
324queries in the network.  
325(https://tools.ietf.org/html/rfc7858)
326
327
328
329
330NOTES 
3311.onion services don't use the insecure Domain Name System (DNS), which means there is no organization like ICANN to oversee a single root registry of onion addresses or to handle ownership dispute resolution of onion addresses. Instead, onion services get strong authentication from using self-authenticating addresses: the address itself is a cryptographic proof of the identity of the onion service. When a client visits an onion service, Tor verifies its identity by using the address as ground truth. (always use  onion addresses on tor) 
332(https://blog.torproject.org/cooking-onions-names-your-onions)
333
334
3352.DNSCrypt provides a panacea to the woes plaguing DNS. It encrypts both the question and answer, making them invisible to snoopers. It also effectively signs the message, so you know that the server you contacted really sent the answer and not an impostor. It's as if someone blocked out the messages on your postcard and the postcard you receive back includes a signature.
336
337Although DNSCrypt provides a significant security advantage, it comes with other disadvantages:
338
339Not completely encrypted: Even though the domain requested (question) and IP address (answer) is hidden, the complete process is not obfuscated. The total number of questions, their relative size and more remain available. Furthermore, it remains trivial to identify that you are, in fact, performing DNS resolution. 
340
341Complex and not well supported: In the world of encryption, it's always safer to go with standardized protocols that have gone through a rigorous review process. Unfortunately DNSCrypt has not been standardized yet, and some of the ways it uses cryptography are unusual. 
342
343Hard to use: Because DNSCrypt isn't standardized, very few programs natively support it, requiring users to download and configure helper applications, significantly increasing the difficulty of use and risk of misconfiguration. 
344(https://tenta.com/blog/post/2017/12/dns-over-tls-vs-dnscrypt)
345
346
347
3483.DNS over TLS takes a completely different approach, establishing a fully encrypted tunnel between your computer and the DNS server. Rather than sending requests in the clear, with just the critical data encrypted, the whole connection is encrypted. Furthermore, since TLS is the encryption protocol used to secure almost all other internet services, the technology is well understood and constantly improved. 
349(https://tenta.com/blog/post/2017/12/dns-over-tls-vs-dnscrypt)
350
351--------------------------------------------------------------------------------------------------------
352Browser security/privacy Add-ons
353
354
355HTTPS everywhere: HTTPS Everywhere is a Firefox, Chrome, and Opera extension that encrypts your communications with many major websites, making your browsing more secure. Many sites on the web offer some limited support for encryption over HTTPS, but make it difficult to use. For instance, they may default to unencrypted HTTP, or fill encrypted pages with links that go back to the unencrypted site. The HTTPS Everywhere extension fixes these problems by using clever technology.
356(https://www.eff.org/https-everywhere)
357
358
359Noscript: The NoScript Firefox extension provides extra protection for Firefox, Seamonkey and other mozilla-based browsers: this free, open source add-on allows JavaScript, Java, Flash and other plugins to be executed only by trusted web sites of your choice.NoScript also provides the most powerful anti-XSS and anti-Clickjacking protection ever available in a browser.NoScript's unique whitelist based pre-emptive script blocking approach prevents exploitation of security vulnerabilities (known, such as Meltdown or Spectre, and even not known yet!) with no loss of functionality.
360(https://noscript.net/)
361
362
363WOT: Ensure your internet safety. WOT secures you against scams, malware, rogue web stores and dangerous links.If you land on a site that has poor reputation based on user ratings, WOT shows you a warning. WOT guides you, but the final decision is yours: you can skip the warning and enter the site, or return to the previous page.
364(https://www.mywot.com/)
365
366
367Ghostery: helps you browse smarter by giving you control over ads and tracking technologies to speed up page loads, eliminate clutter, and protect your data.
368(https://www.ghostery.com/) 
369
370
371Ublock Origin: uBlock Origin is NOT an "ad blocker": it is a wide-spectrum blocker -- which happens to be able to function as a mere "ad blocker". The default behavior of uBlock Origin when newly installed is to block ads, trackers and malware sites -- through EasyList, EasyPrivacy, Peter Lowe’s ad/tracking/malware servers, various lists of malware sites, and uBlock Origin's own filter lists. 
372(https://github.com/gorhill/uBlock/)
373
374
375Privacy Badger: is a browser add-on that stops advertisers and other third-party trackers from secretly tracking where you go and what pages you look at on the web.  If an advertiser seems to be tracking you across multiple websites without your permission, Privacy Badger automatically blocks that advertiser from loading any more content in your browser.  To the advertiser, it's like you suddenly disappeared.Privacy Badger was born out of our desire to be able to recommend a single extension that would automatically analyze and block any tracker or ad that violated the principle of user consent; which could function well without any settings, knowledge, or configuration by the user; which is produced by an organization that is unambiguously working for its users rather than for advertisers; and which uses algorithmic methods to decide what is and isn't tracking. Although we like Disconnect, Adblock Plus, Ghostery and similar products (in fact Privacy Badger is based on the ABP code!), none of them are exactly what we were looking for. In our testing, all of them required some custom configuration to block non-consensual trackers. Several of these extensions have business models that we weren't entirely comfortable with.
376(https://www.eff.org/privacybadger)
377
378
379
380User Agent Switcher: can quickly and easily changes your browser's user-agent. There are 26 popular user-agent strings to choose from!
381(https://addons.mozilla.org/en-US/firefox/addon/user-agent-switcher-revived/)
382
383
384
385
386NOTES 
3871.HTTPS Everywhere can protect you only when you're using sites that support HTTPS and for which HTTPS Everywhere include a ruleset. 
388(https://www.eff.org/https-everywhere)
389
390
3912.The SSL Observatory is a feature in HTTPS Everywhere introduced in version 2.0.1 which analyzes public key certificates to determine if certificate authorities have been compromised,and if the user is vulnerable to man-in-the-middle attacks.
392(https://en.wikipedia.org/wiki/HTTPS_Everywhere)
393
394
3953.In HTTPS, the communication protocol is encrypted by Transport Layer Security (TLS), or formerly, its predecessor, Secure Sockets Layer (SSL). The protocol is therefore also often referred to as HTTP over TLS,or HTTP over SSL.
396(https://en.wikipedia.org/wiki/HTTPS)
397--------------------------------------------------------------------------------------------------------
398 security/privacy/anonymity focused  email providers
399
400
401Riseup.net: Our physical servers are protected in ways that do not allow anyone other than Riseup to access them. They are not hosted “in the cloud”. As an additional measure, all of our servers use full disk encryption that can only be unlocked by Riseup. Additionally, all communications between our servers is also always encrypted.Your e-mails are encrypted individually on our servers, and can only be unlocked and read using your password. This means that Riseup does not have the ability to read your stored emails. Encryption of incoming email is automatic, and only when you login does the mail become decrypted so it can be read. This takes place on the server, which then becomes temporarily trusted while you are authenticated. Because of this feature, your password is critical to your data. If you lose your password, and recovery code, you will not be able to access your account, nor will anyone be able to decrypt your emails.We provide Tor Onion Services (Hidden Services) in case you need to increase your anonymity or circumvent possible blocks to our services.If you send an email to another activist email provider, it will be delivered over Tor Onion Services. This type of relay of email messages protects against traffic correlation and metadata analysis that is possible under normal email delivery. Metadata of who is communicating with whom can be extremely sensitive. In the words of former CIA directory Michael Hayden, “we kill people based on metadata”. We are working to increase participation in this Tor-based email delivery network, and the above list will only increase as time goes on.When you send email with Riseup, your internet address (IP address) is not embedded in the email. With most corporate email providers, anyone who receives your email can figure out your approximate physical location from the internet address included in the email.Our commitment is to keep as little data on you as we can. Unlike corporate providers, we do not log internet addresses of anyone using Riseup services, including email.
402(https://riseup.net/en/email)
403
404
405
406
407
408Protonmail: Messages are stored on ProtonMail servers in encrypted format. They are also transmitted in encrypted format between our servers and user devices. Messages between ProtonMail users are also transmitted in encrypted form within our secure server network. Because data is encrypted at all steps, the risk of message interception is largely eliminated.ProtonMail's zero access architecture means that your data is encrypted in a way that makes it inaccessible to us. Data is encrypted on the client side using an encryption key that we do not have access to. This means we don't have the technical ability to decrypt your messages, and as a result, we are unable to hand your data over to third parties. With ProtonMail, privacy isn't just a promise, it is mathematically ensured. For this reason, we are also unable to do data recovery. If you forget your password, we cannot recover your data.We use only secure implementations of AES, RSA, along with OpenPGP. Furthermore, all of the cryptographic libraries we use are open source. By using open source libraries, we can guarantee that the encryption algorithms we are using do not have clandestinely built in back doors. ProtonMail's open source software has been thoroughly vetted by security experts from around the world to ensure the highest levels of protection.We have invested heavily in owning and controlling our own server hardware at several locations within Switzerland so your data never goes to the cloud. Our primary datacenter is located under 1000 meters of granite rock in a heavily guarded bunker which can survive a nuclear attack. This provides an extra layer of protection by ensuring your encrypted emails are not easily accessible to any third parties. On a system level, our servers utilize fully encrypted hard disks with multiple password layers so data security is preserved even if our hardware is seized.Unlike competing services, we do not save any tracking information. By default, we do not record metadata such as the IP addresses used to log into accounts. As we have no way to read encrypted emails, we do not serve targeted advertisements. To protect user privacy, ProtonMail does not require any personally identifiable information to register.
409(https://protonmail.com/security-details)
410
411
412
413
414Mozilla Thunderbird: The Activity Manager records all the interactions between Thunderbird and your email provider in one place. There’s no more guess work. You only have to look in one place to see everything that’s happening with your email.Thunderbird offers support for user privacy and remote image protection. To ensure a user’s privacy, Thunderbird automatically blocks remote images in email messages.Thunderbird also supports the Do Not Track option. This is associated with Search the Web, but can also be used in other requests for web pages enabled by add-ons.Thunderbird protects you from email scams which try to trick users into handing over personal and confidential information by indicating when a message is a potential phishing attempt. As a second line of defense, Thunderbird warns you when you click on a link which appears to be taking you to a different Web site than the one indicated by the URL in the message.Thunderbird’s update system checks to see if you’re running the latest version, and notifies you when a security update is available. These security updates are small (usually 200KB - 700KB), giving you only what you need and making the security update quick to download and install. Thunderbird’s popular junk mail tools have been updated to stay ahead of spam. Each email you receive passes through Thunderbird’s leading-edge junk mail filters. Each time you mark messages as spam, Thunderbird "learns" and improves its filtering so you can spend more time reading the mail that matters. Thunderbird can also use your mail provider’s spam filters to keep junk mail out of your inbox.At the heart of Thunderbird is an open source development process driven by thousands of passionate, experienced developers and security experts spread all over the world.  
415(here are some good add-ons for Thunderbird: TorBirdy and Enigmail,another good encryption plugin is Off-the-Record (OTR) and I2P-Bote.)
416(https://www.mozilla.org/en-US/thunderbird/features/)
417(https://thetinhat.com/tutorials/messaging/i2p-bote-thunderbird.html)
418
419
420
421
422I2P-Bote:  The main component which embeds security into I2P-Bote is the way in which it employs encryption. Like e-mail, when sending a message to someone over I2P-Bote the sender enters in the receivers address. However, unlike email where the address looks like david@thetinhat.com, I2P-Bote uses cryptographic keys as destinations, which are random numbers and letters. Essentially what this means is that when you send a message to a friend over I2P-Bote you enter in their destination (a long string of random characters), and because their destination is also their public key the email is automatically encrypted using that public key. Therefore, end-to-end encryption is the default in I2P-Bote, and no clear-text messages are ever sent or stored. Moreover, unlike standard email which exposes a large amount of information in the header, mail sent over I2P-Bote sanitizes the headers, removing any gratuitous information, and encrypting whatever remains (such as the subject line).Standard email services are centralized. When a three-letter agency decides to attack one of them (Lavabit) it usually succeeds, causing users to lose their email service, lose access to their previous emails, and have the privacy of those emails compromised. This isn't a problem with I2P-Bote. As mentioned previously, I2P-Bote is decentralized and stores messages in a Distributed Hash Table (DHT). In simple english, this basically means that messages are stored in a database that is spread across I2P-Bote users, making it so that there is no clear target for attack. The messages remain in this hash table for 100 days, during which the recipient is able to download them. The added benefit of storing the messages throughout the network is that it obfuscates your use of I2P-Bote.
423(https://thetinhat.com/tutorials/messaging/i2pbote.html)
424
425
426
427
428
429
430
431
432
433
434BitMessage: is a Peer-to-peer (P2P) asynchronous communications protocol used to send encrypted messages to another person or to many subscribers.It is decentralized and trustless, meaning that you need-not inherently trust any entities like root certificate authorities. It uses strong self-authenticating Bitcoin style addresses which means that the sender of a message cannot be spoofed. Messages for offline recipients are stored for up to 28 days before being deleted. It relies on Proof-of-Work to prevent spamming.BitMessage hides sender/recipient metadata by broadcasting everybody's messages to everybody, acting as a simple private information retrieval (PIR) system.
435(https://www.whonix.org/wiki/E-Mail) 
436
437
438
439
440
441
442NOTES
4431.Use split-GPG for email to reduce the risk of key theft used for encryption / decryption and signing.
444(https://www.whonix.org/wiki/System_Hardening_Checklist#Email)
445
446
4472.Create an AppVM that is exclusively used for email and change the VM's firewall settings to only allow network connections to the email server and nothing else ("Deny network access except...").
448(https://www.whonix.org/wiki/System_Hardening_Checklist#Email)
449
450
4513.Only open untrusted email attachments in a DisposableVM to prevent possible infection. 
452(https://www.whonix.org/wiki/System_Hardening_Checklist#Email)
453
454
4554.Although RiseUp is a secure email service managed by trustworthy advocates of Internet privacy and security, an unusual email service may attract unwarranted attention. It might make more sense in some situations, to blend in by using a popular email service in your country.
456(https://securityinabox.org/en/guide/riseup/web/)
457
458
4595.One of the big issues is that it isn't easy to know whether a message sent to another ProtonMail user is being encrypted to the recipient’s correct public key, which is stored on ProtonMail’s keyserver. For example, if Alice sends Bob a message encrypted to his public key, it's harder for anyone else to read the message. But since ProtonMail distributes the encryption keys to users, it has the technical ability to give Alice its own keys in addition to Bob’s, thus encrypting the messages in a way that would allow it to eavesdrop.This problem is not unique to ProtonMail, says Joseph Bonneau, a technology fellow at the Electronic Frontier Foundation. Apple's iMessage and the now-encrypted WhatsApp have the same flaw. (Services like TextSecure, Silent Circle, and Threema, on the other hand, allow users to verify fingerprints to assure that they have the proper keys for one another, thus mitigating that threat.)Thats why its recommanded to use split-GPG with Protonmail.
460(https://www.wired.com/2015/10/mr-robot-uses-protonmail-still-isnt-fully-secure/)
461
462
463
4646.Email identities were really easy to spoof back in the 90s and early 2000s. Changing the “From” header field was enough to make friends believe an email came from their mother, significant other, or even the FBI. There were websites specially made for this purpose.However, those tricks no longer work thanks to anti-spoofing protections such as DMARC (DKIM / SPF) and anti-spam filters. Today, emails with a spoofed “From” field either go to the spam folder or are completely rejected by the server.Email usage is higher than ever and email is used for everything – from tracking parcels to sharing sensitive data. Unfortunately email is already not a very secure way to communicate.We’ve seen a lot of malware spreading via emails, relying on social engineering techniques to convince users to open unsafe attachments, or click on phishing links. The rise of ransomware distributed over email clearly demonstrates the effectivity of those mechanisms.
465(https://www.mailsploit.com/index)
466
467
468
4697.list of email providers vulnerable to mailsploit:  https://docs.google.com/spreadsheets/d/1jkb_ZybbAoUA43K902lL-sB7c1HMQ78-fhQ8nowJCQk/edit#gid=0
470
471
4728.Web links in email messages are often fraudulent. To be safe, you should retype the link rather than clicking on it. Also, be careful about misspellings, like riseupp.net instead of riseup.net
473(https://riseup.net/en/email)
474
475--------------------------------------------------------------------------------------------------------
476security/privacy focus Search Engines 
477
478
479
480DuckDuckgo: is an Internet search engine that emphasizes protecting searchers' privacy and avoiding the filter bubble of personalized search results. DuckDuckGo distinguishes itself from other search engines by not profiling its users and by deliberately showing all users the same search results for a given search term. DuckDuckGo emphasizes returning the best results, rather than the most results, and generates those results from over 400 individual sources, including key crowdsourced sites such as Wikipedia, and other search engines like Bing, Yahoo!, Yandex, and Yummly. 
481(https://en.wikipedia.org/wiki/DuckDuckGo)
482(https://duckduckgo.com/)
483
484
485Startpage:Ixquick launched Startpage.com to offer its service at a URL that is both easier to remember and spell, and in contrast to ixquick.eu, fetches results from the Google search engine. This is done without saving the users' IP addresses or giving any personal user information to Google's servers.
486(https://en.wikipedia.org/wiki/Ixquick#Startpage.com) 
487(https://www.startpage.com/)
488
489
490
491 Disconnect Search: lets users searching on Google, Bing and Yahoo, as well as Blekko and DuckDuckGo, remain private while doing so.
492(https://techcrunch.com/2013/10/07/disconnect-search-built-by-ex-google-and-ex-nsa-engineers-lets-you-use-google-bing-and-yahoo-without-tracking/)
493(https://search.disconnect.me/)
494
495
496NOTES
4971.Prior to the release of Tor Browser version 4.5, Startpage.com was its default search engine.
498(https://en.wikipedia.org/wiki/Ixquick)
499
500--------------------------------------------------------------------------------------------------------
501Anti-keyloggers 
502
503
504Zemana AntiLogger:Using anti SSL hijacking technology, Zemana AntiLogger shuts down malicious activity before it can even affect your PC. Zemana looks out for all different types of keylogger threat, from webcam to clipboard. It blocks hackers’ ability to turn on your webcam or microphone remotely, or to get information from your private VoIP calls and video chats. It stops keyloggers accessing data on the clipboard, and on the screen through screen capture.It’s the cloud-based technology that helps protect your machine from keyloggers. This system, called IntelliGuard, is always on and it doesn’t simply rely on known definitions but includes access to information on the most current keylogging malware in over 50 malware databases. In addition, Zemana can prevent the risk associated with stealth malware and purposefully installed spyware or keylogger software.
505(http://www.comparedandreviewed.com/anti-keylogger-software/zemana-antilogger/review)
506(https://www.zemana.com/en-US/AntiLogger) 
507
508
509
510
511
512KeyScrambler: encrypts your keystrokes deep in the kernel, as they enter the computer.It then decrypts the keystrokes in the destination application, so you see exactly the keys you’ve typed.Whatever keylogger might be waiting along the crucial path in the operating system has only the encrypted keys – “scrambled” and indecipherable – to record.
513(https://www.technorms.com/830/protect-yourself-from-keyloggers-with-keyscrambler)
514
515
516
517NOTES 
5181.Using a virtual keyboard can help protect against hardware-based keyloggers.Keylogger programs are designed to monitor user's physical key strokes to record passwords, usernames and other vital information. Virtual keyboard allow users to circumvent this security vulnerability, by letting the user enter their password using the mouse.Assuming the keylogger is not capturing the location of the mouse on the screen,and capturing a screenshot image of the screen, or just the area around the mouse pointer,a virtual keyboard can help against a hardware-based keylogger, but keep in mind they are not effective at protecting you from software-based keyloggers.
519(https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/)
520
521
5222.Installing a keylogger onto a PC is a relatively simple procedure. Although antivirus and anti spyware software protect you from such programs, but newly designed keyloggers may slip past them and get installed on your PC, along with other unsuspecting software.
523(https://www.technorms.com/830/protect-yourself-from-keyloggers-with-keyscrambler)
524
525
5263.Perhaps the most important concept to remember here is that keyloggers are just another form of malware.
527(https://askleo.com/will_using_an_on_screen_keyboard_stop_keyboard_loggers_and_hackers/)
528
529--------------------------------------------------------------------------------------------------------
530Firewalls 
531
532
533
534Next Generation Firewall (by check point): Identify, allow, block or limit usage of applications, and features within them,Enable safe Internet use while protecting against threats and malware,Leverage the world's largest application library with more than 6,600 web 2.0 applications,Create granular policy definitions per user and group,Reap the benefits of application control and intrusion protection (IPS), as well as extensibility support for additional security capabilities,To help you make sense out of your security event data, we included SmartLog, an advanced log analyzer that delivers split-second search results providing real-time visibility into billions of log records over multiple time periods and domains.Great security involves limiting and tracking access to sensitive data and resources. With the Next Generation Firewall, your administrators get detailed visibility into the users, groups, applications, machines and connection types on your network so they can assign permissions to the right users and devices. The firewall makes it easy and cost-effective to enforce security policy, giving granular permission control over these entities; this results in superior protection across the entire security gateway. 
535(https://www.checkpoint.com/products/next-generation-firewall/)
536
537
538
539Barracuda NextGen Firewall F-Series (NGF): Layer 7 application profiling, intrusion prevention, web filtering, malware and advanced threat protection, antispam protection, and network access control,F-Series combines highly resilient VPN technology with intelligent traffic management and WAN optimization capabilities,Deploy Barracuda NextGen Firewall F the way you want it: Physical, virtual, or in the cloud,F-Series cloud-ready firewalls are ideal for multi-site enterprises, managed service providers, and other organizations with complex, dispersed network infrastructures,your organization faces zero-hour malware exploits and advanced persistent threats that routinely bypass traditional, signature-based IPS and antivirus engines. Barracuda Advanced Threat Protection gives your security infrastructure the ability to identify and block new, sophisticated threats-without affecting network performance and throughput.
540(https://www.barracuda.com/products/nextgenfirewall_f)
541
542
543
544IPFire:  Updates are digitally signed and encrypted, as well as can be automatically installed by Pakfire (the IPFire package management system). Since IPFire 2.15, the IPFire Linux kernel is patched with the grsecurity patchset, which pro-actively hardens the kernel against various forms of attacks. Most importantly, it protects from zero-day exploits by eliminating entire bug classes and exploit vectors. It makes stack buffer overflows almost impossible to exploit and comes with strict access controls, that make it harder for attackers to cause harm to the system. IPFire employs a Stateful Packet Inspection (SPI) firewall, which is built on top of netfilter (the Linux packet filtering framework),the firewall can be used to control outbound Internet access from any segment,SquidGuard is a URL filter add-on which is connected via the redirector mechanism of the proxy.The package manager Pakfire offers the addon SquidClamAV - a virus scanner for the web proxy. This checks in real-time all web traffic for viruses, utilizing the ClamAV virus definitions and scanning engine.IPFire is also able to use various random hardware number generators to seed the kernel's entropy pool.In contrast to SSL-VPNs, IPsec is hard to set-up. In IPFire, we thought about how to make this technology easy-to-use and as a result, there is a web user interface that handles all settings and takes care of the rest of the configuration for you.It also keeps the tunnels alive and re-establishes them automatically after a remote site has lost the connection.If someone scans the ports of the IPFire-System to see which services are available, the IDS will immediately notice it.
545(https://www.ipfire.org/features)
546
547
548
549Smoothwall Express: supports,Outbound filtering,Timed access,Traffic stats, including per interface and per IP totals for weeks and months,IDS via automatically updated Snort rules,List of bad IP addresses to block,Responsive web interface using AJAX techniques to provide realtime information,Log viewers for all major sub-systems and firewall activity.
550(http://www.smoothwall.org/about/express-feature-list/)
551
552
553
554
555Berkeley Packet Filter (BPF): BPF supports filtering packets, allowing a userspace process to supply a filter program that specifies which packets it wants to receive.Able to filter packets at the kernel level . BPF was designed to be indepented,as such it treats the packets as raw buffers.Each BPF filter is verified before attaching it to a socket.the filter must not contain references or jumps that are out of range,the filter must contain only valid BPF opcodes,the flilter must end with RET opcode,all jumps are forward-loops are not allowed
556(https://en.wikipedia.org/wiki/Berkeley_Packet_Filter)
557(https://www.slideshare.net/kerneltlv/berkeley-packet-filters)
558
559
560
561NOTES
5621.Network intrusion detection systems rely on one, or more means of traffic analysis in order to determine whether or not a given stream of network traffic is suspicious. Network analysts, and system administrators can make use of stateless traffic filters to help them understand what is going on inside of their network(s), where such filters can be used for traffic inspection, filtering, and shaping.
563
564Packets can be filtered based on physical characteristics of the packet header (i.e. the signature) or based on one or more heuristics which would flag the packet as anomalous.   
565(http://tylerfisher.org/bpf/)
566
567
568
569
570
5712.If your firewall works by blocking ports, then you can tell Tor to only use the ports when you start your Tor Browser. Or you can add the ports that your firewall permits by adding "FascistFirewall 1" to your torrc configuration file. By default, when you set this Tor assumes that your firewall allows only port 80 and port 443 (HTTP and HTTPS respectively). You can select a different set of ports with the FirewallPorts torrc option.
572
573
574
575
5763.In complete and utter disregard for the IETF, unused network ports should provide no response even via ICMP. ICMP should be disabled as far as possible.   
577 (https://www.quora.com/What-desktop-OS-kernel-is-the-most-hardened-the-most-unhackable) 
578
579
580
581
5824.port security scan: (https://www.speedguide.net/scan.php)
583
584
585
5865.Another good port scanner: (https://www.grc.com/x/ne.dll?rh1dkyd2)
587
588
589--------------------------------------------------------------------------------------------------------
590DDoS mitigations
591
592Imperva Incapsula: offers comprehensive protection to mitigate any types of DDoS attacks from layer 3, 4 & 7.Features include but not limited to:TCP SYN+ACK, FIN, RESET, ACK, ACK+PSH, Fragment,UDP,Slowloris,Spoofing,ICMP,IGCP,HTTP, connection, DNS flood,Brute force,NXDomain,Ping of death,and more.
593(https://geekflare.com/ddos-protection-service/)
594(https://www.incapsula.com/)
595
596DDoS Deflate: is a lightweight bash shell script designed to assist in the process of blocking a denial of service attack. It utilizes the command below to create a list of IP addresses connected to the server, along with their total number of connections. It is one of the simplest and easiest to install solutions at the software level,and its open sourced.
597(https://github.com/jgmdev/ddos-deflate)
598
599
600Apache mod_evasive module: is an evasive maneuvers module for Apache to provide evasive action in the event of an HTTP DoS or DDoS attack or brute force attack. It is also designed to be a detection tool, and can be easily configured to talk to ipchains, firewalls, routers, and etcetera,and its open sourced.
601(https://github.com/shivaas/mod_evasive)
602
603
604FastNetMon: A high performance DoS/DDoS load analyzer built on top of multiple packet capture engines (NetFlow, IPFIX, sFlow, SnabbSwitch, netmap, PF_RING, PCAP).We detect hosts in the deployed network sending or receiving large volumes of traffic, packets/bytes/flows, per second and perform a configurable action to handle that event. These configurable actions include notifying you, switching off the server, or blackholing the client,and its open sourced.
605(https://github.com/pavel-odintsov/fastnetmon)
606
607
608
609--------------------------------------------------------------------------------------------------------
610memory protection (memory corruption,userland memory protection,direct memory access (DMA),Return Oriented Programming (ROP),heap protection,Metadata protection etc.) 
611
612
613
614MAT - Metadata Anonymisation Toolkit 
615
616Why MAT is not the ultimate solution?
617Mat only removes metadata from your files, it does not anonymise their content, nor handle watermarking, steganography, or any overly customized metadata field/system. Also please note that MAT does its best to scrub as much metadata as possible, it's not really efficient at scrubbing embedded media inside complex formats. For examples, images embedded inside PDF may not be cleaned. 
618(https://mat.boum.org/)
619
620
621
622
623ptmalloc2: was forked from dlmalloc.During early days of linux, dlmalloc was used as the default memory allocator. But later due to ptmalloc2’s threading support, it became the default memory allocator for linux. has undergone several recent changes as of version 2.3.4 it contains numerous security enhancements,increasing the difficulty of exploiting heap corruption vulnerabilities. The glibc heap now contains safe unlinking, and a bunch of other features that raise the bar of exploitation significantly, however, these changes are still relatively minor - and are quite different from the fundamental changes that OpenBSD is making. 
624(https://sploitfun.wordpress.com/2015/02/10/understanding-glibc-malloc/)
625
626
627
628phkmalloc:if you're running one of the BSDs, you're probably running phkmalloc.In practice, phkmalloc has been a little bit more difficult to exploit, though I don't think that this was so much an intentional feature as much as a side effect of the algorithm. It will suffice to say that the two algorithms are distinct and different.
629(https://www.securityfocus.com/columnists/359)
630
631
632
633phkmalloc vs ptmalloc2:Fundamentally, they're both trying to solve the same problems, and both of them are quite effective - I certainly don't want to downplay the effects of the recent changes to ptmalloc2. Perhaps the only fundamental difference between the two, from the perspective of an end-user, is that the OpenBSD implementation will do a better job of preventing heap exploitation through heap data corruption (as opposed to heap management data corruption - sorry if the difference between the two isn't obvious), and the OpenBSD implementation will complain loudly (crash) almost every time there is a problem.
634(https://www.securityfocus.com/columnists/359)
635
636
637
638Malloc hardening: significant randomness, object rotation, meta-data protection, double-free and use-after-free detection, heapoverflow detection, …
639(https://www.openbsd.org/papers/bsdtw.pdf)
640
641
642
643PartitionAlloc: Part of the Google Chrome web browser. It has an out-of-line metadata design such that heap metadata is partitioned or guard paged off from the calling program's buffers. The notable exception, shared with tcmalloc, is freelist pointers, which occupy the freed slots. In PartitionAlloc, freelist pointers are transformed so that dereferencing them faults, and partial pointer overwrites are thwarted.While writing PartitionAlloc, strictly protected heap metadata was a goal. After all, if the metadata is naturally guarded with guard pages then there's less need for code defenses which are trying to detect and stop bad side effects from metadata corruption. Simplicity wins.However, there's an interesting interaction with single byte overflows that provides pause for thought and philosophizing.With an out-of-line metadata design, a single byte overflow off the end of a chunk will hit the first byte of some other chunk. Depending on the different object types that could be in the adjacent chunk, that's potentially a lot of possibilities for the attacker to explore.
644
645
646
647
648
649Address space layout randomization (ASLR):Attackers are able to a priori pick the right code pieces because parts of the code image of the vulnerable application remain static across different installations. Address space layout randomization (ASLR)  is meant to prevent this kind of code reuse by randomizing the locations of the executable segments of a running
650process. However, in both Linux and Windows, parts of the address space do not change due to executables
651with fixed load addresses, or shared libraries incompatible with ASLR. Furthermore, in some
652exploits, the base address of a DLL can be either calculated dynamically through a leaked pointer,
653or brute-forced.
654
655
656
657
658Selfrando:randomizes Tor browser code to ensure that an attacker doesn't know where the code is on your computer. This makes it much harder for someone to construct a reliable attack--and harder for them to use a flaw in your Tor Browser to de-anonymize you.Software written in C and C++ is exposed to exploitation of memory corruption. Compilers and operating systems include various exploit mitigation mechanisms that prevent certain offensive techniques. Unfortunately, standard mitigations lag behind the offensive techniques used in exploits against browsers, servers, and other frequently targeted software and do not stop a well-resourced adversary.selfrando can be used to harden your software beyond what is possible with current mitigations. Inspired by biodiversity in nature and existing randomizing defenses, selfrando varies the attack surface, i.e., the code layout, by randomizing each function separately. This makes exploit writing harder and increases resilience to information leakage relative to traditional address space layout randomization (ASLR) techniques.
659
660
661
662
663
664RELRO:Hardens ELF programs against loader memory area overwrites by having the loader mark any areas of the relocation table as read-only for any symbols resolved at load-time ("read-only relocations"). This reduces the area of possible GOT-overwrite-style memory corruption attacks. (included in gresecurity)
665
666
667
668
669PAX_USERCOPY:kills heap overflow bug when the memory copy occurs between userspace and kernel space in either direction. The 1st version developed by Spender in 2009 and added into PaX later. HARDENED_USERCOPY is part of PAX_USERCOPY being ported to linux kernel in v4.8.
670
671
672
673
674
675KERNEXEC (included in gresecurity): prevents the kernel from executing data that is writable (including userland data). So modifying the IDT would be mitigated as well.
676(http://blog.siphos.be/2013/05/looking-at-the-local-linux-kernel-privilege-escalation/) 
677
678
679
680
681
682UDEREF stronger than Supervisor Mode Access Prevention (SMAP) (included in gresecurity): The kernel will not de-reference userland pointers in contexts where it expects only kernel pointers. This feature cannot be disabled while the kernel is running.  
683(https://wiki.gentoo.org/wiki/Hardened/PaX_Quickstart)
684
685
686
687
688KERNSEAL (included in gresecurity)
689
690
691
692
693STRUCTGUARD  (included in gresecurity) 
694
695
696
697
698
699Reuse Attack Protector (RAP):RAP is the state of the art in CFI defense and is a ROP mitigation technique,RAP's tags don't depend on the secrecy of the tag values themselves,neither kbouncer nor code randomization can do anything about function pointer hijacking -- RAP ensures that a function pointer can only be used to call a real function, not a gadget, and only a function whose type matches the type hash identified during compile time,and thanks to RAP,Stack Smashing Protector (SSP) is no longer needed.(included in gresecurity) 
700
701
702
703
704
705kBouncer:an efficient and fully transparent ROP mitigation technique that does not requires source code or debug symbols. kBouncer is based on runtime detection of abnormal control transfers using hardware features found on commodity processors. Issues:kbouncer applies its checks using the expensive LBR stack. It's thus only able to apply the checks to the system API level (and then generally only to a subset of those functions, as done in the kbouncer implementation in EMET) to maintain adequate performance. The LBR stack is also limited in size, limiting the call depth that kbouncer can reasonably validate. 
706
707
708
709
710In-place code Randomization:ROP mitigation technique,does not require symbolic debugging information,It is applied directly in third party executables,Does not introduce any runtime overhead,Experimentally proved to be effective against windows 7 ROP attacks,It can also be combined with existing security techniques to further increase the randomization
711entropy,but code randomization techniques are vulnerable to arbitrary read vulnerabilities.While RAP is designed to work in the presence of arbitrary reads and arbitrary writes at arbitrary times.
712
713
714
715
716
717Heap corruption mitigations:heap integrity checks, guard pages, and allocation order randomization
718
719
720
721
722
723IOMMU:Thanks to IOMMU,PCI cards are more resisant to  Direct Memory Access (DMA) based attacks. 
724
725
726
727
728
729You can go to the extreme and turn DMA completely off,losing a huge performance gain from DMA of course.
730
731
732
733
734
735Refuse access to DMA access memory by external devices until after the Windows OS is in control to parse DMA requests. 
736
737
738
739
740
741Ensure unnecessary ports that allow attackers to perform a DMA attack (such as FireWire, Thunderbolt, ExpressCard, PC Card or any other PCI/PCIe Hardware interfaces) are disabled in the Operating Environment, and that normal users are prevented from altering such settings. 
742
743
744
745
746
747Ensure devices are always secured with the use of some form of power up authentication either thru a BIOS power on password or Pre-Boot Authentication (PBA) from a full disk encryption (FDE) product. 
748
749
750
751
752
753If devices are deemed to operating in an unsecure environment, be sure to require the use of hibernation mode and power off when not in use to prevent DMA attacks. 
754
755
756
757
758
759
760No-eXecute (NX) is a processor feature that allows marking of memory pages as non-executable. The feature allows the CPU to help guard the system from attacks by malicious software. When the NX feature is enabled on a system, it prevents malicious software code from being placed in accessible regions of memory to be executed when control reaches that memory location.This was originally invented by AMD. 
761
762
763
764
765
766XD is the acronym for eXecute Disable, which is an Intel specific implementation of NX. It refers to the same feature but Intel chose to call it by a different name. 
767
768
769
770
771XN is the ARM equivalent of the same feature and is the acronym for eXecute Never.
772
773
774
775
776Essentially, both NX, XD and XN are the same and are different names for the same feature in AMD, Intel and ARM respectively.
777
778
779
780
781
782
783 NOTES
7841.Let’s discuss using FDE as a mitigation as the implementation can be tricky: With most encryption products that provide Data-At-Rest (DAR) security, once a legitimate user has successfully authenticated at Pre-Boot, the drive is thereafter “unlocked” and its contents are readable by the operating system and/or any other processes.  If the threat of DMA attacks is considered a major risk, then the primary protection against this is to use interactive Pre-Boot Authentication. 
785
786Some FDE solutions allow for unattended Pre-Boot Authentication (for example BitLocker with TPM protection).  Thus even if the device is powered off when stolen, the attacker can power on the device and it will boot to the OS; similar issues apply to power modes such as Sleep.  Thus, the use of unattended PBA is not recommended to ensure an attacker is prevented from launching such an attack.  (Note: There are circumstances, depending on the risk profile, where unattended PBA via pre-boot networking with a management server acting as the external authenticator mitigates the risk.  Another possible mitigation is to utilize Intel Enterprise Digital Fence. 
787
788A DMA-based attack on software encryption is to gain access to the software Encryption Key as well as all sensitive data that is currently in memory.  The primary mitigation against such an attack is to use Pre-Boot Authentication with single or multi-factor strong credentials. 
789
790A DMA-based attack on a hardware-encrypted drive (SED) such as an Opal drive is an attempt to gain access to the PIN in memory (if it’s stored) that unlocks the SED returning from Sleep mode.  The primary mitigation against this attack is also the use of Pre-Boot Authentication coupled with disabling support of Sleep for the system.  The use of Sleep mode for Self-Encrypting Drives should be strongly cautioned. 
791
792
793
794
795
7962.Due to how modern computing works, basically everything that you have done during a session is stored in the RAM. If an attacker has physical access to your computer when you are running Whonix, it may enable her to recover everything that have been achieved during the session - even if you are using Full Disk Encryption. From typed texts to saved files, including passwords and encryption keys. The more recent the activity, the more likely it is that it is still in the RAM. 
797
798Furthermore, it has been shown that the data present in the RAM might be recoverable for seconds or even minutes after the computer is powered off using a cold boot attack. 
799
800Wipe RAM on shutdown (e.g. using a kexec script) - or do not leave the computer unattended immediately after shutdown. Unfortunately there is not yet an upstream script, to implement wiping the RAM on shutdown. We can not provide a solution for this attack, this is solved nowhere but partially in Tails and Liberte Linux (not checked), waiting for upstream solution. 
801
802
803
804
805
8063.Heap corruption vulnerabilities are one of the most common types of vulnerability that Microsoft addresses through security updates today. These vulnerabilities typically occur as a result of programming mistakes that make it possible to write beyond the bounds of a heap buffer (a spatial issue) or to place a heap allocated object in an unexpected state such as by using the object after it has been freed (a temporal issue). 
807
808
809
810
8114.Return-oriented programming (ROP) has become the primary exploitation technique for
812system compromise in the presence of non-executable page protections. ROP exploits are
813facilitated mainly by the lack of complete address space randomization coverage or the presence
814of memory disclosure vulnerabilities, necessitating additional ROP-specific mitigations.
815Existing defenses against ROP exploits either require source code or symbolic debugging
816information, or impose a significant runtime overhead, which limits their applicability for
817the protection of third-party applications. 
818
819
820
821
8225.Other defenses against code-reuse attacks complementary to ASLR include compiler extensions,
823code randomization, control-flow integrity, and runtime solutions. In practice,
824though, most of these approaches are almost never applied for the protection of the COTS software currently
825targeted by ROP attacks, either due to the lack of source code or debugging information, or due to their
826increased overhead. 
827
828
829
830
831
8326.As code-reuse attacks require precise knowledge of the structure and location of the code to
833be reused, diversifying the execution environment or even the program code itself is a core
834concept in preventing code-reuse exploits. 
835
836
837
838
839
840
8417.Address space layout randomization is probably one of the most widely deployed countermeasures against code-reuse attacks. However, its effectiveness is hindered by code segments left in static locations,while, depending on the randomization entropy, it might be possible to circumvent it using brute-force guessing. Even if all the code segments of a process are fully randomized, vulnerabilities that allow the leakage of memory contents can enable the calculation of the base address of a DLL at runtime.
842
843
844
845
846
847
8488.Intra-DLL randomization at the function, basic block, or instruction level can provide protection for executables
849that do not support ASLR, or against de-randomization attacks through memory leaks.
850
851
852
853
854
855
8569.JOP is similar to ROP, but it uses indirect jump instructions instead of returns to transfer
857control from gadget to gadget. Clearly, constructing JOP programs is far more difficult than ROP because
858the attacker has to maintain a memory region with the payload and manually advance the pointer to the
859next gadget and transfer control to it. The same functionality is conveniently achieved by a single return
860instruction in ROP.
861
862
863
864
86510.Sigreturn-oriented programming  (SROP) is a new attack vector in userland
866where an attacker crafts a fake signal frame on the stack and calls
867sigreturn. The kernel will extract the fake signal frame, which
868contains attacker controlled "saved" registers. The kernel will then
869transfer control to the attacker controlled userland instruction pointer.
870(https://lwn.net/Articles/681704/)
871
872
873
874
87511.Stack/heap protectioned provided by linux kernel has only one single page( 4KB by default in i386) due to some compatibility issues. PaX's implementation doesn't have this problem and its gap is 64KB by default. You can set the number at runtime via "sysctl vm.heap_stack_gap"( We have another auditing item for the hardening solution. Thanks to the full disclosure).
876
877
87812.Use POP3 and SMTP settings, as IMAP leaks more metadata. 
879
880
88113.Since onion services are part of the Tor network, the services and the people connecting to them get more security and privacy; their traffic doesn't even leave the network,the onion services are relied on for metadata-free chat and file sharing.
882
883-------------------------------------------------------------------------------------------------------- 
884Linux Kernel Security 
885
886
887Gresecurity: is a set of patches for the Linux kernel which emphasize security enhancements,such as 1.Preventing direct userland access by kernel. 2.Bounds checks on kernel copies to/from userland. 3.ASLR. 4.Prevents userland code execution by kernel. 5.Prevents kernel stack overflows on x64. 6.Hardened userland memory permissions. 7.Random padding between thread stacks. 8.Hardened BPF JIT against spray attacks. 9.Automatically responds to exploit bruteforcing. 10.Chroot hardening. 11.Prevents users from tricking Apache into accessing other users' files. 12.Provides Trusted Path Execution. 13.role-based access control (RBAC).Just to name a few features.
888
889
890
891
892
893PaX: A major component bundled with grsecurity is PaX. Among other features, the patch flags data memory, the stack, for example, as non-executable and program memory as non-writable. The aim is to prevent memory from being overwritten, which can help to prevent many types of security vulnerabilities, such as buffer overflows. PaX also provides address space layout randomization (ASLR), which randomizes important memory addresses to reduce the probability of attacks that rely on easily predicted memory addresses. 
894
895
896
897
898
899secure computing mode (Seccomp) (merged into the Linux kernel mainline in kernel version 2.6.12): is a computer security facility in the Linux kernel,seccomp allows a process to make a one-way transition into a "secure" state where it cannot make any system calls except exit(), sigreturn(), read() and write() to already-open file descriptors. Should it attempt any other system calls, the kernel will terminate the process with SIGKILL. In this sense, it does not virtualize the system's resources but isolates the process from them entirely.
900
901Linux Containers (LXC): is an operating-system-level virtualization method for running multiple isolated Linux systems (containers) on a single control host (LXC host). It does not provide a virtual machine, but rather provides a virtual environment that has its own CPU, memory, block I/O, network, etc. space and the resource control mechanism. This is provided by namespaces and cgroups features in Linux kernel on LXC host. It is similar to a chroot, but offers much more isolation.
902
903
904Kernel namespaces: A namespace wraps a global system resource in an abstraction that makes it appear to the processes within the namespace that they have their own isolated instance of the global resource. Changes to the global resource are visible to other processes that are members of the namespace, but are invisible to other processes. One use of namespaces is to implement containers.
905
906
907cgroups: is a Linux kernel feature that limits, accounts for, and isolates the resource usage (CPU, memory, disk I/O, network, etc.) of a collection of processes.
908
909
910
911protection rings: the mechanism whereby the OS and CPU conspire to restrict what user-mode programs can do. There are four privilege levels, numbered 0 (most privileged) to 3 (least privileged), and three main resources being protected: memory, I/O ports, and the ability to execute certain machine instructions. At any given time, an x86 CPU is running in a specific privilege level, which determines what code can and cannot do.
912(https://manybutfinite.com/post/cpu-rings-privilege-and-protection/)
913
914
915
916
917STACKLEAK: -reducing the information that can be revealed through kernel stack leak bugs
918          - blocking some uninitialized stack variable attacks
919          - introducing some runtime checks for kernel stack overflow detection
920
921
922
923
924
925KernelAddressSanitizer (KASAN) (included in the Linux kernel 4.0): Detects OOB for both writes and reads,provides strong UAF detection (based on delayed memory reuse),Does prompt detection of bad memory accesses,Prints informative reports.
926
927
928
929
930
931/dev/mem protection: Some applications (Xorg) need direct access to the physical memory from user-space. The special file /dev/mem exists to provide this access. In the past, it was possible to view and change kernel memory from this file if an attacker had root access. The CONFIG_STRICT_DEVMEM kernel option was introduced to block non-device memory access (originally named CONFIG_NONPROMISC_DEVMEM). (included in the Linux kernel 2.6.25) 
932
933
934
935
936
937
938
939/proc/$pid/maps protection: With ASLR, a process's memory space layout suddenly becomes valuable to attackers. The "maps" file is made read-only except to the process itself or the owner of the process. Went into mainline kernel with sysctl toggle in 2.6.22. The toggle was made non-optional in 2.6.27, forcing the privacy to be enabled regardless of sysctl settings (this is a good thing). (Becames non-optional in Linux kernel 2.6.27) 
940
941
942
943
944
945
946
947runtime memory allocation validation:Detect double-frees in kernel space. 
948
949
950
951
952
953
954Restricting access to kernel logs: The kernel logs contain useful information for an attacker trying to exploit kernel vulnerabilities, such as sensitive memory addresses. The kernel.dmesg_restrict flag was to forbid access to the logs without the CAP_SYS_ADMIN capability (which only processes running as root have by default). 
955
956
957
958
959
960
961Restricting access to kernel pointers in the proc filesystem: Enabling kernel.kptr_restrict will hide kernel symbol addresses in /proc/kallsyms from regular users without CAP_SYSLOG, making it more difficult for kernel exploits to resolve addresses/symbols dynamically. This will not help that much on a pre-compiled Arch Linux kernel, since a determined attacker could just download the kernel package and get the symbols manually from there, but if you're compiling your own kernel, this can help mitigating local root exploits. This will break some perf commands when used by non-root users (but many perf features require root access anyway). 
962
963
964
965
966Keep BPF JIT compiler disabled: The Linux kernel includes the ability to compile BPF/Seccomp rule sets to native code as a performance optimization. The net.core.bpf_jit_enable flag should be left at 0 for a maximum level of security.
967This can be helpful in specific domains, but is not usually useful. A JIT compiler opens up the possibility for an attacker to perform a heap spraying attack, where they fill the kernel's heap with malicious code. This code can then potentially be executed via another exploit, like an incorrect function pointer dereference. (gresecurity's GRKERNSEC_BPF_HARDEN solves this)
968
969
970
971
972ptrace scope: Arch enables the Yama LSM by default, providing a kernel.yama.ptrace_scope flag. This flag is enabled by default and prevents processes from performing a ptrace call on other processes outside of their scope without CAP_SYS_PTRACE. While many debugging tools require this for some of their functionality, it is a significant improvement in security. Without this feature, there is essentially no separation between processes running as the same user without applying extra layers like namespaces. The ability to attach a debugger to an existing process is a demonstration of this weakness.
973
974
975
976
977
978hidepid: The kernel has the ability to hide other users' processes, normally accessible via /proc, from unprivileged users by mounting the proc filesystem with the hidepid= and gid=,this greatly complicates an intruder's task of gathering information about running processes, whether some daemon runs with elevated privileges, whether other user runs some sensitive program, whether other users run any program at all, makes it impossible to learn whether any user runs a specific program (given the program doesn't reveal itself by its behaviour), and, as an additional bonus, poorly written programs passing sensitive information via program arguments are now protected against local eavesdroppers.
979
980
981
982
983dmesg restrictions: When attackers try to develop "run anywhere" exploits for vulnerabilties, they frequently will use dmesg output. By treating dmesg output as sensitive information, this output is not available to the attacker. Starting with Ubuntu 12.04 LTS, /proc/sys/kernel/dmesg_restrict can be set to "1" to treat dmesg output as sensitive. Ubuntu Touch kernels have this enabled by default.
984
985
986
987
988Block kexec: Starting with Ubuntu 14.04 LTS, it is now possible to disable kexec via sysctl. CONFIG_KEXEC is enabled in Ubuntu so end users are able to use kexec as desired and the new sysctl allows administrators to disable kexec_load. This is desired in environments where CONFIG_STRICT_DEVMEM and modules_disabled are set, for example.
989
990
991
992
993Kernel Address Display Restriction: When attackers try to develop "run anywhere" exploits for kernel vulnerabilities, they frequently need to know the location of internal kernel structures. By treating kernel addresses as sensitive information, those locations are not visible to regular local users. Starting with Ubuntu 11.04, /proc/sys/kernel/kptr_restrict is set to "1" to block the reporting of known kernel address leaks. Additionally, various files and directories were made readable only by the root user: /boot/vmlinuz*, /boot/System.map*, /sys/kernel/debug/, /proc/slabinfo
994
995
996
997
9980-address protection: Since the kernel and userspace share virtual memory addresses, the "NULL" memory space needs to be protected so that userspace mmap'd memory cannot start at address 0, stopping "NULL dereference" kernel attacks. This is possible with 2.6.22 kernels, and was implemented with the "mmap_min_addr" sysctl setting. Since Ubuntu 9.04, the mmap_min_addr setting is built into the kernel. (64k for x86, 32k for ARM.)
999
1000
1001
1002PAX_REFCOUNT: Reference counter overflow bug can be exploited in scenario where UAF( Use-After-Free) comes into game. PAX_REFCOUNT killed this kind of bug class.It can protects the kernel against integer overflows.
1003
1004
1005
1006PAX_MEMORY_SANITIZE: does poisoning/sanitization the memory on free to reduces the attack surface.
1007
1008
1009
1010
1011SL*B freelist randomization: randomizes the SLAB freelist.  The list is randomized during initialization of a new set of pages.  The order on different freelist sizes is pre-computed at boot for performance.  Each kmem_cache has its own randomized freelist.  Before pre-computed lists are available freelists are generated dynamically. This security feature reduces the predictability of the kernel SLAB allocator against heap overflows rendering attacks much less stable.
1012
1013
1014
1015
1016GRKERNSEC_BRUTE: If you say Y here, attempts to bruteforce exploits against forking daemons such as apache or sshd will be deterred.  When a child of a forking daemon is killed by PaX or crashes due to an illegal instruction, the parent process will be delayed 30 seconds upon every subsequent fork until the administrator is able to assess the situation and restart the daemon.  It is recommended that you also enable signal logging in the auditing section so that logs are generated when a process performs an illegal instruction.
1017(https://xorl.wordpress.com/2010/11/09/grkernsec_brute-exploit-bruteforcing-protection/)
1018
1019
1020
1021GRKERNSEC_PERF_HARDEN: PERF is a  serious attack surface. We can’t bear it running by default in production system.
1022(https://hardenedlinux.github.io/system-security/2016/12/13/kernel_mitigation_checklist.html)
1023
1024
1025
1026NOTES
10271.Using sysctl is a good way to harden the Linux kernel. 
1028
1029
1030
1031
10322.Add link restrictions 
1033Symlinks:
1034
1035A long-standing class of security issues is the symlink-based
1036time-of-check-time-of-use race, most commonly seen in world-writable
1037directories like /tmp. The common method of exploitation of this flaw
1038is to cross privilege boundaries when following a given symlink (i.e. a
1039root process follows a symlink belonging to another user).
1040
1041The solution is to permit symlinks to only be followed when outside
1042a sticky world-writable directory, or when the uid of the symlink and
1043follower match, or when the directory owner matches the symlink's owner. 
1044
1045Applications should just use mkstemp() or O_CREATE|O_EXCL.
1046- True, but applications are not perfect, and new software is written
1047all the time that makes these mistakes; blocking this flaw at the
1048kernel is a single solution to the entire class of vulnerability. 
1049
1050In Linux 3.6,link restrictions are enabled by default. 
1051
1052
1053
1054
10553.kernel process stack overflow are rare and one of the most dangerous vulnerabilities in the kernel (gresecurity solves this  with STACKLEAK and with the removal of thread_info from the kernel and GRKERNSEC_BRUTE helps PaX/Grsecurity also restricted SUID program's RLIMIT_STACK up to 8MB and the environment arg/strings up to 512KB.)
1056(https://github.com/hardenedlinux/grsecurity-101-tutorials/blob/master/notes/stack_clash.md)
1057
1058
1059
1060
10614.use-after-free is a very popular bug class in kernel and it can be exploited by the adversary to gain information or priviledges. (gresecurity solves this with PAX_REFCOUNT and PAX_MEMORY_SANITIZE also helps) 
1062
1063
1064
10655.Return-to-user (ret2usr): redirects corrupted kernel pointers to data residing in user space. (gresecurity solves this with KERNEXEC,and OpenBSD's X^W also solves this ) 
1066(https://hardenedlinux.github.io/system-security/2016/12/13/kernel_mitigation_checklist.html)
1067
1068
1069
10706.Grsecurity kernels also disables user namespaces by default.
1071
1072
10737.An important technique for hardening the system is kernel address-space layout randomization (KASLR), which randomizes the placement of the kernel in the virtual address space at boot time.
1074(https://lwn.net/Articles/738975/)
1075
1076
1077
10788.Daniel Gruss's paper cites a number of hardware-based attacks on KASLR. They use techniques like exploiting timing differences in fault handling, observing the behavior of prefetch instructions, or forcing faults using the Intel TSX (transactional memory) instructions. There are rumors circulating that other such channels exist but have not yet been disclosed. In all of these cases, the processor responds differently to a memory access attempt depending on whether the target address is mapped in the page tables, regardless of whether the running process can actually access that location. These differences can be used to find where the kernel has been placed — without making the kernel aware that an attack is underway. 
1079
1080Solution: Fixing information leaks in the hardware is difficult and, in any case, deployed systems are likely to remain vulnerable. But there is a viable defense against these information leaks: making the kernel's page tables entirely inaccessible to user space. In other words, it would seem that the practice of mapping the kernel into user space needs to end in the interest of hardening the system.
1081(https://lwn.net/Articles/738975/)   (https://gruss.cc/files/kaiser.pdf)
1082
1083
1084
1085
1086
10879.GRKERNSEC_BRUTE disabled: 200 hrs to gain control of EIP, then ~1500 yrs to brute force the PaX's ASLR to getting root shell
1088    
1089    GRKERNSEC_BRUTE enabled: ~1365 days to gain control of EIP, then...you don't wanna know.
1090     (https://github.com/hardenedlinux/grsecurity-101-tutorials/blob/master/notes/stack_clash.md)
1091
1092
1093
1094
1095
109610.PaX's ASLR can defeat offset2lib easily since...2001?
1097(https://github.com/hardenedlinux/grsecurity-101-tutorials/blob/master/notes/stack_clash.md)
1098
1099
1100
110111.W & X memory is the cruial condition to physmap spraying.
1102(https://hardenedlinux.github.io/system-security/2016/12/13/kernel_mitigation_checklist.html)
1103
1104
1105
110612.No unwanted driver should be compiled. No unwanted code of any kind should be compiled. All code that can reference kernel-level objects outside the kernel should be disabled.
1107(https://www.quora.com/What-desktop-OS-kernel-is-the-most-hardened-the-most-unhackable)
1108
1109
111014.Linux kernel has been using weak entropy on stack canary for years and it has been fixed( copy+paste from PaX/Grsecurity) and merged in v4.12, while PaX/Grsecurity solved it since 2011.
1111(https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5ea30e4e58040cfd6434c2f33dc3ea76e2c15b05)
1112(https://hardenedlinux.github.io/system-security/2016/12/13/kernel_mitigation_checklist.html)
1113
1114
111515.A good map outlining security weaknesses in the Linux Kernel. (https://github.com/a13xp0p0v/linux-kernel-defence-map)
1116-------------------------------------------------------------------------------------------------------- 
1117OpenBSD Kernel security features
1118
1119Trapsleds: a new mitigation that significantly reduces the amount of nops in the instruction stream, replacing them with trap instructions or jump-over-trap sequences, thereby requiring greater accuracy for targetting potential gadgets. (http://undeadly.org/cgi?action=article&sid=20170622065629)
1120
1121
1122
1123
1124Kernel Address Randomized Link (KARL): a new "link-kit" allows the .o files of the kernel to be relinked in a random order, creating a unique kernel for each boot. /bsd is now non-readable to users, to try to keep the secret.The idea is to randomise how the kernel loads, so that kernel loading gets the same benefits as applies to (for example) application memory in ASLR (address space layout randomisation) – so an attacker can't rely on predictable memory allocations to identify where a buffer overrun might land.
1125(https://www.theregister.co.uk/2017/06/19/thats_random_openbsd_adds_more_kernel_security/)
1126
1127
1128
1129
1130
1131accton: Process accounting is a security method in which an administrator may keep track of system resources used and their allocation among users, provide for system monitoring, and minimally track a user's commands.Process accounting has both positive and negative points. One of the positives is that an intrusion may be narrowed down to the point of entry. A negative is the amount of logs generated by process accounting, and the disk space they may require.   (https://www.freebsd.org/doc/handbook/security-accounting.html)    
1132(https://man.openbsd.org/accton.8)
1133
1134
1135
1136
1137
1138ifstated: daemon runs commands in response to network state changes, which it determines by monitoring interface link state or running external tests.    
1139(https://man.openbsd.org/ifstated.8)
1140
1141
1142
1143
1144
1145pledge: restrict system operations,current process is forced into a restricted-service operating mode. A few subsets are available, roughly described as computation, memory management, read-write operations on file descriptors, opening of files, networking. In general, these modes were selected by studying the operation of many programs using libc and other such interfaces, and setting promises or execpromises.   
1146(https://man.openbsd.org/pledge.2)
1147
1148
1149
1150
1151kbind: update protected memory for lazy-binding,syscall updates the contents of one or more blocks of the process's memory with the supplied replacement data. This is used to efficiently and securely perform lazy-binding.
1152(https://man.openbsd.org/kbind)
1153
1154
1155
1156
1157StackGhost: is a transparent stack protection feature (similar to ProPolice, which is already enabled by default on all OpenBSD architectures) for OpenBSD/sparc was invented and implemented on OpenBSD in 2001,StackGhost uses a unique hardware feature of the Sun sparc architecture (that being: deferred on-stack in-frame register window spill/fill) to detect modifications of return pointers (a common way for exploits to hijack execution paths) transparently, automatically protecting all applications without requiring binary or source modifications.
1158(https://undeadly.org/cgi?action=article&sid=20040523065005)
1159
1160
1161 
1162
1163guard pages: These can help you debug software and also add some measure of security.
1164(https://undeadly.org/cgi?action=article&sid=20031017121955)
1165
1166
1167
1168
1169RETGUARD:  Return-oriented programming (ROP) has become a common technique for compromising systems via a stack-smashing vulnerability. There are various schemes out there for defeating ROP attacks, but a mechanism called "RETGUARD" that is being implemented in OpenBSD is notable for its relative simplicity.
1170(https://lwn.net/Articles/732201/)
1171
1172
1173
1174
1175Privilege separation: Privilege separation, or privsep, is method in OpenSSH by which
1176operations that require root privilege are performed by a separate
1177privileged monitor process.  Its purpose is to prevent privilege
1178escalation by containing corruption to an unprivileged process.
1179(https://github.com/openssh/openssh-portable/blob/master/README.privsep)
1180
1181
1182
1183Privilege revocation: Related to the work on privilege separation, some programs were refactored to drop privileges while holding onto a tricky resource such as a raw socket, reserved port, or modification-locked bpf(4) descriptor, for example ping(8), traceroute(8), etc.
1184(https://www.openbsd.org/innovations.html)
1185
1186
1187
1188GOT and PLT protection by ld.so: first done as part of the W^X work in OpenBSD 3.3, by Dale Rahn and Theo de Raadt. The GOT and PLT regions are read-only outside of ld.so itself. Extended to the .init/.fini sections (constructors and destructors) in OpenBSD 3.4.
1189
1190
1191
1192
1193arc4random: arc4 random number generator uses the key stream generator employed by the arc4 cipher,function returns pseudo-random numbers in the range of 0 to (2**32)-1, and therefore has twice the range of rand(3) and random(3).
1194(https://www.freebsd.org/cgi/man.cgi?query=arc4random)
1195
1196
1197
1198
1199Sigreturn Cookies: To prevent SROP attacks the kernel needs to know or be able to dervive
1200whether a sigreturn it is processing is in response to a legitimate signal the kernel previously delivered.This patch implement the necessary changes to generate a cookie which will be placed above signal frame upon signal delivery to userland. 
1201The cookie is generated using a per-process random value xor'd with the address where the cookie will be stored on the stack.There are some practical problems with the patch still; for example, it will not do the right thing in settings where checkpoint-restore in user space is in use (a restored process will have a new and different random cookie value, but old cookies may still be on the stack). Such problems can be worked around, but they may force the addition of a sysctl knob to turn this protection off in settings where it breaks things. It also does nothing to protect against ROP attacks in general, it just closes off one relatively easy-to-exploit form of those attacks. But, as low-hanging fruit, it is probably worth pursuing; there is no point in making an attacker's life easier.
1202(https://lwn.net/Articles/681704/)
1203(https://lwn.net/Articles/676803/)
1204
1205
1206
1207
1208
1209gcc-local(1) __attribute__((__bounded__)) static analysis annotation and checking mechanism: Started by Anil Madhavapeddy on June 26, 2003 and ported to GCC 4 by Nicholas Marriott. First released with OpenBSD 3.4.
1210(https://www.openbsd.org/innovations.html)
1211
1212
1213
1214malloc(3) randomization implemented by Thierry Deval. Guard pages and randomized (delayed) free added by Ted Unangst. Reimplemented by Otto Moerbeek for OpenBSD 4.4.
1215(https://www.openbsd.org/innovations.html)
1216
1217
1218
1219ASLR: OpenBSD 3.4 was the first widely used operating system to provide it by default.
1220(https://www.openbsd.org/innovations.html)
1221
1222
1223
1224PIE: OpenBSD 5.3 was the first widely used operating system to enable it globally by default, on seven hardware platforms.
1225(https://www.openbsd.org/innovations.html)
1226
1227
1228
1229Random-data memory: the ability to specify that a variable should be initialized at load time with random byte values was implemented in OpenBSD 5.3 by Matthew Dempsky.
1230(https://www.openbsd.org/innovations.html)
1231
1232
1233
1234Stack protector per shared object: using the random-data memory feature, each shared object was given its own stack protector cookie in OpenBSD 5.3 by Matthew Dempsky.
1235(https://www.openbsd.org/innovations.html)
1236
1237
1238
1239Static-PIE: Position-independent static binaries for /bin, /sbin and ramdisks. First released with OpenBSD 5.7.
1240(https://www.openbsd.org/innovations.html)
1241
1242
1243
1244Library order randomization: In rc(8), re-link libc.so, libcrypto, and ld.so on startup, placing the objects in a random order. Theo de Raadt and Robert Peichaer, May 2016, enabled by default since OpenBSD 6.0 and 6.2.
1245(https://www.openbsd.org/innovations.html)
1246
1247
1248
1249Kernel-assisted lazy-binding for W^X safety in multi-threaded programs. A new syscall kbind(2) permits lazy-binding to be W^X safe in multi-threaded programs. Implemented for OpenBSD 5.9 by Philip Guenther in July 2015.
1250(https://www.openbsd.org/innovations.html)
1251
1252
1253
1254Process layouts in memory tightened to remove execute permission from all segmented, non-instruction data and to remove write permission from data that is only modified during loading and relocation. By combining the RELRO (Read-Only after Relocation) design from the GNU project with the original ASLR work from OpenBSD 3.3 and strict lazy-binding work from OpenBSD 5.9, this is applied to not just a subset of programs and libraries but rather to all programs and libraries. Implemented for OpenBSD 6.1 by Philip Guenther in August 2016.
1255(https://www.openbsd.org/innovations.html)
1256
1257
1258
1259Use of fork+exec in privilege separated programs. The strategy is to give each process a fresh & unique address space for ASLR, stack protector -- as protection against address space discovery attacks. Implemented first by Damien Miller (sshd(8) 2004), Claudio Jeker (bgpd(8), 2015), Eric Faurot (smtpd(8), 2016), Rafael Zalamena (various, 2016), and others.
1260(https://www.openbsd.org/innovations.html)
1261
1262
1263
1264Kernel relinking at boot: the .o files of the kernel are relinked in random order from a link-kit, before every reboot. This provides substantial interior randomization in the kernel's text and data segments for layout and relative branches/calls. Basically a unique address space for each kernel boot, similar to the userland fork+exec model described above but for the kernel. Theo de Raadt, June 2017.
1265(https://www.openbsd.org/innovations.html)
1266
1267
1268
1269Rearranged i386/amd64 register allocator order in clang(1) to reduce polymorphic RET instructions: Todd Mortimer, November 20, 2017.
1270(https://www.openbsd.org/innovations.html)
1271
1272
1273
1274MAP_STACK addition to mmap(2) allows opportunistic verification that the stack-register points at stack memory, therefore catching pivots to non-stack memory (sometimes used in ROP attacks). Theo de Raadt, April 12, 2018.
1275(https://www.openbsd.org/innovations.html)
1276
1277---------------------------------------------------------------------------------------------------------
1278compiler security 
1279
1280
1281libc pointer encryption
1282
1283
1284
1285RANDSTRUCT:is a Grsecurity feature randomize the number of sensitive kernel structures at compile time and ported it to the mainline and merged in v4.12. 
1286
1287
1288
1289 
1290timeless:This will cause warnings when the __TIME__, __DATE__ and __TIMESTAMP__ macros are used.
1291
1292
1293
1294-Wformat -Wformat-security:A gcc security feature while not all programs correctly implement the printf hints (like glib's G_GNUC_PRINTF macro), adding this will at least call out simple printf format string vulnerabilities. Any programs whose builds become "noisy" as a result, should be fixed anyway. 
1295
1296
1297
1298-D_FORTIFY_SOURCE=2 -O1:A gcc security feature that compile-time protection against static sized buffer overflows. No known regressions or performance loss. This should be enabled system-wide. 
1299
1300
1301
1302relro:During program load, several ELF memory sections need to be written to by the linker. This flags the loader to turn these sections read-only before turning over control to the program. Most notably this prevents GOT overwrite attacks. 
1303
1304
1305
1306fstack-protector-strong:This is a stronger variant of stackprotector, but without significant performance penalties.This adds safety checks against stack overwrites. This renders many potential code injection attacks into aborting situations. In the best case this turns code injection vulnerabilities into denial of service or into non-issues (depending on the application).Stack Smashing Protector (SSP) *merely detects stack buffer overruns, they are not prevented.*
1307
1308
1309
1310Position Independent Executables (PIE):Position Independent Executable are needed to take advantage of Address Space Layout Randomization, supported by some kernel versions. While ASLR can already be enforced for data areas in the stack and heap (brk and mmap), the code areas must be compiled as position-independent. Shared libraries already do this (-fPIC), so they gain ASLR automatically, but binary .text regions need to be build PIE to gain ASLR. When this happens, ROP (Return Oriented Programming) attacks are much harder since there are no static locations to bounce off of during a memory corruption attack.
1311
1312
1313reproducible builds:Most aspects of software verification are done on source code, as that is what humans can reasonably understand. But most of the time, computers require software to be first built into a long string of numbers to be used. With reproducible builds, multiple parties can redo this process independently and ensure they all get exactly the same result.
1314
1315
1316SANCOV:The sancov gcc plugin inserts a __sanitizer_cov_trace_pc() call at the start of basic blocks.This plugin is a helper plugin for the kcov feature. It supports all gcc versions with plugin support (from gcc-4.5 on).It is based on the gcc commit "Add fuzzing coverage support" by Dmitry Vyukov.
1317
1318
1319
1320cyclomatic_complexity:Compute cyclomatic complexity of functions based on the gcc internal representation.The cyclomatic complexity of a section of source code is the number of linearly independent paths within it. For instance, if the source code contained no control flow statements (conditionals or decision points), the complexity would be 1, since there would be only a single path through the code. If the code had one single-condition IF statement, there would be two paths through the code: one where the IF statement evaluates to TRUE and another one where it evaluates to FALSE, so the complexity would be 2. Two nested single-condition IFs, or one IF with two conditions, would produce a complexity of 3.
1321
1322
1323
1324PAX_LATENT_ENTROPY:Providing enough randomness, especially at early boot, has been a constant struggle for Linux. While on the Intel platform, Ivy Bridge and newer processor models that support RDRAND generally eliminate the problem of entropy starvation at early boot and runtime, older processors and those of other architectures continue to be plagued by this problem. The demonstrable effects of this include weak private keys on embedded systems, weak randomness on VM guests, predictable stack canaries, and more. PaX's latent entropy plugin included in grsecurity addresses the lack of randomness by modifying the instruction streams of functions called only during boot as well as some specific functions at runtime that perform some unpredictable computations from the perspective of an attacker. These functions are modified to produce a nondeterministic value based on the flow of execution. At several points in the boot process and at runtime, this pseudorandom value is mixed in to the entropy pool. Further, a kernel compiled with this plugin will have the various random pools in the kernel initialized at compile-time to random contents.(Now it’s called “latent_entropy” plugin merged in v4.9.)
1325
1326
1327
1328NOTES 
13291.Issues with Stack Smashing Protector (SSP): The SSP implementation in gcc-3.x is not perfect, and can cause problems. In particular C++ code can be built incorrectly when SSP is enabled, although the exact details are not clear at the moment.The SSP implementation in gcc-4.x is completely different, even so far as changing the semantics of the compiler switches. At the time of writing, we have little experience in the SSP implementation in gcc-4.x. 
1330
1331
13322.Issues with PIEs:Ideally, when building a static executable, a shared library, or building without the standard gcc system files, PIE would not be automatically enabled. Unfortunately, the options -static, -shared, -nostdlib and -nostartfiles are link options, so are usually only supplied to the link command of an executable and not to the compilation commands for individual objects. In these cases, -fPIE will be added to the compilation commands when in fact it shouldn't be. This is an unavoidable limitation, since it is impossible to know from a compilation command for an object exactly what the link command is going to be. Indeed in some cases more than one link command can happen using the same objects. Such cases have to be handled by the relevant ebuild on a case-by-case basis. The -nostdlib and -nostartfiles options occur rarely. The -shared option is usually used when the compilation commands have been performed with -fPIC, so the majority of such cases are not a problem. 
1333
1334
13353.Compiler is the bridge between source code and machine code.
1336
1337
13384.The userland heap is a very significant part of an operating system, and it's not something that gets swapped out from a major operating system distribution at a whim.For those of you who don't have a programming background, let me attempt a brief and non-technical explanation of what a heap is. Basically, it's just a management facility for most of the memory that applications use. When an application (such as Mozilla, your command shell, word processor, and so on) needs some memory, it will typically take this memory from the heap. The heap is responsible for handling these requests, which involve handing out chunks of memory when requested, and freeing the chunks when the application is finished with them.
1339
1340
13415.malloc internally invokes either brk or mmap syscall.
1342
1343-------------------------------------------------------------------------------------------------------- 
1344hardware security 
1345
1346Trusted Platform Module (TPM): is a specialized chip on an endpoint device that stores RSA encryption keys specific to the host system for hardware authentication TPM chips can be used with any major operating system and work best in conjunction with other security technologies such as firewalls, antivirus software, smart cards and biometric verification.
1347(https://whatis.techtarget.com/definition/trusted-platform-module-TPM)
1348
1349
1350
1351
1352Intel Trusted Execution Technology (TXT):is a computer hardware technology whose primary goals are: Attestation of the authenticity of a platform and its operating system,assuring that an authentic operating system starts in a trusted environment, which can then be considered trusted,providing of a trusted operating system with additional security capabilities not available to an unproven one. 
1353(https://en.wikipedia.org/wiki/Trusted_Execution_Technology)
1354
1355
1356
1357
1358Intel Boot Guard: Hardware-based boot integrity protection that prevents unauthorized software and malware takeover of boot blocks critical to a  system's function,thus providing added level of platform security based on hardware.
1359(https://www.intel.com/content/dam/www/public/us/en/documents/product-briefs/4th-gen-core-family-mobile-brief.pdf)
1360
1361
1362
1363secure boot: is one feature of Unified Extensible Firmware Interface (UEFI) 2.3.1 specification (Errata C). The feature defines an entirely new interface between operating system and firmware/BIOS.When enabled and fully configured, Secure Boot helps a computer resist attacks and infection from malware. Secure Boot detects tampering with boot loaders, key operating system files, and unauthorized option ROMs by validating their digital signatures. Detections are blocked from running before they can attack or infect the system.
1364(https://www.intel.com/content/www/us/en/support/articles/000006942/boards-and-kits/desktop-boards.html)
1365
1366
1367
1368
1369trusted boot (tboot): is an open source, pre- kernel/VMM module that uses Intel(R) Trusted Execution Technology (Intel(R) TXT) to perform a measured and verified launch of an OS kernel/VMM.
1370(https://trustedcomputinggroup.org/trusted-boot/)
1371
1372
1373
1374
1375coreboot: is an Open Source project aimed at replacing the proprietary BIOS (firmware) found in most computers. coreboot performs a little bit of hardware initialization and then executes additional boot logic, called a payload.With the separation of hardware initialization and later boot logic, coreboot can scale from specialized applications that run directly from firmware, run operating systems in flash, load custom bootloaders, or implement firmware standards, like PC BIOS services or UEFI. This allows for systems to only include the features necessary in the target application, reducing the amount of code and flash space required. 
1376(https://www.coreboot.org/Welcome_to_coreboot)
1377
1378
1379
1380
1381Libreboot: is a free (as in freedom) BIOS or UEFI replacement, initialising the hardware and booting your operating system.Non-free BIOS/UEFI firmware often contains backdoors, can be slow and have severe bugs, and you are left helpless at the mercy of the developers. By contrast, libreboot is fully free software, where anyone can contribute or inspect its code.
1382Libreboot is faster, more secure and more reliable than most non-free firmware. Libreboot provides many advanced features, like encrypted /boot/, GPG signature checking before booting your kernel and more!
1383(https://libreboot.org/)
1384
1385
1386
1387
1388MBRFilter:  is a simple disk filter designed by Cisco Talos to block write access to the Master Boot Record (MBR). The MBR is used to store information related to how the storage device is partitioned, as well as details regarding the filesystem configuration on the device. MBR Filter prevents rootkits, bootkits, and ransomware, such as Petya Ransomware, from overriding the operating system’s (OS) boot loader. Ransomware, like Petya, overwrite and encrypt the victim’s Master File Table (MTF) to coerce them into paying for an encryption key. 
1389(https://www.talosintelligence.com/mbrfilter)
1390
1391
1392
1393
1394
1395
1396NOTES:
13971.Purchase hardware from manufacturers who support GNU/Linux.
1398
1399
1400
1401
14022.Purchase hardware which supports coreboot/libreboot as a proprietary BIOS replacement. 
1403
1404
1405
1406
14073.Purchase hardware without the need for proprietary drivers or firmware: hdnode.org 
1408
1409
1410
1411
14124.Avoid using wireless devices, since they are insecure.
1413
1414
1415
1416
14175.Preferably disable or remove Bluetooth hardware modules. 
1418
1419
1420
1421
1422
14236.Hardware-specific issues can really only be fixed at the hardware level. At best, software interventions can only provide workarounds.
1424
1425The problem is no hardware exists that consists of entirely Libre firmware. It is very difficult to: analyze the firmware of hardware, wipe potentially compromised versions, or overwrite firmware with a most-likely-clean version. If the firmware being used was Libre Software, it would make verification easier but wouldn't stop infection. Disassembling hardware components (BIOS, disk controllers, CPU, Intel AMT etc.) and flashing them with clean versions offline is so difficult, that it is just cheaper and more convenient to buy new hardware. 
1426
1427
1428
1429
1430
1431
14327.Users should also avoid or disable the commonly deployed PXE boot and Wake-on-Lan (WoL) "features". PXE is implemented either as a Network Interface Card (NIC) BIOS extension or as UEFI code in modern devices (where it can be easily disabled).On most systems, WoL hardware functionality is usually blocked by default and explicitly needs to be enabled using the system BIOS or UEFI.
1433
1434-------------------------------------------------------------------------------------------------------- 
1435802.11 network security
1436
1437Wi-Fi Protected Access 2 (WPA2): is a network security technology commonly used on Wi-Fi wireless networks. It's an upgrade from the original WPA technology, which was designed as a replacement for the older and much less secure WEP.WPA2 further improves the security of a network because it requires using a stronger encryption method called AES.
1438(https://www.lifewire.com/what-is-wpa2-818352) 
1439
1440
1441
1442
1443NOTES 
14441.protects the data messages by generating perpacket keys. Although no security solution can claim to be “bullet-proof,” WPA represents a quantum leap forward in Wi-Fi security.Although recently, Mathy Vanhoef of imec-DistriNet, KU Leuven, discovered a serious weakness in WPA2 known as the Key Reinstallation AttaCK (or KRACK) attack. Their overview, Key Reinstallation Attacks: Breaking WPA2 by forcing nonce reuse, and research paper (Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2, co-authored by Frank Piessens) have created quite a stir in our industry because the press touts that it “breaks Wi-Fi”. 
1445
14462.Disable Wi-Fi Protected Setup (WPS) because it allows any device to connect to the network with the relevant eight-digit PIN.
1447
14483.Do not bother disabling SSID broadcasting since it is trivial to guess.
1449
14504.Do not rely on the WEP and WPA standards which are cryptographically weak and have known security weaknesses. Use the WPA2 standard so only authorized users can use the network.
1451
14525.Use routers that exclusively use WPA2, preferably with the AES standard (CCMP) and not TKIP which is less secure.
1453
14546.Enable the "Block WAN Requests" option to conceal the network from other Internet users.
1455
14567.Limit the number of Dynamic Host Configuration Protocol (DHCP) leases (connects) to the Wi-Fi network to match the number of personal devices owned.
1457
14588.If you must allow use of the Wi-Fi network to visitors, set up a guest network that turns itself off after a set period.
1459
14609.Use the 5-GHz band for Wi-Fi instead of the standard 2.4GHz band (if possible), since the 5 GHz band does not travel as far.
1461
146210.If possible, schedule Wi-Fi networks to turn off at night, and then turn on in the morning. 
1463
146411.If possible, use a dedicated network connection (LAN, WiFi etc.) that is not shared with other potentially compromised computers. 
1465
146612.If using a shared network via a common cable modem/router or ADSL router, configure a de-militarized zone (perimeter network) to restrict Whonix-Gateway accessibility to/from other nodes on the network e.g. printers, phones and laptops. 
1467
146813.A novel approach to counter the replay and fake CTS frame injection DoS attacks caused by not securing the 802.11 control frames is proposed. The solution to improve the current 802.11 control frame protection by generating a unique message authentication code using IAPP framework for key distribution and key management is proposed. SHA-2 or 3, the cryptographic hash function which is used to generate MAC for the control frames is supported by most of the current wireless station adapters which in turn makes this approach very cost effective. 
1469
1470
1471-------------------------------------------------------------------------------------------------------- 
1472Router security 
1473
1474Openwrt:  is a Linux operating system targeting embedded devices. Instead of trying to create a single, static firmware, OpenWrt provides a fully writable filesystem with package management. This frees you from the application selection and configuration provided by the vendor and allows you to customize the device through the use of packages to suit any application. For developers, OpenWrt is the framework to build an application without having to build a complete firmware around it; for users this means the ability for full customization, to use the device in ways never envisioned. 
1475(https://openwrt.org/)
1476
1477
1478
1479
1480pfsense: is an open source firewall/router computer software distribution based on FreeBSD. It is installed on a physical computer or a virtual machine to make a dedicated firewall/router for a network.[5] It can be configured and upgraded through a web-based interface, and requires no knowledge of the underlying FreeBSD system to manage. pfSense is commonly deployed as a perimeter firewall, router, wireless access point, DHCP server, DNS server, and as a VPN endpoint. pfSense supports installation of third-party packages like Snort or Squid through its Package Manager.
1481(https://en.wikipedia.org/wiki/PfSense) 
1482
1483
1484
1485
1486NOTES 
14871.Users should consider upgrading to a commercial-grade router that is normally intended for small businesses as a sensible investment in security. Further, it is safer to have a personally owned routing device that connects to an ISP-provided modem/router in order to maximize administrative control over routing and wireless features of the home network. 
1488
14892.Change the default router username and password to something suitably long and random.
1490 
14913.Turn off Universal Plug and Play (UPnP), which can allow applications to open ports to external computers.
1492
14934.Disable NAT-PMP, since it has similar functionality to UPnP.
1494
14955.Disable the Home Network Administrative Protocol since it allows remote management of network devices.
1496
14976.Port forwarding (if desired by the user) should be limited to a source IP address and/or source IP address subnet.
1498
14997.Keep router firmware up-to-date at all times for better security. Set the self-updating firmware option if it is available.
1500
15018.Do not bind services to the external interface.
1502
15039.Reconfigure the router firewall rules to drop all relevant incoming packets.
1504
150510.Disable the HTTP interface and enable the HTTPS interface instead, preferably on a non-standard port. For example: https://192.168.1.1:82 instead of http://192.168.1.1
1506
150711.Use the browser's incognito or private mode when accessing the administrative interface so the URL is not saved in the browser history.
1508
150912.Change the Service Set ID (SSID) which often leaks router information. Do not use personally identifying information like the apartment number you live in.
1510
151113.Disable cloud-based router management (if offered) because trust is shifted to another person between the user and the router.
1512
151314.Do not use mesh router systems that do not permit local administrative access.
1514
151515.Disable remote administrative access and administrative access over Wi-Fi. Set administrator access only via wired ethernet connections (not possible with mesh routers).
1516
151716.Disable all other remote-access protocols like PING, Telnet and SSH.
1518
151917.Firewall ports should be set to "stealth" rather than "closed" so no response is given to unsolicited external communications from attackers probing the network.
1520
152118.Set logging to on, if the feature is available. This allows for a record of unsolicited incoming connection attempts, attempted logins and so on.
1522
152319.Avoid administrating the router with a smartphone application.
1524
152520.If possible, use a dedicated network connection (LAN, WiFi etc.) that is not shared with other potentially compromised computers. 
1526
152721.If using a shared network via a common cable modem/router or ADSL router, configure a de-militarized zone (perimeter network) to restrict Whonix-Gateway accessibility to/from other nodes on the network e.g. printers, phones and laptops. 
1528
152922.WiFi users should default to the WPA2-AES standard which provides the safest protocol and strongest encryption currently. 
1530
153123.Do not rely on WiFi Protected Set-up (WPS), which has major security flaws.
1532-------------------------------------------------------------------------------------------------------- 
1533vulnerability scanners
1534
1535OpenVAS : created by Greenbone Networks,framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution.The actual security scanner is accompanied with a regularly updated feed of Network Vulnerability Tests (NVTs), over 50,000 in total.
1536(http://www.openvas.org/)
1537
1538
1539
1540Qualys FreeScan (network vulnerablity scanner): scan your network, servers, desktops or web apps for security vulnerabilities,detect security vulnerabilities and the patches needed to fix them,view interactive scan reports by threat or by patch,test websites & apps for OWASP Top Risks and malware,test computers against SCAP security benchmarks.
1541(https://www.qualys.com/forms/freescan/)
1542
1543--------------------------------------------------------------------------------------------------------
1544security focused Microkernels 
1545
1546
1547SeL4: is a high-assurance, high-performance microkernel developed, maintained and formally verified by NICTA (now the Trustworthy Systems Group at Data61) and owned by General Dynamics C4 Systems. It is a member of the L4 family of microkernels,seL4's implementation is formally (mathematically) proved correct (bug-free) against its specification, is proved to enforce strong security properties, and its operations have proved save upper bounds on their worst-case execution times.
1548(https://sel4.systems/About/seL4/) 
1549
1550
1551
1552
1553--------------------------------------------------------------------------------------------------------
1554security by isolation programs
1555
1556
1557XEN : Is a type 1 hypervisor,use more full virtualization options such as Xen can also improve security in the event you plan on running risky applications or browsing dangerous websites,can be used for VM isolation. 
1558(https://wiki.parabola.nu/Security)
1559
1560
1561virtualbox : Type 2 Hypervisor,can be used for VM isolation.
1562(https://www.virtualbox.org/)
1563
1564
1565Linux Containers (LXC): is an operating-system-level virtualization method for running multiple isolated Linux systems (containers) on a single control host (LXC host). It does not provide a virtual machine, but rather provides a virtual environment that has its own CPU, memory, block I/O, network, etc. space and the resource control mechanism. This is provided by namespaces and cgroups features in Linux kernel on LXC host. It is similar to a chroot, but offers much more isolation.
1566(https://en.wikipedia.org/wiki/LXC)
1567
1568
1569Firejail (SUID program) : Firejail is an easy to use and simple tool for sandboxing applications and servers alike. Firejail is suggested for browsers and internet facing applications, as well as any servers you may be running. Firejail is further enhanced when used with Grsecurity.
1570(https://wiki.parabola.nu/Security)
1571
1572
1573bubblewrap: is a setuid sandbox application developed from Flatpak with an even smaller resource footprint than Firejail. While it lacks certain features such as file path whitelisting, bubblewrap does offer bind mounts as well as the creation of user/IPC/PID/network/cgroup namespaces and can support both simple and complex sandboxes.
1574(https://wiki.archlinux.org/index.php/Bubblewrap)
1575
1576
1577chroots: is an operation that changes the apparent root directory for the current running process and their children. A program that is run in such a modified environment cannot access files and commands outside that environmental directory tree. This modified environment is called a chroot jail. 
1578(https://wiki.archlinux.org/index.php/change_root)
1579
1580
1581sandboxie: runs your programs in an isolated space which prevents them from making permanent changes to other programs and data in your computer.
1582(https://www.sandboxie.com/HowItWorks) 
1583
1584
1585NOTES 
1586
15871.A “container” is just a term people use to describe a combination of Linux namespaces and cgroups. Linux namespaces and cgroups ARE first class objects. NOT containers.
1588(https://blog.jessfraz.com/post/containers-zones-jails-vms/)
1589
1590-------------------------------------------------------------------------------------------------------
1591network intrusion prevention system (NIPS) and network intrusion detection system (NIDS) 
1592
1593
1594Bro IDS: Bro comes with analyzers for many protocols, enabling high-level semantic analysis at the application layer.Bro-IDS is a bit different than Snort.In a way Bro is both a signature and anomaly-based IDS. Its analysis engine will convert traffic captured into a series of events. An event could be a user logon to FTP, a connection to a website or practically anything. The power of the system is what comes after the event engine and that's the Policy Script Interpreter. This policy engine has it's own language ( Bro-Script ) and it can do some very powerful and versatile tasks.If you're an analyst and you've wondered "How can I automate some of my work?" then this is the tool you've been looking for.
1595(https://www.alienvault.com/blogs/security-essentials/open-source-intrusion-detection-tools-a-quick-overview)
1596
1597
1598
1599Snort: de-facto standard for IDS and eventually IPS (thanks to community effort!)
1600(https://www.alienvault.com/blogs/security-essentials/open-source-intrusion-detection-tools-a-quick-overview)
1601
1602
1603
1604AlienVault OSSIM (Open Source Security Information Management): integrating a selection of tools designed to aid network administrators in computer security, intrusion detection and prevention.Intended to give security analysts and administrators a view of all the security-related aspects of their system, by combining log management and asset management and discovery with information from dedicated information security controls and detection systems.OSSIM performs these functions using other well-known open-source software security components, unifying them under a single browser-based user interface. OSSIM comes with PRADS,OpenVAS,Snort,Suricata,Tcptrack,Nagios,OSSEC,Munin,NFSen/NFDump,FProbe,OSSIM also includes self developed tools, the most important being a generic correlation engine with logical directive support and logs integration with plugins.Note: Suricata and Snort cannot be used at the same time. Snort is currently being phased out in favor of Suricata.  
1605(https://en.wikipedia.org/wiki/OSSIM)
1606
1607
1608
1609
1610
1611NOTES 
1612There are a number of techniques which attackers are using, the following are considered 'simple' measures which can be taken to evade IDS:
1613
1614
16151.Fragmentation: by sending fragmented packets, the attacker will be under the radar and can easily bypass the detection system's ability to detect the attack signature.
1616
1617
16182.Avoiding defaults: The TCP port utilised by a protocol does not always provide an indication to the protocol which is being transported. For example, an IDS may expect to detect a trojan on port 12345. If an attacker had reconfigured it to use a different port the IDS may not be able to detect the presence of the trojan.
1619
1620
16213.Coordinated, low-bandwidth attacks: coordinating a scan among numerous attackers (or agents) and allocating different ports or hosts to different attackers makes it difficult for the IDS to correlate the captured packets and deduce that a network scan is in progress.
1622
1623
16244.Address spoofing/proxying: attackers can increase the difficulty of the ability of Security Administrators to determine the source of the attack by using poorly secured or incorrectly configured proxy servers to bounce an attack. If the source is spoofed and bounced by a server then it makes it very difficult for IDS to detect the origin of the attack.
1625
1626
16275.Pattern change evasion: IDSs generally rely on 'pattern matching' to detect an attack. By changing the data used in the attack slightly, it may be possible to evade detection. For example, an Internet Message Access Protocol (IMAP) server may be vulnerable to a buffer overflow, and an IDS is able to detect the attack signature of 10 common attack tools. By modifying the payload sent by the tool, so that it does not resemble the data that the IDS expects, it may be possible to evade detection.
1628
1629
16306.An IPS is not the same as an IDS. However, the technology that you use to detect security problems in an IDS is very similar to the technology that you use to prevent security problems in an IPS.
1631(http://searchsecurity.techtarget.com/Do-you-need-an-IDS-or-IPS-or-both)
1632--------------------------------------------------------------------------------------------------------
1633host-based intrusion detection system (HIDS) 
1634
1635OSSEC: is a scalable, multi-platform, open source Host-based Intrusion Detection System (HIDS). It has a powerful correlation and analysis engine, integrating log analysis, file integrity checking, Windows registry monitoring, centralized policy enforcement, rootkit detection, real-time alerting and active response.It runs on most operating systems, including Linux, OpenBSD, FreeBSD, MacOS, Solaris and Windows.
1636(https://ossec.github.io/about.html)
1637
1638
1639
1640
1641NOTES
16421.network intrusion detection (NIDS or IDS) and host intrusion detection (HIDS). These two technologies are very different. They are not redundant in what they do. They are deployed completely differently. They are complementary and cannot be substituted for one another. 
1643
1644Network IDS sits on the network telecommunications media such as an Ethernet network or a wireless network, and passively monitors the contents of packets of information flowing in all directions. IDS looks for types of content, types of services, volumes of services, and source and destination of traffic that shouldn’t be present and alerts upon suspicious activity. IDS does not typically examine changes over time, but alerts on suspicious events which it sees at any one point in time.
1645
1646Host IDS is an entirely different ballgame. It has agents which reside on servers. It monitors several types of changes over time on servers which may indicate security problems. HIDS monitors the dynamic behavior and the state of a computer system and compares what it expects to see with what it actually sees. 
1647(https://www.networkworld.com/article/2228598/security/intrusion-detection--why-do-i-need-ids--ips--or-hids-.html)
1648--------------------------------------------------------------------------------------------------------
1649packet analyzers 
1650
1651
1652packet total: is a free, online PCAP analyzer designed to visualize network traffic, detect malware, and provide analytics for the traffic contained within.  
1653( https://packettotal.com/ )
1654
1655
1656
1657tcpdump: a powerful command-line packet analyzer. 
1658(http://www.tcpdump.org/)
1659
1660-------------------------------------------------------------------------------------------------------
1661network analysis scanners 
1662
1663
1664Wireshark: is network protocol analyzer,it lets you see what’s happening on your network at a microscopic level and is the de facto (and often de jure) standard across many commercial and non-profit enterprises, government agencies, and educational institutions.
1665(https://www.wireshark.org/)
1666
1667
1668Nmap: utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime.  (https://nmap.org/)
1669
1670-------------------------------------------------------------------------------------------------------
1671disk encryption 
1672
1673
1674Linux Unified Key Setup (LUKS): encrypts storage media volumes. 
1675(http://www.forensicswiki.org/wiki/Linux_Unified_Key_Setup_(LUKS) )
1676
1677
1678
1679VeraCrypt: is a free open source disk encryption software for Windows, Mac OSX and Linux. Brought to you by IDRIX (https://www.idrix.fr) and based on TrueCrypt 7.1a.VeraCrypt also solves many vulnerabilities and security issues found in TrueCrypt.As an example, when the system partition is encrypted, TrueCrypt uses PBKDF2-RIPEMD160 with 1000 iterations whereas in VeraCrypt we use 327661. And for standard containers and other partitions, TrueCrypt uses at most 2000 iterations but VeraCrypt uses 655331 for RIPEMD160 and 500000 iterations for SHA-2 and Whirlpool. 
1680(https://www.veracrypt.fr/en/Home.html)
1681
1682
1683
1684
1685
1686NOTES
1687
1688
16891.Question:If I stick to standard operations, and I do not require any of the features from LUKS, what risks am I as a non-expert taking?
1690
1691LUKS partitions have a header that ensures such a partition won't be seen as ext2, vfat, etc. A plain dm-crypt partition may coincidentally end up looking like a unencrypted filesystem, and has a chance of being written to accidentally, destroying your data.
1692
1693LUKS checks if you entered the correct passphrase. If you put in the wrong passphrase, plain dm-crypt won't pick up on this; instead, it will happily give you garbled crypto-mapping which may also coincidentally look like an unencrypted filesystem, and has a chance of being written to accidentally, destroying your data.
1694
1695LUKS stores the type of encryption used, while dm-crypt requires you to supply the same options each time. If, after a period of not using your encrypted device, you find there are a few gaps in your recollection of what the password was, and it turns out you forgot the encryption options as well, you are doubly hosed (this happened to me personally before LUKS existed; the encrypted data wasn't so important so I just reformatted after unsuccessfully trying to get in for an hour or so).
1696(https://security.stackexchange.com/questions/90468/why-is-plain-dm-crypt-only-recommended-for-experts)
1697
1698
1699
17002.It is possible to brute force LUKS with Hashcat.
1701(https://blog.pnb.io/2018/02/bruteforcing-linux-full-disk-encryption.html)
1702
1703-------------------------------------------------------------------------------------------------------
1704security audit tools 
1705
1706
1707Lynis: Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening.  
1708(https://cisofy.com/lynis/)
1709
1710
1711
1712TIGER: The Unix security audit and host intrusion detection tool.  
1713(http://www.nongnu.org/tiger/)
1714
1715
1716
1717Scout2: Security auditing tool for AWS environments. 
1718(https://nccgroup.github.io/Scout2/)
1719
1720
1721
1722prowler: Tool for AWS security assessment, auditing and hardening. It follows guidelines of the CIS Amazon Web Services Foundations Benchmark. 
1723(https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf)
1724
1725
1726
1727lunar: A UNIX security auditing tool based on several security frameworks.  
1728(https://github.com/lateralblast/lunar)
1729
1730-------------------------------------------------------------------------------------------------------
1731Network and applications layer authentication and encryption and secure hash algorithms and password protection (some may support combinations of authentication, integrity, access control, and confidentiality).
1732
1733
1734Quantum cryptography: uses our current knowledge of physics to develop a cryptosystem that is not able to be defeated - that is, one that is completely secure against being compromised without knowledge of the sender or the receiver of the messages. The word quantum itself refers to the most fundamental behavior of the smallest particles of matter and energy: quantum theory explains everything that exists and nothing can be in violation of it.Quantum cryptography is different from traditional cryptographic systems in that it relies more on physics, rather than mathematics, as a key aspect of its security model.
1735(https://searchsecurity.techtarget.com/definition/quantum-cryptography) 
1736
1737
1738
1739
1740SHA3-512 (based off Secure Hash Algorithm 3): is designed to provide a random mapping from a string of binary data to a fixed-size “message digest” and achieve certain security properties. Hash algorithms can be used for digital signatures, message authentication codes, key derivation functions, pseudo random functions, and many other security applications. 
1741(https://csrc.nist.gov/projects/hash-functions/sha-3-project)
1742
1743
1744
1745
1746Elliptic curve cryptography (ECC) (using:Ed25519 and Curve25519): is a public key based , such as RSA , but it is sort of represented in an algebraic structure , ECC offers the same security than RSA but at a smaller footprint , also it’s less cpu intensive so it’s ideal for mobile devices and faster acting networks.
1747(https://hackernoon.com/eliptic-curve-crypto-the-basics-e8eb1e934dc5) 
1748
1749
1750
1751
1752Kerberos: is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. A free implementation of this protocol is available from the Massachusetts Institute of Technology. Kerberos is available in many commercial products as well.
1753(https://web.mit.edu/kerberos/)
1754
1755
1756
1757
1758IP Security Protocol (IPSec):The IP Security (IPsec) architecture comprises a suite of protocols developed to ensure the integrity, confidentiality and authentication of data communications over an IP network.While the flexibility of the IPsec standards has drawn the interest of the commercial sector, this same flexibility has resulted in the identification of several problems with the protocols because of their complexity. As with other security systems, poor maintenance can easily lead to a critical system failure.IPsec may be used in three different security domains: virtual private networks, application-level security and routing security. At this time, IPsec is predominately used in VPNs. When used in application-level security or routing security, IPsec is not a complete solution and must be coupled with other security measures to be effective, hindering its deployment in these domains.
1759(https://www.computerworld.com/article/2561149/security0/ipsec--how-it-works-and-why-we-need-it.html)
1760
1761
1762
1763
1764Advanced Encryption Standard (AES) (using 256 bit): is a symmetric block cipher chosen by the U.S. government to protect classified information and is implemented in software and hardware throughout the world to encrypt sensitive data.The selection process for this new symmetric key algorithm was fully open to public scrutiny and comment; this ensured a thorough, transparent analysis of the designs submitted.
1765(http://searchsecurity.techtarget.com/definition/Advanced-Encryption-Standard) 
1766
1767
1768
1769
1770Rivest-Shamir-Adleman (RSA) (using 4096 bit): is a cryptosystem for public-key encryption, and is widely used for securing sensitive data, particularly when being sent over an insecure network such as the Internet. Public-key cryptography, also known as asymmetric cryptography, uses two different but mathematically linked keys, one public and one private. The public key can be shared with everyone, whereas the private key must be kept secret. In RSA cryptography, both the public and the private keys can encrypt a message; the opposite key from the one used to encrypt a message is used to decrypt it. This attribute is one reason why RSA has become the most widely used asymmetric algorithm: It provides a method of assuring the confidentiality, integrity, authenticity and non-reputability of electronic communications and data storage.RSA derives its security from the difficulty of factoring large integers that are the product of two large prime numbers. Multiplying these two numbers is easy, but determining the original prime numbers from the total -- factoring -- is considered infeasible due to the time it would take even using today’s super computers.
1771(http://searchsecurity.techtarget.com/definition/RSA)
1772
1773
1774
1775
1776GNU Privacy Guard (GPG) (based off PGP): is free encryption software that's compliant with the OpenPGP (RFC4880) standard. Using GPG you can encrypt (and decrypt) files that contain sensitive data, such as protected health information (PHI) regulated by the Health Insurance Portability and Accountability Act (HIPAA) privacy and security rules.
1777(https://kb.iu.edu/d/awio) 
1778
1779
1780
1781
1782Secure Socket Shell (SSH):  is a network protocol that provides administrators with a secure way to access a remote computer. SSH also refers to the suite of utilities that implement the protocol. Secure Shell provides strong authentication and secure encrypted data communications between two computers connecting over an insecure network such as the Internet.
1783(http://searchsecurity.techtarget.com/definition/Secure-Shell) 
1784
1785
1786
1787
1788Transport Layer Security (TLS): Transport Layer Security (TLS) is the successor to Secure Sockets Layer (SSL) for achieving secure transmission across the Internet. But TLS and SSL aren't identical, is a protocol that provides privacy and data integrity between two communicating applications. It's the most widely deployed security protocol used today, and is used for Web browsers and other applications that require data to be securely exchanged over a network, such as file transfers, VPN connections, instant messaging and voice over IP.Key differences between SSL and TLS that make TLS a more secure and efficient protocol are message authentication, key material generation and the supported cipher suites, with TLS supporting newer and more secure algorithms. TLS and SSL are not interoperable, though TLS currently provides some backward compatibility in order to work with legacy systems.
1789(http://searchsecurity.techtarget.com/definition/Transport-Layer-Security-TLS)
1790(http://searchenterprisewan.techtarget.com/tip/TLS-Network-encryption-beyond-SSL-with-Transport-Layer-Security) 
1791
1792
1793
1794
1795Salt: In password protection, salt is a random string of data used to modify a password hash. Salt can be added to the hash to prevent a collision by uniquely identifying a user's password, even if another user in the system has selected the same password. Salt can also be added to make it more difficult for an attacker to break into a system by using password hash-matching strategies because adding salt to a password hash prevents an attacker from testing known dictionary words across the entire system.
1796(http://searchsecurity.techtarget.com/definition/salt)
1797
1798
1799
1800
1801
1802NOTES 
1803
18041.Many protocols like SSH, OpenPGP, S/MIME, and SSL/TLS rely on RSA for encryption and digital signature functions.
1805
1806
1807
18082.IPsec is an end-to-end security scheme operating in the Internet Layer of the Internet Protocol Suite, while some other Internet security systems in widespread use, such as Transport Layer Security (TLS) and Secure Shell (SSH), operate in the upper layers at the Transport Layer (TLS) and the Application layer (SSH). Hence, only IPsec protects all application traffic over an IP network. IPsec can automatically secure applications at the IP layer. 
1809
1810
1811
18123.IPSec controls whether a user can connect to the computer at the IP layer, not the application layer. 
1813
1814
1815
18164.For confidentiality, PGP encrypts messages with an efficient single-key or conventional encryption algorithm known as IDEA. It then uses RSA to encrypt, with the receiver's public key, the IDEA key used to encrypt the message. The receiver can use RSA to recover the IDEA key and use that key to recover the message. 
1817
1818
1819
1820
18215.What do Digital Signatures Prove and What They DO NOT Prove:
1822
1823Digital Signatures show that someone who had access to the private key has made a signature. It is an indication, that its contents have not been tampered (so, integrity is preserved) and can indicate, that a given file is authentic.Digital Signatures do not prove any other property, e.g. that the file is not malicious. In fact there is nothing that could stop people from signing a malicious program. 
1824
1825The point is, of course, that people need to choose to trust some people, e.g. Linus Torvalds, Microsoft, etc. and assume that if a file(s) was indeed signed by those individuals, then indeed it should not be malicious and buggy in some horrible way. But the decision of whether to trust certain people is beyond the scope of digital signatures. 
1826
1827
1828
1829
18306.Now, researchers have presented proof that digitally signed malware is much more common than previously believed. What's more, it predated Stuxnet, with the first known instance occurring in 2003. The researchers said they found 189 malware samples bearing valid digital signatures that were created using compromised certificates issued by recognized certificate authorities and used to sign legitimate software. In total, 109 of those abused certificates remain valid. The researchers, who presented their findings Wednesday at the ACM Conference on Computer and Communications Security, found another 136 malware samples signed by legitimate CA-issued certificates, although the signatures were malformed.
1831(https://arstechnica.com/information-technology/2017/11/evasive-code-signed-malware-flourished-before-stuxnet-and-still-does/)
1832
1833
1834
1835
1836
18377.IP Security Protocol (IPSec), which the operating systems uses rather than relying on the inherently insecure TCP/IP Version 4 (IPV4). (IPV4 chooses to trust just about everybody and everything.) IPSec encrypts and validates packets to protect the privacy of data and to ensure that no changes are made to packets during the delivery process. IPSec became an integral piece of the standard Internet Protocol with the introduction of TCP/IP Version 6 (IPV6), making the future of the Internet more secure by default.
1838
1839
1840
1841
18428.SSL should be done using LibreSSL. 
1843(https://www.quora.com/What-desktop-OS-kernel-is-the-most-hardened-the-most-unhackable)
1844
1845
1846
18479.entropy is the randomness collected by an operating system or application for use in cryptography or other uses that require random data.
1848
1849Basically, when you’re generating keys (let’s say RSA 2048) you need true random numbers. You don’t want them to be deterministic (based on a timestamp or some vague ID): cryptography relies on good randomness.
1850For example, when you boot up a computer, how can this randomness be different from any other computer? This is especially a big issue for IoT devices (routers) with very few sources of entropy — and yet they (sometimes) have to generate keys at boot-time! Resulting in hosts sharing the same keys due to bad randomness. 
1851(https://blog.0day.rocks/introducing-the-first-ever-shitpost-based-rng-c5422bfce257)
1852
1853
1854
1855
185610.60% of HTTPS and SSH hosts served non-unique public keys.
1857(http://web.stanford.edu/class/ee380/Abstracts/150513-slides.pdf)
1858
1859
1860
1861
186211.How can we add entropy on Linux?
1863One basic trick is to move your mouse and type random things on your keyboard. The Linux kernel will automatically add these inputs as entropy bits. But one cannot do that all day long, right?
1864(https://blog.0day.rocks/introducing-the-first-ever-shitpost-based-rng-c5422bfce257)
1865
1866
1867
186812.To help prevent websites from having data breaches the website owners should have salted hashes not just hashes but salted as well.
1869
1870-------------------------------------------------------------------------------------------------------
1871Executable space protections 
1872
1873Data Execution Prevention (DEP): is a security feature that can help prevent damage to your computer from viruses and other security threats. Harmful programs can try to attack Windows by attempting to run (also known as execute) code from system memory locations reserved for Windows and other authorized programs. These types of attacks can harm your programs and files.DEP can help protect your computer by monitoring your programs to make sure that they use system memory safely. If DEP notices a program on your computer using memory incorrectly, it closes the program and notifies you.
1874(http://www.dell.com/support/article/it/it/itbsdt1/sln288643/what-is-data-execution-prevention-dep-?lang=en)
1875
1876
1877
1878
1879W^X: and "Once-writable, never executable" are both sub-cases of DEP. DEP is about making read accesses, and execution accesses, distinct (a writable page is also a readable page). W^X is about using DEP to enforce a specific policy, which is that a given page can never be writable and executable at the same time.  
1880(https://security.stackexchange.com/questions/18936/what-attacks-does-a-wx-policy-prevent-against)
1881
1882
1883
1884NOTES
1885
18861.Bypassing DEP and NX requires a cool trick called Return-Oriented Programming.
1887
1888------------------------------------------------------------------------------------------------------- 
1889server security suite
1890
1891Atomic Secured Linux (ASL): is an easy-to-use, out-of-the-box Unified Security Suite add-on for Linux systems designed to protect your servers against zero-day threats.
1892(https://aws.amazon.com/marketplace/review/product-reviews?asin=B01M0WZ19N)
1893
1894
1895
1896-------------------------------------------------------------------------------------------------------
1897VPNS 
1898
1899
1900ExpressVPN: AES-256 encryption, no logging, Kill Switch, P2P servers, 3 simultaneous connections, DNS Leak Protection feature, 94 countries with 1500+ servers, works with netflix, unlimited bandwidth, Located in Safe Jurisdiction: British Virgin Islands, Cost: $6.67/mo and up,supported platforms: Windows, Mac, Android, Linux (best UI in the industry), iPhone and iPad, Different routers, Different web browsers, PROTOCOLS: OpenVPN, SSTP, L2Tp/IPsec, and PPTP, TOR Compatible. 
1901(https://thebestvpn.com/reviews/expressvpn/)
1902(https://www.expressvpn.com/)
1903
1904
1905
1906NordVPN: Kill Switch, No logs, 60 Countries with Servers 3350+, DNS Leak Protection, 6 simultaneous connections,TOR Compatible, Netflix: Yes, Torrenting: Yes, Cost: $2.75/mo and up, Access to their DoubleVPN servers which encrypts data twice, Jurisdiction: Panama
1907(https://thebestvpn.com/reviews/nordvpn/)  
1908
1909
1910
1911
1912
1913ipvanish: Protocols: OpenVPN, SOCKS5, and Others, No Logs, AES-256 encryption, 60+ countries with 1000+ servers, platforms: Windows, Mac, iOS, Android, Routers, Linux, cost $6.49/$8.99/$10.00, cons: does not work with netflix,No TOR Compatability.
1914(https://thebestvpn.com/reviews/ipvanish/) 
1915(https://www.ipvanish.com/)
1916
1917
1918
1919Riseup VPN (bitmask): protection against ISP surveillance,bypass government censorship,break free from a corporate firewall,secure your Wi-Fi connection: Any time you use a public Wi-Fi connection, everyone else using that access point can spy on your traffic. Riseup VPN will prevent this.
1920(https://riseup.net/en/vpn)
1921
1922
1923
1924
1925
1926iVPN: located in Gibraltar,the Data Protection Act of 2004 keeps the private information of Gibraltar citizens safe and forces businesses to respect user information,The VPN service supports the following devices and operating systems:PC,Mac,Linux/GNU,iPad,iPhone,Android,NAS,Routers,IVPN works simultaneously on as many as five devices,this VPN provides 37 servers 14 countries,And the company offers an integrated firewall that acts as a “kill switch.” The company even claims that it’s more secure than a traditional one,IVPN also offers IPv6 and DNS leak protection,Payment methods include credit cards, debit cards, PayPal, BitCoin, and cash payments,they use AES-256 encryption with 4096-bit RSA keys,New encryption keys are generated every hour providing perfect forward secrecy,Torrenting is allowed with IVPN,does not log anything even your cookies or bandwidth usage,The yearly plan is only $5 per month.
1927(https://thebestvpn.com/reviews/ivpn/)
1928
1929
1930
1931
1932OpenVPN: creates an encrypted UDP or TCP connection (if you don’t understand what that means, it’s IT-talk for computers being able to communicate to one another) that uses Open SSL encryption. This makes it an ideal protocol for VPNs because the connection and encryption make it almost indistinguishable from standard HTTPS traffic. So, if your goal is to access geoblocked content from streaming websites that block VPNs, like Netflix, you’re more likely going to succeed using OpenVPN. This is also why OpenVPN is better than PPTP because even though the latter is faster, it has a higher chance of getting blocked.The extra encryption level also makes OpenVPN an ideal protocol for those using a VPN to stay secure. On top of OpenSSL encryption, OpenVPN supports IPv6 and can add an HMAC Firewall, which identifies packets of data and provides an additional layer of security.You can use the OpenVPN application to create your own VPN, but it requires a lot of technical aspects that the average VPN user will not know how to configure. It is hard to set up manually and should only be attempted if you have a background in IT. However, many top VPN providers use OpenVPN, and their platform makes it very simple to install and run with little or no configuration from the user.
1933(https://www.vpnmentor.com/reviews/open-vpn/#)
1934
1935
1936
1937NOTES 
19381.You -> VPN -> Tor
1939
1940You can very well decrease your anonymity by using VPN/SSH in addition to Tor.If you know what you are doing you can increase anonymity, security and privacy.
1941
1942Most VPN/SSH provider log, there is a money trail, if you can't pay really anonymously. (An adversary is always going to probe the weakest link first...). A VPN/SSH acts either as a permanent entry or as a permanent exit node. This can introduce new risks while solving others.
1943
1944Who's your adversary? Against a global adversary with unlimited resources more hops make passive attacks (slightly) harder but active attacks easier as you are providing more attack surface and send out more data that can be used. Against colluding Tor nodes you are safer, against blackhat hackers who target Tor client code you are safer (especially if Tor and VPN run on two different systems). If the VPN/SSH server is adversary controlled you weaken the protection provided by Tor. If the server is trustworthy you can increase the anonymity and/or privacy (depending on set up) provided by Tor.
1945
1946VPN/SSH can also be used to circumvent Tor censorship (on your end by the ISP or on the service end by blocking known tor exits). 
1947
1948
1949
1950
19512.Do not use a VPN as an anonymity solution. If you're looking for a trusted entry into the Tor network, or if you want to obscure the fact that you're using Tor, setting up a private server as a bridge works quite well.
1952
1953VPNs encrypt the traffic between the user and the VPN provider, and they can act as a proxy between a user and an online destination. However, VPNs have a single point of failure: the VPN provider. A technically proficient attacker or a number of employees could retrieve the full identity information associated with a VPN user. It is also possible to use coercion or other means to convince a VPN provider to reveal their users' identities.
1954
1955
1956
19573.Is it possible to completely disable logging?The command «log/dev/null» on Linux completely removes all the logs of OpenVPN service. Owing to the settings, you can completely disable the logging of any connections to the OpenVPN server. 
1958
1959
1960
19614.Multihop Technology:This basically allows you to “chain” VPN servers, so that your data is routed between two VPN servers as it travels between you and the internet.
1962
1963
19645.An insecure connection is still insecure: Although Riseup VPN will anonymize your location and protect you from surveillance from your ISP, once your data is securely routed through riseup.net it will go out on the internet as it normally would. Therefore, you should still use secure connections (TLS) when available (ie https over http, imaps over imap, etc).
1965
1966
19676.Even though some VPNs claim they do not log,they do monitor some lesser important data, such as: Service performance data (for recommending most suitable servers),E-mail address,Payment data (but you can also use bitcoins).
1968That’s the regular stuff that most (if not all) VPN providers are logging and it’s nothing you should be worried about. 
1969
1970
19717.List of VPN leak via Web RTC 
1972(https://docs.google.com/spreadsheets/d/1Nm7mxfFvmdn-3Az-BtE5O0BIdbJiIAWUnkoAF_v_0ug/htmlview?sle=true#gid=0)
1973
1974
1975
19768.You can check for Web RTC leakage here: (https://ip.voidsec.com/)
1977
1978
1979-------------------------------------------------------------------------------------------------------- 
1980proxies 
1981
19821.Privoxy: is a proxy server that uses application-layer filtering. HTTP traffic passed through Privoxy will have certain privacy-oriented rules applied to them. For example, Privoxy will block ads, detect and disable click-tracking scripts, disabling pop-ups, etc.
1983(https://security.stackexchange.com/questions/45606/how-tor-privoxy-vidalia-and-polipo-are-getting-together)
1984
1985
1986--------------------------------------------------------------------------------------------------------
1987distributing files or data anonymously 
1988
1989secure drop:is designed to use two physical servers: a public-facing server that stores messages and documents, and a second that performs security monitoring of the first. The code on the public-facing server is a Python web application that accepts messages and documents from the web and GPG-encrypts them for secure storage. This site is only made available as a Tor Hidden Service, which requires sources to use Tor, thus hiding their identity from both the SecureDrop server and many types of network attackers. Essentially, it’s a more secure alternative to the "contact us" form found on a typical news site. Every source who visits the site is given a unique "codename." The codename lets the source establish a relationship with the news organization without revealing his/her real identity or resorting to e-mail. They can enter the code name on a future visit to read any messages sent back from the journalist, or submit additional documents and messages under the same persistent, but pseudonymous, identifier. The source is known by a different and unrelated code name on the journalist’s side. All of the source’s submissions, and replies to the source from journalists, are grouped together into a collection. Every time there’s a new submission by a source, their collection is bumped to the top of the submission queue. 
1990(https://securedrop.org/faq)
1991
1992
1993
1994OnionShare:is an open source tool that lets you securely and anonymously share a file of any size.
1995(https://onionshare.org/) 
1996--------------------------------------------------------------------------------------------------------
1997scan websites automatically for common vulnerabilities and errors that can de-anonymize the owner or users 
1998
1999
2000OnionScan:has two primary goals: We want to help operators of hidden services find and fix operational security issues with their services. We want to help them detect misconfigurations and we want to inspire a new generation of anonymity engineering projects to help make the world a more private place.Secondly we want to help researchers and investigators monitor and track Dark Web sites. In fact we want to make this as easy as possible. Not because we agree with the goals and motives of every investigation force out there - most often we don't. But by making these kinds of investigations easy, we hope to create a powerful incentive for new anonymity technology. 
2001(https://onionscan.org/)
2002
2003--------------------------------------------------------------------------------------------------------
2004easiest way to add an onion address to a traditional websites
2005
2006Enterprise Onion Toolkit (EOTK): adds an onion address to a traditional website. 
2007(https://www.bleepingcomputer.com/news/security/quickly-add-an-onion-url-to-your-site-with-the-enterprise-onion-toolkit-eotk-/)
2008
2009-------------------------------------------------------------------------------------------------------
2010proof that bugs and/or highly stealthy malware can go undetected for atleast 1 year or more!
2011
2012
20131.Orpheus' Lyre: In 2017 Two implementations of the Kerberos authentication protocol received patches this week against a vulnerability that allowed a threat actor to bypass authentication procedures.The vulnerability was discovered by a team of three researchers, who dubbed it "Orpheus' Lyre." Researchers tracked down the flaw to Kerberos versions released in 1996.Orpheus' Lyre exploits a part of the Kerberos protocol named "tickets." These are messages exchanged between network nodes, and are used to authenticate services and users.Not all parts of a ticket are encrypted when sent through the network. Kerberos implementations usually rely on checking the encrypted parts of a Kerberos message to authenticate users and services.Researchers said they found a way to force the Kerberos protocol to use the plaintext and non-encrypted part for authentication procedures.
2014
2015
2016
2017
20182.Dirty COW: is a computer security vulnerability for the Linux kernel that affects all Linux-based operating systems  It is a local privilege escalation bug that exploits a race condition in the implementation of the copy-on-write mechanism in the kernel's memory-management subsystem.Because of the race condition, with the right timing, a local attacker can exploit the copy-on-write mechanism to turn a read-only mapping of a file into a writable mapping. Although it is a local privilege escalation, remote attackers can use it in conjunction with other exploits that allow remote execution of non-privileged code to achieve remote root access on a computer.The attack itself does not leave traces in the system log! The vulnerability has existed in the Linux kernel since version 2.6.22 released in September 2007, and there is information about it being actively exploited at least since October 2016.
2019
2020
2021
2022
20233.Heartbleed: is a security bug in the OpenSSL cryptography library, which is a widely used implementation of the Transport Layer Security (TLS) protocol. It was introduced into the software in 2012 and publicly disclosed in April 2014. Heartbleed may be exploited regardless of whether the vulnerable OpenSSL instance is running as a TLS server or client. It results from improper input validation (due to a missing bounds check) in the implementation of the TLS heartbeat extension, thus the bug's name derives from heartbeat. The vulnerability is classified as a buffer over-read, a situation where more data can be read than should be allowed.
2024
2025
2026
2027
20284.POODLE: which stands for "Padding Oracle On Downgraded Legacy Encryption",is a man-in-the-middle exploit which takes advantage of Internet and security software clients' fallback to SSL 3.0.If attackers successfully exploit this vulnerability, on average, they only need to make 256 SSL 3.0 requests to reveal one byte of encrypted messages.POODLE exemplifies a vulnerability that succeeds thanks to a mechanism designed for reducing security for the sake of interoperability. When designing systems in domains with high levels of fragmentation, then, extra care is appropriate. In such domains graceful security degradation may become common. (SSL version 3.0 was released in 1996,so potentially this bug can be as old as 1996!)
2029
2030
2031
2032
20335.Shellshock: also known as Bashdoor,is a family of security bugs in the widely used Unix Bash shell, the first of which was disclosed on 24 September 2014. Many Internet-facing services, such as some web server deployments, use Bash to process certain requests, allowing an attacker to cause vulnerable versions of Bash to execute arbitrary commands. This can allow an attacker to gain unauthorized access to a computer system.The first bug causes Bash to unintentionally execute commands when the commands are concatenated to the end of function definitions stored in the values of environment variables.Within days of the publication of this, intense scrutiny of the underlying design flaws discovered a variety of related vulnerabilities (CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, and CVE-2014-7187); which Ramey addressed with a series of further patches.Analysis of the source code history of Bash shows the bugs had existed since Bash version 1.03 released in September 1989!
2034
2035
2036
2037
20386.VENOM(Virtualized Environment Neglected Operations Manipulation ): is a security vulnerability in the virtual floppy drive code used by many computer virtualization platforms. This vulnerability may allow an attacker to escape from the confines of an affected virtual machine (VM) guest and potentially obtain code-execution access to the host. Absent mitigation, this VM escape could open access to the host system and all other VMs running on that host, potentially giving adversaries significant elevated access to the host’s local network and adjacent systems.The VENOM bug has existed since 2004, though it has reportedly not been exploited in the wild yet.
2039
2040
2041
2042
20437.Meltdown: breaks the most fundamental isolation between user applications and the operating system. This attack allows a program to access the memory, and thus also the secrets, of other programs and the operating system.If your computer has a vulnerable processor and runs an unpatched operating system, it is not safe to work with sensitive information without the chance of leaking the information. This applies both to personal computers as well as cloud infrastructure.There are patches against Meltdown for Linux, Windows, and OS X.Meltdown has potentially existed since 1995.
2044(https://meltdownattack.com/)      
2045(https://lwn.net/Articles/738975/)
2046
2047
2048
2049
20508.Spectre: breaks the isolation between different applications. It allows an attacker to trick error-free programs, which follow best practices, into leaking their secrets. In fact, the safety checks of said best practices actually increase the attack surface and may make applications more susceptible to Spectre.Spectre is harder to exploit than Meltdown, but it is also harder to mitigate.However, it is possible to prevent specific known exploits based on Spectre through software patches.Spectre has potentially existed since 1995.
2051(https://meltdownattack.com/)      
2052(http://lists.llvm.org/pipermail/llvm-commits/Week-of-Mon-20180101/513630.html)
2053
2054
2055
2056
2057
20589.Slingshot: Researchers have discovered malware so stealthy it remained hidden for six years despite infecting at least 100 computers worldwide.which means it was likely developed on behalf of a well-resourced country, researchers with Moscow-based Kaspersky Lab reported Friday.The ability for such a full-featured piece of malware to remain hidden for so long is one of the things that makes it so advanced.One of the ways Slingshot concealed itself was its use of an encrypted virtual file system that was typically located in an unused part of the hard drive. By segregating malware files from the file system of the infected computer, Slingshot stood a much better chance of remaining undetected by antivirus engines. Other stealth techniques included encrypting all text strings in its various modules, calling system services directly to bypass so-called hooks used by security products, and the ability to shut down components when forensic tools are loaded.Infected computers were located primarily in Kenya and Yemen, but also in Afghanistan, Libya, Congo, Jordan, Turkey, Iraq, Sudan, Somalia, and Tanzania. Most of the victims appeared to be targeted individuals. Some, however, were government organizations and institutions.
2059(https://arstechnica.com/information-technology/2018/03/potent-malware-that-hid-for-six-years-spread-through-routers/)
2060
2061
2062
2063
2064
206510.Backdoor Regin: Researchers have unearthed highly advanced malware they believe was developed by a wealthy nation-state to spy on a wide range of international targets in diverse industries, including hospitality, energy, airline, and research.Regin likely required months or years to be completed and contains dozens of individual modules that allowed its operators to tailor the malware to individual targets.To remain stealthy, the malware is organized into five stages, each of which is encrypted except for the first one. Executing the first stage triggers a domino chain in which the second stage is decrypted and executed, and that in turn decrypts the third stage, and so on. Analyzing and understanding the malware requires researchers to acquire all five stages. Regin contains dozens of payloads, including code for capturing screenshots, seizing control of an infected computer's mouse, stealing passwords, monitoring network traffic, and recovering deleted files.Symantec researchers believe Regin was a sprawling framework that was used in multiple campaigns that data back to 2008 and possibly several years earlier.There is still much Symantec doesn't know about Regin. So far, company researchers are aware of only about 100 infections, a number that seems small for such a sprawling framework of malware.The researchers have yet to uncover the command and control system the attackers used to communicate with infected computers, and they still don't have any educated hunches about the country behind the malware. The malware is known to have been active from 2008 until 2011, when it was abruptly pulled by its operators for unknown reasons.Regin, which is the name Microsoft assigned to the underlying trojan, resurfaced in 2013. Symantec researchers became aware of the malware in December of that year. 
2066(https://arstechnica.com/information-technology/2014/11/highly-advanced-backdoor-trojan-cased-high-profile-targets-for-years/)
2067
2068
2069
2070
207111.ProjectSauron/Remsec: Security experts have discovered a malware platform that's so advanced in its design and execution that it could probably have been developed only with the active support of a nation-state.The malware—known alternatively as "ProjectSauron" by researchers from Kaspersky Lab and "Remsec" by their counterparts from Symantec—has been active since at least 2011 and has been discovered on 30 or so targets.Its ability to operate undetected for five years is a testament to its creators, who clearly studied other state-sponsored hacking groups in an attempt to replicate their advances and avoid their mistakes.Much of ProjectSauron resides solely in computer memory and was written in the form of Binary Large Objects, making it hard to detect using antivirus.Because of the way the software was written, clues left behind by ProjectSauron in so-called software artifacts are unique to each of its targets. That means that clues collected from one infection don't help researchers uncover new infections.Unlike many malware operations that reuse servers, domain names, or IP addresses for command and control channels, the people behind ProjectSauron chose a different one for almost every target.In all, Project Sauron is made up of at least 50 modules that can be mixed and matched to suit the objectives of each individual infection.The main purpose of the malware platform was to obtain passwords, cryptographic keys, configuration files, and IP addresses of the key servers related to any encryption software that was in use.Infected groups include government agencies, scientific research centers, military organizations, telecommunication providers, and financial institutions in Russia, Iran, Rwanda, China, Sweden, Belgium, and possibly in Italian-speaking countries.
2072(https://arstechnica.com/information-technology/2016/08/researchers-crack-open-unusually-advanced-malware-that-hid-for-5-years/)
2073
2074
2075
2076
2077
207812.Stuxnet: In January 2010, inspectors with the International Atomic Energy Agency visiting the Natanz uranium enrichment plant in Iran noticed that centrifuges used to enrich uranium gas were failing at an unprecedented rate. The cause was a complete mystery—apparently as much to the Iranian technicians replacing the centrifuges as to the inspectors observing them.Five months later a seemingly unrelated event occurred. A computer security firm in Belarus was called in to troubleshoot a series of computers in Iran that were crashing and rebooting repeatedly. Again, the cause of the problem was a mystery. That is, until the researchers found a handful of malicious files on one of the systems and discovered the world's first digital weapon.Stuxnet, as it came to be known, was unlike any other virus or worm that came before. Rather than simply hijacking targeted computers or stealing information from them, it escaped the digital realm to wreak physical destruction on equipment the computers controlled.Stuxnet has already been at work silently sabotaging centrifuges at the Natanz plant for about a year. An early version of the attack weapon manipulated valves on the centrifuges to increase the pressure inside them and damage the devices as well as the enrichment process. Centrifuges are large cylindrical tubes—connected by pipes in a configuration known as a "cascade"—that spin at supersonic speed to separate isotopes in uranium gas for use in nuclear power plants and weapons. Stuxnet 0.5 could spread only by infecting Step 7 project files—the files used to program Siemens PLCs. This version, however, could spread via USB flash drives using the Windows Autorun feature or through a victim’s local network using the print-spooler zero-day exploit that Kaspersky Lab, the antivirus firm based in Russia, and Symantec later found in the code.It's not clear how long it took Stuxnet to reach its target after infecting machines at Neda and the other companies, but between June and August the number of centrifuges enriching uranium gas at Natanz began to drop.Stuxnet was first identified by the infosec community in 2010, but development on it probably began in 2005. Despite its unparalleled ability to spread and its widespread infection rate, Stuxnet does little or no harm to computers not involved in uranium enrichment. When it infects a computer, it checks to see if that computer is connected to specific models of programmable logic controllers (PLCs) manufactured by Siemens. PLCs are how computers interact with and control industrial machinery like uranium centrifuges.
2079(https://www.wired.com/2014/11/countdown-to-zero-day-stuxnet/)
2080(https://www.csoonline.com/article/3218104/malware/what-is-stuxnet-who-created-it-and-how-does-it-work.html)
2081
2082
2083
2084
2085
208613.Flame: The malware, dubbed "Flame" after one of the dozens of modules available for it, immediately evoked memories of Stuxnet. As sophisticated as Stuxnet and a related piece of espionage software known as Duqu are, the latest piece of malware is probably orders of magnitude more sophisticated. When fully installed, its size is a whopping 20MB, and it also uses SQLite databases and dynamically generated code that uses the Lua programming language. Such characteristics suggest the malware, which Kaspersky estimates has been found on about 1,000 computer systems so far, could only have been written by a large team of highly skilled software engineers.Kaspersky, in a report published Monday, said it found evidence showing Flame had managed to remain undetected for at least two years.At least 20 modules available for the malware bring a menu of highly advanced spying capabilities to the unknown people who control it. One plugin turns on the internal microphone of infected machines so Skype conversations can be secretly monitored in real time. A separate module scans nearby Bluetooth-enabled devices for names and phone numbers stored in contact lists. A third monitors machine activity by taking screenshots every 15 to 60 seconds, depending on whether Outlook or another targeted application is in use, and uses SSL-protected connections to send the images to the attackers. Flame can also sniff traffic passing over local networks to siphon user names, passwords, password hashes, and other sensitive data that attackers can use to further monitor their targets.Flame also contains some advanced features that were first found in Stuxnet. An infection mechanism that exploits a Windows "Autorun" feature in USB drives is one such example, as is its ability to propagate within local networks by exploiting a Windows print-spool vulnerability Microsoft patched in 2010. It's not clear if the developers had access to the same advanced vulnerability the Stuxnet architects had or if they simply added similar functionality based on the huge body of research that followed Stuxnet's discovery.The code contained about 6,500 lines of Lua scripts alone, researchers from BitDefender said.The fact that the software works as well as it does on such a small number of computers also suggests that huge amounts of debugging and quality assurance work was painstakingly devoted to making sure it worked precisely as it was intended. 
2087(https://arstechnica.com/information-technology/2012/05/spy-malware-infecting-iranian-networks-is-engineering-marvel-to-behold/)
2088
2089
2090
2091
2092Gauss: Researchers have uncovered yet another state-sponsored computer espionage operation that uses state-of-the-art software to extract a wealth of sensitive data from thousands of machines located mostly in the Middle East."Gauss," as Kaspersky Lab researchers have dubbed the malware, was devised by the same "factory" or "factories" responsible for the Stuxnet worm used to disrupt Iran's nuclear program, as well as the Flame and Duqu Trojans. Some researchers say the latter two malware titles may have provided the reconnaissance needed for operations such as Stuxnet. Gauss is known to have infected 2,500 computers connected to Kaspersky's cloud-based security system, and researchers with the firm say tens of thousands of additional machines may also be affected. The highest concentration of attacks are found in Lebanon, followed by Israel and the Palestinian territories.Like Duqu and Flame, Gauss is highly modular, and it shares a "fair deal of code" with Flame. Its developers failed to remove debugging information before unleashing the malware, however, allowing researchers to uncover details about the computers used to develop the malware. A version developed in December and January, for instance, resided in the Windows directory c:\documents and settings\flamer\desktop\gauss_white_1, providing another clue it has close ties to Flame, which is also known as Flamer and didn't come to light until May. Gauss and Flame also share a similar command and control infrastructure, code references, and encryption subroutines. Gauss, which appears to be an homage to the German mathematician and scientist Johann Carl Friedrich Gauss, comes from the name one of the developers gave to the main module. Developers appear to have named other modules after famous mathematicians and philosophers Kurt Godel and Joseph-Louis Lagrange.Another curious discovery is Gauss' ability to steal and monitor data from the clients of Citibank and PayPal, as well as several Lebanese banks."This is actually the first time we’ve observed a nation-state cyber-espionage campaign with a banking Trojan component," Kaspersky researchers wrote. "It is not known whether the operators are actually transferring funds from the victim’s bank accounts or whether they are simply monitoring finance/funding sources for specific targets."Gauss comes with plenty of other tantalizing unknowns. It's programmed to collect technical details about an infected computer's network connections, processes and folders, BIOS, CMOS, RAM, and local and removable drives. It's configured to upload that data to five command-and-control servers that were shut down last month before Kaspersky could infiltrate them.A Gauss component that infects USB drives exploits the same Microsoft Windows vulnerability used to spread Stuxnet and Flame from computer to computer even when they're not connected to the Internet. Microsoft patched the bug affecting files with .LNK extensions two years ago, but because so many "air-gapped" computers don't regularly receive software updates, it's likely many of the victims remained vulnerable, Roel Schouwenberg, a senior Kaspersky researcher, told Ars.Adding to the intrigue, Gauss contains an encrypted payload that Kaspersky researchers so far have been unable to unlock. It's loaded onto USB sticks that are inserted into Gauss-infected machines and executed when they're plugged into uninfected computers later, but only under unknown conditions. A mysterious subroutine searches for detailed system configurations and rifles through hundreds of directories and uses a cryptographically hashed result of that data as the secret key. Kaspersky has appealed for help from "world-class cryptographers" in decrypting the contents so they can learn exactly what the module is doing. Kaspersky researchers can be e-mailed at theflame@kaspersky.com.
2093(https://arstechnica.com/information-technology/2012/08/nation-sponsored-malware-has-mystery-warhead/)
2094
2095
2096
2097
2098--------------------------------------------------------------------------------------------------------
2099helpful security  Vulnerability focused reporting sites
2100
2101
2102Common Vulnerabilities and Exposures (CVE)
2103https://cve.mitre.org/
2104
2105
2106Open Threat Exchange (OTX)
2107https://www.alienvault.com/open-threat-exchange
2108
2109
2110Browse Exploit Database
2111https://www.exploit-db.com/browse/
2112
2113
2114Security Advisories for Firefox
2115https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/
2116
2117
2118Intel security advisory
2119(https://security-center.intel.com/advisories.aspx)
2120
2121
2122computer security resource center
2123https://csrc.nist.gov/news
2124
2125security focus
2126https://www.securityfocus.com/vulnerabilities
2127
2128
2129Secunia Research Community
2130https://secuniaresearch.flexerasoftware.com/advisories/search/
2131
2132
2133
2134---------------------------------------------------------------------------------------------------------
2135protection against Cross-Site Request Forgery (CSRF) 
2136
2137We recommend two separate checks as your standard CSRF defense that does not require user intervention. This discussion ignores for the moment deliberately allowed cross origin requests (e.g., CORS). Your defenses will have to adjust for that if that is allowed. 
2138
2139
21401.Check standard headers to verify the request is same origin
2141
21422.AND Check CSRF token 
2143
2144(for a full explanation go here: https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet )
2145
2146
2147
2148--------------------------------------------------------------------------------------------------------
2149Preventing Remote File Inclusion (RFI) Attacks 
2150
2151
21521.Never use arbitrary input data in a literal file include request.
2153
2154
21552.Use a filter to thoroughly scrub input parameters against possible file inclusions.
2156
2157
21583.Build a dynamic whitelist.
2159
2160
2161NOTES
21621.The RFI is a cousin to the nefarious XSS cross-site scripting attack. Both are forms of code injection, although the RFI is less sophisticated. As such, it is also more easily prevented. 
2163
2164
21652.Like all code injection attacks, RFI is a result of allowing unsecure data into a secure context. The best way to prevent an RFI attack is to never use arbitrary input data in a literal file include request. 
2166
2167
2168(for a full explanation go here: http://www.esecurityplanet.com/browser-security/how-to-prevent-remote-file-inclusion-rfi-attacks.html )
2169-------------------------------------------------------------------------------------------------------- 
2170cross site scripting (XSS) defense
2171
21721.HTML Escape Before Inserting Untrusted Data into HTML Element Content 
2173
2174
2175
21762.Attribute Escape Before Inserting Untrusted Data into HTML Common Attributes 
2177
2178
2179
21803.JavaScript Escape Before Inserting Untrusted Data into JavaScript Data Values 
2181
2182
2183
21844.HTML escape JSON values in an HTML context and read the data with JSON.parse 
2185
2186
2187
21885.CSS Escape And Strictly Validate Before Inserting Untrusted Data into HTML Style Property Values 
2189
2190
2191
21926.URL Escape Before Inserting Untrusted Data into HTML URL Parameter Values 
2193
2194
2195
2196
21977.Prevent DOM-based XSS 
2198
2199
2200
2201
22028.Use HTTPOnly cookie flag 
2203
2204Preventing all XSS flaws in an application is hard, as you can see. To help mitigate the impact of an XSS flaw on your site, OWASP also recommends you set the HTTPOnly flag on your session cookie and any custom cookies you have that are not accessed by any Javascript you wrote. This cookie flag is typically on by default in .NET apps, but in other languages you have to set it manually.
2205
2206
2207
2208
22099.Implement Content Security Policy 
2210
2211There is another good complex solution to mitigate the impact of an XSS flaw called Content Security Policy. It's a browser side mechanism which allows you to create source whitelists for client side resources of your web application, e.g. JavaScript, CSS, images, etc. CSP via special HTTP header instructs the browser to only execute or render resources from those sources.
2212
2213
2214
221510.Use an Auto-Escaping Template System
2216
2217Many web application frameworks provide automatic contextual escaping functionality such as AngularJS strict contextual escaping and Go Templates. Use these technologies when you can.
2218
2219
2220
222111.Use the X-XSS-Protection Response Header 
2222
2223This HTTP response header enables the Cross-site scripting (XSS) filter built into some modern web browsers. This header is usually enabled by default anyway, so the role of this header is to re-enable the filter for this particular website if it was disabled by the user. 
2224
2225
2226(for a full explanation go here: https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet )
2227--------------------------------------------------------------------------------------------------------
2228defenses against SQL injections 
2229
2230Defense Option 1: Prepared Statements (with Parameterized Queries) 
2231
2232The use of prepared statements with variable binding (aka parameterized queries) is how all developers should first be taught how to write database queries. They are simple to write, and easier to understand than dynamic queries. Parameterized queries force the developer to first define all the SQL code, and then pass in each parameter to the query later. This coding style allows the database to distinguish between code and data, regardless of what user input is supplied.
2233
2234Prepared statements ensure that an attacker is not able to change the intent of a query, even if SQL commands are inserted by an attacker. In the safe example below, if an attacker were to enter the userID of tom' or '1'='1, the parameterized query would not be vulnerable and would instead look for a username which literally matched the entire string tom' or '1'='1. 
2235
2236
2237
2238
2239
2240
2241
2242
2243Defense Option 2: Stored Procedures
2244
2245Stored procedures are not always safe from SQL injection. However, certain standard stored procedure programming constructs have the same effect as the use of parameterized queries when implemented safely* which is the norm for most stored procedure languages. They require the developer to just build SQL statements with parameters which are automatically parameterized unless the developer does something largely out of the norm. The difference between prepared statements and stored procedures is that the SQL code for a stored procedure is defined and stored in the database itself, and then called from the application. Both of these techniques have the same effectiveness in preventing SQL injection so your organization should choose which approach makes the most sense for you. 
2246
2247
2248
2249
2250
2251
2252Defense Option 3: White List Input Validation 
2253
2254Various parts of SQL queries aren't legal locations for the use of bind variables, such as the names of tables or columns, and the sort order indicator (ASC or DESC). In such situations, input validation or query redesign is the most appropriate defense. For the names of tables or columns, ideally those values come from the code, and not from user parameters. But if user parameter values are used to make different for table names and column names, then the parameter values should be mapped to the legal/expected table or column names to make sure unvalidated user input doesn't end up in the query. Please note, this is a symptom of poor design and a full re-write should be considered if time allows. 
2255
2256
2257
2258
2259
2260
2261
2262Defense Option 4: Escaping All User Supplied Input 
2263
2264This technique should only be used as a last resort, when none of the above are feasible. Input validation is probably a better choice as this methodology is frail compared to other defenses and we cannot guarantee it will prevent all SQL Injection in all situations.
2265
2266This technique is to escape user input before putting it in a query. It is very database specific in its implementation. Its usually only recommended to retrofit legacy code when implementing input validation isn't cost effective. Applications built from scratch, or applications requiring low risk tolerance should be built or re-written using parameterized queries, stored procedures, or some kind of Object Relational Mapper (ORM) that builds your queries for you.
2267
2268This technique works like this. Each DBMS supports one or more character escaping schemes specific to certain kinds of queries. If you then escape all user supplied input using the proper escaping scheme for the database you are using, the DBMS will not confuse that input with SQL code written by the developer, thus avoiding any possible SQL injection vulnerabilities.
2269
2270
2271
2272Additional Defenses 
2273
2274To minimize the potential damage of a successful SQL injection attack, you should minimize the privileges assigned to every database account in your environment. Do not assign DBA or admin type access rights to your application accounts. We understand that this is easy, and everything just ‘works’ when you do it this way, but it is very dangerous. Start from the ground up to determine what access rights your application accounts require, rather than trying to figure out what access rights you need to take away. Make sure that accounts that only need read access are only granted read access to the tables they need access to. If an account only needs access to portions of a table, consider creating a view that limits access to that portion of the data and assigning the account access to the view instead, rather than the underlying table. Rarely, if ever, grant create or delete access to database accounts.
2275
2276If you adopt a policy where you use stored procedures everywhere, and don’t allow application accounts to directly execute their own queries, then restrict those accounts to only be able to execute the stored procedures they need. Don’t grant them any rights directly to the tables in the database.
2277
2278SQL injection is not the only threat to your database data. Attackers can simply change the parameter values from one of the legal values they are presented with, to a value that is unauthorized for them, but the application itself might be authorized to access. As such, minimizing the privileges granted to your application will reduce the likelihood of such unauthorized access attempts, even when an attacker is not trying to use SQL injection as part of their exploit.
2279
2280While you are at it, you should minimize the privileges of the operating system account that the DBMS runs under. Don't run your DBMS as root or system! Most DBMSs run out of the box with a very powerful system account. For example, MySQL runs as system on Windows by default! Change the DBMS's OS account to something more appropriate, with restricted privileges.
2281
2282
2283
2284(for a full explanation go here: https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet )
2285-------------------------------------------------------------------------------------------------------- 
2286XPath Injection Defenses 
2287
22881.Just like the techniques to avoid SQL injection, you need to use a parameterized XPath interface if one is available, or escape the user input to make it safe to include in a dynamically constructed query. If you are using quotes to terminate untrusted input in a dynamically constructed XPath query, then you need to escape that quote in the untrusted input to ensure the untrusted data can't try to break out of that quoted context. 
2289
22902.Another better mitigation option is to use a precompiled XPath query. Precompiled XPath queries are already preset before the program executes, rather than created on the fly after the user's input has been added to the string. This is a better route because you don't have to worry about missing a character that should have been escaped.
2291(https://www.owasp.org/index.php/XPATH_Injection)
2292
2293
2294
2295--------------------------------------------------------------------------------------------------------
2296problems that have not been solved yet
2297
2298
22991.Tor is vulnerable to statistical "traffic confirmation" attacks, where the adversary watches traffic at both ends of a circuit and confirms his guess that they're communicating. It would be really nice if we could use cover traffic to confuse this attack. But there are three problems here:
2300
2301.Cover traffic is really expensive. And *every* user needs to be doing it. This adds up to a lot of extra bandwidth cost for our volunteer operators, and they're already  pushed to the limit.
2302
2303.You'd need to always be sending traffic, meaning you'd need to always be online. Otherwise, you'd need to be sending end-to-end cover traffic -- not just to the first hop, but all the way to your final destination -- to prevent the adversary from correlating presence of traffic at the destination to times when you're online. What does it mean to send cover traffic to -- and from -- a web server? That is not supported in most protocols.
2304
2305.Even if you *could* send full end-to-end padding between all users and all destinations all the time, you're *still* vulnerable to active attacks that block the padding for a short time at one end and look for patterns later in the path. 
2306(https://www.torproject.org/docs/faq.html.en#SendPadding)
2307
2308
2309
2310
2311
2312
23132.Security researchers have raised the alarm for years about the Intel remote administration feature known as the Management Engine. The platform has a lot of useful features for IT managers, but it requires deep system access that offers a tempting target for attackers; compromising the Management Engine could lead to full control of a given computer. Now, after several research groups have uncovered ME bugs, Intel has confirmed that those worst-case fears may be possible.
2314(https://www.wired.com/story/intel-management-engine-vulnerabilities-pcs-servers-iot/)
2315
2316UPDATE:It might Now be Possible To Disable & Strip Down Intel's ME  
2317(https://phoronix.com/scan.php?page=news_item&px=Intel-ME-Cleaning  Via an open-source, third-party tool called me_cleaner )
2318
2319
2320
2321
2322
23233.It seems that there will always be bugs,or exploits,in the coding of programs,OSes,etc. and that there will never be error-free/bug free coding of programs,thats why theres a constant need for updating,your hardware,software,program, etc. even when patches or fixes are implemented that just brings more coding involved,and potentially create more bugs due to that one fix you created for that 1 bug.The best we can do is reduce the amount of coding,and make sure our very own patches don't create more bugs or exploits.
2324
2325
2326
2327
2328
23294.Trust is an issue,at some point you have to trust,that someone at the manufactory of your computer that you bought did not put a backdoor or any malware,on your new computer,other examples include but are not limited to your internet service provider (ISP),server operator,Tor developers etc. 
2330
2331
2332
2333
23345.The host system clock synchronization mechanism still uses unauthenticated NTP from a single source. This is not optimal, but there is no real solution to this problem.A potential attack vector is created by this NTP behavior; the ISP and/or time server could either inadvertently or maliciously introduce a significant clock skew, or the host clock could simply malfunction. 
2335(https://www.whonix.org/wiki/Advanced_Security_Guide)
2336
2337
2338
23396.Unfortunately, it is not yet possible to set a random clock offset for Qubes-Whonix VMs to prevent clock correlation attacks since it is unsupported by Xen. A related issue is denying Qubes-Whonix access to "clocksource=xen", which may not be possible without Linux kernel and/or Xen patches.
2340(https://www.whonix.org/wiki/Advanced_Security_Guide)
2341
2342
2343
2344--------------------------------------------------------------------------------------------------------
2345General and technical Notes 
2346
23471.In linux use sudo instead of su.
2348(https://wiki.parabola.nu/Security) 
2349
2350
2351
2352
2353
23542.It is possible to tighten the security so much as to make your system unusable,do it without over doing it. 
2355(https://wiki.archlinux.org/index.php/security)
2356
2357
2358
2359
23603.Never reuse an address space.
2361
2362
2363
2364
2365
23664.Avoid using secure shell without requiring SSH keys,to help mitigate brute force attacks. 
2367
2368
2369
2370
23715.when using SSH, implement Fail2ban so only key authentication is allowed.
2372
2373
2374
2375
2376
23776.download over TLS and even better to verify the gpg signatures,and even better then those two is to obtain the software or item you want  by creating by source code. 
2378
2379
2380
2381
2382
23837. Intel Software Guard Extensions (SGX) supposedly has the ability to create a secure enclave within a potentially compromised OS. (update:here are some known weaknesses of SGX: https://github.com/jovanbulck/sgx-pte  and  https://www.techrepublic.com/article/spectre-like-attack-exposes-entire-contents-of-intels-sgx-secure-enclave/)
2384
2385
2386
23878.The good that comes with Unikernels: a smaller codebase,no shell and even no System calls, and also removing hardware emulation.
2388(http://unikernel.org/blog/2017/unikernels-are-secure) 
2389
2390
2391
23929.The bad that comes with unikernels: (https://thenewstack.io/unikernels-will-create-security-problems-solve/)
2393
2394
2395
2396
2397
239810.TCP timestamps are disabled by default in Qubes R3.1 and above.
2399(https://www.whonix.org/wiki/Computer_Security_Education#Microphone)
2400
2401
2402
2403
240411.qubes-url-redirector: is a browser's extension to improve security. It's for Qubes OS and it's written using standard WebExtension APIs. It permits to manage which VM is responsible to open links, obviously redirection happens before any TCP connection is made. Furthermore, through context menu entries, you can open a specific link in a custom way. Currently you can open links in: DVM, a default-VM, a specific VM and in this VM. 
2405(https://github.com/raffaeleflorio/qubes-url-redirector)
2406
2407
2408
2409
2410
241112.Constantly check for updates of outdated hardware and software programs and drivers. 
2412
2413
2414
2415
2416
2417
2418
241913.Apply a BIOS password for BIOS set up and boot. 
2420(https://www.whonix.org/wiki/System_Hardening_Checklist)
2421
2422
2423
2424
2425
242614.In Qubes always open untrusted files in DispVM.
2427(https://www.qubes-os.org/doc/dispvm/)
2428
2429
2430
2431
243215.Most .bat's that you will see online will be malicious. Some are good though.Always open .bat files with caution.  
2433(https://softwap.blogspot.cz/2013/04/basic-of-hacking-complete-source-must.html)
2434
2435
2436
2437
2438
243916.Be weary of vulnerable apt-get  downloads through untrusted Tor exit relays. 
2440(https://www.whonix.org/wiki/Advanced_Security_Guide)
2441
2442
2443
2444
2445
244617.Users should understand that the system clock inside Whonix is set to UTC to prevent against time zone leaks. This means it may be a few hours ahead or behind the user's host system clock. It is strongly recommended not to change this setting. 
2447(https://www.whonix.org/wiki/Advanced_Security_Guide)
2448
2449
2450
2451
2452
245318.The Whonix-Gateway state should not be suspended or saved. It is far better to power off the Whonix-Gateway if it is no longer needed. 
2454(https://www.whonix.org/wiki/Advanced_Security_Guide)
2455
2456
2457
2458
2459
246019.Similarly, if users suspend or save the Whonix-Workstation state, the clock will again lag behind the correct value.This can be manually fixed inside Whonix-Workstation by running: Start Menu -> Applications -> System -> Whonix Timesync. 
2461(https://www.whonix.org/wiki/Advanced_Security_Guide)
2462
2463
2464
2465
2466
2467
246820.If the host clock value is grossly inaccurate - more than one hour in the past or more than 3 hours in future - Tor cannot connect to the Tor network.This is easily solved by manually fixing the clock on the host, then powering the Whonix-Gateway off and on again. 
2469(https://www.whonix.org/wiki/Advanced_Security_Guide)
2470
2471
2472
2473
2474
247521.Another side effect of a significantly inaccurate host clock concerns operating system (OS) updates and cryptographic verification on the host. Until the host clock is manually fixed, it may no longer be possible to download updates or verify SSL certificates with the host browser. 
2476(https://www.whonix.org/wiki/Advanced_Security_Guide)
2477
2478
2479
2480
2481
2482
248322.Users should always check whether a host clock defect relates to an empty battery before assuming the ISP is tampering with NTP. 
2484(https://www.whonix.org/wiki/Advanced_Security_Guide)
2485
2486
2487
2488
2489
2490
249123.Spoofing the initial virtual hardware clock offset is useful to prevent Clock Correlation Attacks. 
2492(https://www.whonix.org/wiki/Advanced_Security_Guide)
2493
2494
2495
2496
2497
2498
249924.For greater security, higher performance and a lower resource footprint, consider using an experimental MirageOS-based unikernel firewall that can run as a QubesOS ProxyVM. 
2500(https://www.whonix.org/wiki/System_Hardening_Checklist)
2501
2502
2503
2504
2505
2506
250725.Store encrypted back-ups on a separate back-up disk that is already encrypted with LUKS or dm-crypt.
2508
2509
2510
2511
2512
2513
251426.Two things that have not been name spaced as of yet are time and kernel keystrings. 
2515(https://blog.jessfraz.com/post/two-objects-not-namespaced-linux-kernel/)
2516
2517
2518
2519
2520
252127.Deactivate TransPort Test for better Stream Isolation. 
2522
2523
2524
2525
2526
252728.Run all instances of Tor Browser in an uncustomized Whonix-Workstation DisposableVM in Qubes-Whonix.
2528(https://www.whonix.org/wiki/Tor_Browser)
2529
2530
2531
2532
2533
2534
2535
253629.Selfrando significantly improves security over standard address space layout randomization (ASLR) techniques currently used by Firefox and other mainstream browsers. 
2537(https://motherboard.vice.com/en_us/article/z43zpw/tor-is-teaming-up-with-researchers-to-protect-users-from-fbi-hacking)
2538
2539
2540
2541
2542
2543
254430.TCP Initial Sequence Numbers mitigation. 
2545(https://tools.ietf.org/html/rfc6528)
2546
2547
2548
2549
2550
2551
255231.set RELRO to "Full RELRO" instead of "Partial RELRO". 
2553
2554
2555
2556
2557
255832.always use HTML5 instead of adobe flash. 
2559
2560
2561
2562
2563
2564
256533.From time to time a user asks which incoming/outgoing ports are required by Whonix-Gateway. The answer is:
2566
2567Incoming: none.
2568Outgoing: all.
2569
2570An alternative technique for controlling ports might be corridor (a Tor traffic whitelisting gateway), since it can act as a firewall.
2571(https://www.whonix.org/wiki/Advanced_Security_Guide)
2572
2573
2574
2575
257634.JSONP (JSON with Padding) is a method commonly used to bypass the cross-domain policies in web browsers. (You are not allowed to make AJAX requests to a web page perceived to be on a different server by the browser.) Solution:should look to use Cross-Origin Resource Sharing (CORS) where possible.
2577(https://www.nytimes.com/2015/06/13/technology/chinese-hackers-circumvent-popular-web-privacy-tools.html) 
2578
2579
2580
2581
258235.Mainframes: are notoriously difficult to get access to, making security testing difficult, if not impossible.Ayoub Elaassal, a security auditor at consulting firm Wavestone, was one of the lucky few who were able to access a mainframe for an audit.It didn't take him too long to find a vulnerability that, if exploited, could have given him root access to a mainframe and its vital, sensitive data."We could potentially compromise the whole system, and to whatever we want -- like intercepting transactions and issuing wire transfers,"
2583(https://www.zdnet.com/article/hacking-mainframe-black-hat-talk-secure-platform/)
2584
2585 
2586
2587
258836.NTP is a buggy and ancient protocol. Flaws in NTP clients can be remotely exploited to give an attacker control over the system,uninstall  NTP clients on the host operating system and disable systemd's timdatectl NTP synchronization feature,this prevents time-related attack vectors which rely on leakage of the host time,and add sdwdate (Secure Distributed Web Date). 
2589(https://www.whonix.org/wiki/Time_Attacks)
2590
2591
2592
2593
2594
2595
259637.Block incoming ICMP messages (and any traffic in general) with iptables or any of its frontends.Disable ICMP timestamps and TCP timestamps on the host operating system to prevent leakage of: system information, host time, system uptime, and fingerprinting of devices behind a router. 
2597(https://www.whonix.org/wiki/Time_Attacks)
2598
2599
2600
2601
2602
260338.If a Trusted Platform Module (TPM) is available, use AEM protection to attest that only desired (trusted) components are loaded and executed during the system boot. Unauthorized modifications to BIOS or the boot partition will be notified.
2604(https://www.whonix.org/wiki/System_Hardening_Checklist)
2605
2606
2607
2608
2609
2610
2611
261239.Avoid dual booting,even if you are using encryption on your Qubes installation, /boot is still unprotected and could be maliciously modified by the other OS possibly leading to Qubes itself being maliciously modified. 
2613(https://www.qubes-os.org/doc/multiboot/)
2614
2615
2616
2617
261840.Open-source hardware is also not perfectly secure, since it is not "stateless", that is, lacking any persistent storage.
2619(https://www.whonix.org/wiki/Computer_Security_Education)
2620
2621
2622 
2623
262441.CONFIG_GRKERNSEC_RANDSTRUCT_PERFORMANCE  = increased security if turned off 
2625
262642.CONFIG_GRKERNSEC_TPE  = Cool feature that can prevent things from executing everywhere, no performance hit. 
2627
262843.CONFIG_GRKERNSEC_SYSFS_RESTRICT = Might not work with Wayland and/or systemd ? 
2629
263044.CONFIG_GRKERNSEC_NO_RBAC = If RBAC isn't going to be used it's better to turn this on to prevent any abuse, no performance hit.
2631
263245.CONFIG_GRKERNSEC_IO = No performance hit.
2633
263446.CONFIG_PAX_MEMORY_UDEREF = Some virtualisations solutions can take a huge performance hit with this security setting. 
2635
263647.CONFIG_PAX_MEMORY_SANITIZE = 3% performance hit on single CPU system. 
2637
263848.CONFIG_PAX_MEMORY_STACKLEAK = 1% performance hit on single CPU system.
2639
264049.CONFIG_PAX_MEMORY_STRUCTLEAK = Even less performance hit than STACKLEAK.
2641
264250.GRKERNSEC_CONFIG_PRIORITY_SECURITY = Choose this option if security is of highest priority for this deployment of grsecurity.  UDEREF, kernel stack clearing, clearing of structures intended for userland, and freed memory sanitizing will be enabled for this kernel.In a worst-case scenario, these features can introduce a 20% performance hit  
2643(UDEREF on x64 contributing half of this hit). 
2644(https://github.com/subgraph/subgraph-os-issues/issues/237)
2645
2646
2647
2648
264951.People who built computers in the early 2000's will tell you BIOS updates are risky, and they were, but not anymore. 
2650(https://decentsecurity.com/securing-your-computer/)
2651
2652
2653
2654
265552.Good programming lanuages for security might be golang,D,Rust, and Ada. 
2656
2657
2658
2659
2660
266153.Most programming languages higher level than C are much more secure when it comes to programming errors like Heartbleed's. Examples that primarily compile to machine code include D, Rust and Ada. 
2662(https://security.stackexchange.com/questions/55723/are-there-secure-languages)
2663
2664
2665
2666
2667
266854.Whonix-Workstation Security:In Qubes-Whonix the best practice is to use DisposableVMs for all your internet activity. Alternatively, periodically delete your Whonix-Workstation AppVM(s) and create fresh instances from the Whonix-Workstation TemplateVM.  
2669(https://www.whonix.org/wiki/Security_Guide)
2670
2671
2672
2673
267455.Use a Yubikey to enhance the security of Qubes user authentication, mitigate the risk of password snooping, and to improve USB keyboard security.The Qubes Yubikey provides an easy way to integrate the Yubikey into your existing Qubes user authentication in order to mitigate the risk of having someone or something snooping on your keyboard while you type your password.
2675
2676It has been designed to be used with a USB AppVM to protect against USB based attacks. 
2677(https://www.qubes-os.org/doc/yubi-key/)
2678
2679
2680
2681
268256.For greater security, advanced users should consider configuring the OS to avoid making core dumps. If possible, preventing access to process memory is also advisable, along with secure storage of the file system.Although core dumps are typically readable only by root,but may contain sensitive data (such as passwords or cryptographic keys), which are written to disk following a crash.
2683(https://www.whonix.org/wiki/Computer_Security_Education#Microphone)
2684
2685
2686 
268757.websites can easily determine whether you have allowed JavaScript for them, and if you disable JavaScript by default but then allow a few websites to run scripts (the way most people use NoScript), then your choice of whitelisted websites acts as a sort of cookie that makes you recognizable (and distinguishable), thus harming your anonymity.  
2688(https://superuser.com/questions/1232146/why-noscript-isnt-activated-by-default-in-tor-browser)
2689
2690
2691
2692
2693
269458.SQL Injection flaws are introduced when software developers create dynamic database queries that include user supplied input. To avoid SQL injection flaws is simple. Developers need to either: a) stop writing dynamic queries; and/or b) prevent user supplied input which contains malicious SQL from affecting the logic of the executed query. 
2695(https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet)
2696
2697
2698
2699
2700
270159.Configure sys-whonix to use corridor as a filtering gateway to ensure only connections to Tor relays pass through. This provides an additional fail-safe to protect from accidental clearnet leaks that might arise from hypothetical Whonix bugs.
2702(https://www.whonix.org/wiki/System_Hardening_Checklist)
2703
2704
2705
2706
2707
270860.Anonymity is compromised if another NAT network adapter is added to the Whonix-Workstation. If this advice is disregarded, then your identity is leaked if/when infection occurs. Therefore, it is strongly recommended to always update over the Tor network. Although Tor updating is slow by comparison, it prevents inadvertent leaks. 
2709(https://www.whonix.org/wiki/Security_Guide)
2710
2711
2712
2713
271461.Avoid using wireless keyboards and mice because most send data unencrypted. Even if this wasn't the case, there is no way to verify the robustness of the cryptography involved in proprietary products. A local adversary (up to 100 meters away) can sniff keystrokes and inject their own, allowing them to take over the machine. 
2715(https://www.whonix.org/wiki/Computer_Security_Education#Microphone)
2716
2717
2718
2719
2720
2721
272262.Torrify apt-get traffic on the host to prevent fingerprinting and leakage of sensitive security information.Apt-transport-tor is a package that allows host operating systems or non-Whonix-Workstation VMs that are not behind a torifying gateway (like Whonix-Gateway) to torify their apt-get traffic for individual repositories. 
2723
2724Strictly speaking, there is no need to use apt-transport-tor inside Whonix VMs since all traffic is already routed over Tor. apt-get is stream isolated using a preconfigured uwt wrapper. In other words, apt-get in Whonix is already talking to a Tor SocksPort. Nevertheless, apt-transport-tor will be the default in Whonix 14 because it provides better error handling and stream isolation. 
2725(https://www.whonix.org/wiki/Advanced_Security_Guide)
2726
2727
2728
2729
2730
2731
273263.TCP timestamps provide protection against wrapped sequence numbers,but the downside of TCP timestamps is adversaries can remotely calculate the system uptime (and boot time) of the machine and the host's clock down to millisecond precision. These calculated uptimes (and boot times) can also help to detect hidden network-enabled operating systems, as well as link spoofed IP and MAC addresses together and more. 
2733To prevent this information being available to an adversary, it is recommended that TCP timestamps are disabled on any operating systems being used. The less information available to attackers, the greater the security.Disable TCP Timestamps via kernel sysctl. Note this boolean disables it for both IPv4 and IPv6 - both are controlled by the same sysctl option. 
2734(https://www.whonix.org/wiki/Computer_Security_Education#Microphone)
2735
2736
2737
2738
2739
2740
274164.Ada language is designed to prevent common programming errors as much as possible and is used in critical systems where a system bug might have catastrophic consequences.Many issues can be mitigated through proper coding style, code review, unit tests, etc. but having them done at the language level means that you get it for free.It is also worth adding that despite the fact that a language designed for security such as Ada removes many classes of bugs, there is still nothing stopping you from introducing business logic bugs that the language doesn't know anything about. 
2742(https://books.google.com/books?id=0U1ODwAAQBAJ&pg=PT2384&lpg=PT2384&dq=Ada+language+is+designed+to+prevent+common+programming+errors+as+much+as+possible+and+is+used+in+critical+systems+where+a+system+bug+might+have+catastrophic+consequences&source=bl&ots=IFpsvGgiAU&sig=-q1DHgz87ti472Z9KxGIs0tDbqk&hl=en&sa=X&ved=2ahUKEwih38iLla_aAhWC7oMKHQxMBtQQ6AEwAXoECAAQOA#v=onepage&q=Ada%20language%20is%20designed%20to%20prevent%20common%20programming%20errors%20as%20much%20as%20possible%20and%20is%20used%20in%20critical%20systems%20where%20a%20system%20bug%20might%20have%20catastrophic%20consequences&f=false)
2743
2744
2745
2746
2747
2748
274965.Do not use C (and C++)
2750
2751Technically, it is possible to write an implementation of C which would be "safe" and still formally conforms to the C standard, but at a steep price (for instance, you have to make free() a no-operation, so allocated memory is allocated "forever"). Nobody does that. 
2752(https://security.stackexchange.com/questions/55723/are-there-secure-languages)
2753
2754
2755
2756
2757
275866.Metrics Portal:provides analytics for the Tor network, including graphs of its available bandwidth and estimated userbase;
2759   
2760   Atlas:is a web application to learn about currently running Tor relays; and
2761   
2762   ExoneraTor:answers the question of whether there was a Tor relay running on a given IP address on a given date.  
2763(https://www.torproject.org/projects/projects.html.en)
2764(https://blog.torproject.org/atlas-recent-improvements)
2765(https://exonerator.torproject.org/)
2766
2767
2768
2769
2770
2771
2772
277367.USBKill is an anti-forensics script written in the aftermath of the SilkRoad trial. Its purpose is to trigger protection events that prevents adversaries from siphoning files/installing malware/running a mouse jiggler. It creates a USB white-list of allowed devices of which anything else plugged into the machine causes it to erase the computer's RAM and immediately shutdown. This can be adjusted to exclude all devices. It can also be used in reverse, with a white-listed flash drive in the USB port attached to the user's wrist via a lanyard serving as a key. In this instance, if the flash drive is forcibly removed, the program will initiate the desired routines.
2774(https://www.whonix.org/wiki/Advanced_Security_Guide)
2775
2776
2777
2778
277968.The MAC address is normally not traceable because it is not passively sent to computers beyond the local router.However, other computers on the local network can potentially log it.Also,due to weaknesses in current spoofing methods it is likely the MAC address can be enumerated via the physical characteristics of the Wi-Fi card.If users intend to use an untrusted, public network then MAC spoofing should be considered.Spoofing is only necessary if you expect to travel with your laptop or PC. It is not required for home PCs that do not change locations.
2780(https://www.whonix.org/wiki/Computer_Security_Education)
2781
2782
2783
2784
2785
278669.If the user's home network has a cable modem internet connection, the ISP either provides the cable modem device as part of the service or requires pre-registration of the MAC address of the self-provided cable modem in order to setup the service.
2787
2788If a user manages to hack or change the MAC address of the modem, the service would immediately cease functioning because the IP address assignment is apportioned for, and bound to, that specific MAC address. As a result, when connecting from behind a cable modem/NAT router, MAC address spoofing of the computer's ethernet adapter may be pointless. If a user is traced, the trackable endpoint will be the MAC address of the cable modem device.
2789(https://www.whonix.org/wiki/Computer_Security_Education)
2790
2791
2792
2793
2794
2795
2796
279770.In the case of flash based storage like SSDs and USBs, never storing data unencrypted in the first place is the only solution to protecting data.
2798
2799Unlike HDDs overwriting data on SSDs is no longer effective in wiping the disk.The most important consequence of this is that old passwords may still be around, potentially for a very long time because fast erase by overwriting the header and key-slot area is insecure.Example: You change your password because you notice it was exposed to shoulder-surfing or CCTV recording. On a SSD the old password is still retrievable and can be used to decrypt the master key and your data because secure overwriting no longer works as with magnetic disks.
2800
2801Also wear-leveling mechanisms like TRIM leak information about the filesystem that can aid forensics.You must keep TRIM disabled (the default) during Linux LUKS-encrypted installs.
2802(https://www.whonix.org/wiki/Advanced_Security_Guide) 
2803
2804
2805
2806
280771.Cache-based side-channel attacks are a serious problem in multi-tenant environments, for example, modern cloud data centers. We address this problem with Cloak, a new technique that uses hardware transactional memory to prevent adversarial observation of cache misses on sensitive code and data. We show that Cloak provides strong protection against all known cache-based side-channel attacks with low performance overhead.
2808We demonstrate the efficacy of our approach by retrofitting vulnerable code with Cloak and experimentally confirming immunity against state-of-the-art attacks. We also show that by applying Cloak to code running inside Intel SGX enclaves we can effectively block information leakage through cache side channels from enclaves, thus addressing one of the main weaknesses of SGX. 
2809(https://www.microsoft.com/en-us/research/publication/strong-efficient-cache-side-channel-protection-using-hardware-transactional-memory/)
2810
2811
2812
2813
281472.Here is a list of additional programming language features that (I think) make it much harder to write unsafe code. The first five features expand the compiler's capabilities in reasoning about your code, so you, a human being prone to error making, don't have to*. In addition, these features also should make it easier for a fellow human being, an auditor, to reason about your code. OpenSSL's source code is often described as a mess and a language stricter than C could have helped to make it easier to reason about. The last two features are about context issues that affect security as well.
2815
28161.A strict type system: Makes it easier to reason about program correctness. Eliminates certain input attacks.
2817
28182.Immutable by default: having immutable values as the primary data container means it is much easier to reason about the state of your program.
2819
28203.Disabled or restricted unsafety: Don't allow scary things such as pointer arithmetic (e.g. Go), or, at least only allow it if wrapped in big fat warnings (Rust). Note that a language lacking in pointer arithmetic completely is excluded for use in a huge number of applications that require low level access.
2821
28224.Compile time taint checking: expand the type system to allow identifying tainted values: values that depend in some way based on input. The compiler could then (conditionally) forbid operations with a tainted value that leak information to outside observers, such as branching on such a value. This could prevent or at least migitate certain classes of timing attacks. As far as I know, these are only available in static code analysis tools, and not in compilers themselves?
2823
28245.Dependent types: dependent types are a means to tell the compiler that "here is an Int whose values are between 2 and 87" or "here is a String of maximum length 12 containing only alphanumeric characters". Failure to meet these requirements results in compilation failure, and not a runtime failure with likely unsecure results. This feature is available in Idris and some theorem prover languages.
2825
28266.Absence of garbage collection: Garbage collection is a big problem for language safety - it creates garbage collection pauses in your program. These pauses leak information about the state of your program and allow timing attacks to happen. When the garbage collector is invoked is impossible (or at best incredibly hard) to predict as a developer, however, and subject to huge changes for even the smallest amount of code changes.
2827
28287.Performance, portability & interopability: It may be fine if you have need for a secure and slow program that only runs on the PowerPC platform, but don't expect anyone else to use it for a cross-platform TLS library. OpenSSL is popular precisely because it's fast and runs everywhere from obscure MIPS-based routers to massively parrallel SPARC servers and everything in between. Furthermore any program or runtime in the world can interface with OpenSSL as a library because it uses C calling conventions.
2829From my limited knowledge of languages, no language does all of these. Rust is an example of a language that covers many - it is strict, immutable by default, has restricted unsafety, does not require garbage collection and is quite performant and portable. Compile time taint checking and dependent types presently appear to be exotic features that require either additional static code analysis tools or new languages, unfortunately. 
2830(https://security.stackexchange.com/questions/55723/are-there-secure-languages)
2831
2832
2833
2834
2835
2836
2837
283873.We study the effectiveness of countermeasures for traffic analysis attacks within our proposed framework. Two basic countermeasure strategies are (a) to pad the traffic with constant interarrival times of packets (CIT) or (b) to pad the
2839traffic with variable interarrival times (VIT). Our experiments show that CIT countermeasures fail when the adversary uses sample variance or sample entropy of packet interarrival times for statistical analysis. On the other hand,
2840VIT countermeasures are effective regardless of which sample statistics are used by the adversary. These observations
2841are validated by analysis of detection rates based on sample
2842distributions of packet interarrival times.
2843Key Words - packet interarrival times, traffic analysis attacks, statistical analysis, statistical pattern recognition
2844(https://ieeexplore.ieee.org/abstract/document/1203483/)
2845
2846
2847
2848
2849
285074.Security researchers have successfully broken one of the most secure encryption algorithms, 4096-bit RSA, by listening — yes, with a microphone — to a computer as it decrypts some encrypted data. The attack is fairly simple and can be carried out with rudimentary hardware. 
2851
2852Acoustic cryptanalysis, carried out by Daniel Genkin, Adi Shamir (who co-invented RSA), and Eran Tromer, uses what’s known as a side channel attack. A side channel is an attack vector that is non-direct and unconventional, and thus hasn’t been properly secured. For example, your pass code prevents me from directly attacking your phone — but if I could work out your pass code by looking at the greasy smudges on your screen, that would be a side channel attack. In this case, the security researchers listen to the high-pitched (10 to 150 KHz) sounds produced by your computer as it decrypts data. 
2853
2854Acoustic cryptanalysis is actually surprisingly dangerous. Imagine if you were decrypting some files in a library, coffee shop, or other public space — someone could obtain your decryption key just by placing their phone near your computer. Alternatively, an attacker could use spear phishing to put malware on your phone that listens for the decryption key. With HTML5 and Flash able to access the microphone, it would be possible to build a website that listens for encryption keys too. The researchers propose one particularly nefarious scenario: Put a microphone into a co-located server, slot it into a rack in a data center, and then scoop up the encryption keys from hundreds of nearby servers. 
2855
2856If you want to keep your data secure, you only really have two viable options: Heavy-duty encryption, physical security, and ideally both at the same time. If an attacker can’t get physically close to your data, it instantly becomes much harder to steal it. As far as mitigating acoustic cryptanalysis attacks, you either implement physical security — keep your laptop in a sound-tight box, or never let anyone near your computer when you’re decrypting data — or you need to use a “sufficiently strong wide-band noise source.” Something like a swooping, large-orchestra classical concerto would probably do it.
2857(https://www.extremetech.com/extreme/173108-researchers-crack-the-worlds-toughest-encryption-by-listening-to-the-tiny-sounds-made-by-your-computers-cpu)
2858
2859
2860
2861
2862
2863
2864
286575.Normally the dial-up or broadband provider knows your name, postal address and non-anonymous payment method. If Tor or Whonix is compromised, then an adversary only needs to pressure the service provider to confirm your identity. This is not the case if using an anonymous WiFi adapter plugged or integrated into the Whonix-Gateway.
2866
2867For safer use, it is recommended to:
2868
28691.Buy the WiFi adapter anonymously in a store, second-hand or on the street.
28702.Never provide personal data during a purchase.
28713.Do not use the adapter for prior, non-anonymous activity. Some providers or hotspots log MAC addresses and the username (if paid).
28724.If possible, only use free hotspots or pay for them anonymously. Otherwise abstain from paid hotspots.
28735.For greater security, always use a new, distant, random, non-circular hotspot location. 
2874(https://www.whonix.org/wiki/Security_Guide)
2875
2876
2877
2878
2879
2880
288176.Onionizing Repositories 
2882
2883When Whonix, Debian and Qubes packages are installed or updated, default settings point to repositories with a http:// URL.However, experimental Tor hidden services are already available for the Whonix, Debian and Qubes packages. 
2884
2885There are several security and privacy benefits of using Tor hidden services: 
2886
28871.The user cannot be uniquely targeted for malicious updates (attackers are forced to attack everyone requesting the update).
28882.The package repository, or observers watching it, can't track what programs are installed.
28893.The ISP cannot easily learn what packages are fetched.
28904.End-to-end authentication and encryption provides protection against man-in-the-middle attacks e.g. version downgrade attacks. 
2891(https://www.whonix.org/wiki/Security_Guide#Onionizing_Repositories)
2892
2893
2894
2895
2896
289777.Attention must also be given to changing the usual Tor entry guards used for connections.Entry guard changes are necessary for every Tor instance on the user's machine host (apt-transport-tor) and guest.An authentication technique can fingerprint devices - and also track user devices as a side-effect - by observing inter-packet timings on a LAN's wire-segment. The timing effects are the result of how various components in a machine create packets.Fortunately, this technique cannot be used to identify devices across the internet.This technique can be defeated by inducing random delays in a machine's packet stream. Since there is no concern about impersonating other devices on the LAN, it doesn't matter that such an authentication system will view such machines as "unknown". 
2898(https://www.whonix.org/wiki/Computer_Security_Education)
2899
2900
2901
2902
2903
290478.not related to security but still helpful https://gyazo.com/c73be243e9508b7f82f0a15fea607930 
2905
2906
2907
2908
2909
2910
291179.Locking down your web site (in Apache) 
2912
2913If you are the owner of a web site and have SSL security on it, you can “lock it down” so that the only cipher that your web site supports is “256-bit AES”.  This takes the choice out of the end user’s hands — either they use AES or they don’t connect securely.  This is a good thing to do for very sensitive sites.  However, the “danger” is that some of your users may be using web browsers that do not support AES (like old versions Internet Explorer), and thus will not have any access to your site unless they change browsers.
2914
2915To lock your site down to support 128-bit and 256-bit AES only (to get AES but not require 256-bit, so that some browsers like iPhone and such will work), you would add to your Apache httpd.conf file:
2916
2917SSLCipherSuite AES256-SHA:AES128-SHA
2918
2919This can be added globally, in a virtual host, or even in your .htaccess file.  It will ensure that any successful connection to your site will use one of these ciphers.  Just be sure to add it to the secure settings for your site and not just the insecure site area!
2920
2921In general, for a high security configuration for Apache, you will want to support only TLS v1.0+ and only NIST-recommended cipher suites. 
2922(https://www.scribd.com/document/15841912/How-does-SSL-or-TLS-work)
2923
2924
2925
2926
2927
292880.apt-offline is an Offline APT Package Manager.
2929
2930apt-offline can fully update and upgrade an APT based distribution without connecting to the network, all of it transparent to APT.
2931
2932apt-offline can be used to generate a signature on a machine (with no network). This signature contains all download information required for the APT database system. This signature file can be used on another machine connected to the internet (which need not be a Debian box and can even be running windows) to download the updates. The downloaded data will contain all updates in a format understood by APT and this data can be used by apt-offline to update the non-networked machine.
2933
2934apt-offline can also fetch bug reports and make them available offline. 
2935(https://packages.debian.org/stretch/apt-offline)
2936
2937
2938
2939
2940
294181.VM images that are built with frozen sources rather than current sources (including Whonix)
2942is that latest stable releases sometimes contain vulnerable, remotely exploitable applications that are very likely to be used over untrusted networks that are in a position to run man-in-the-middle attacks. One example of this is [CVE-2014-6273] in apt-get.Self-created builds from source code using current sources would solve this.Although using Current Sources comes with its own issues. 
2943(https://www.whonix.org/wiki/Advanced_Security_Guide)
2944
2945
2946
2947
2948
2949
2950
295182.Cleaning a Compromised System
2952So, you didn’t patch the system and it got hacked. What to do? Well, let’s see:
2953
2954
2955
2956You can’t clean a compromised system by patching it. Patching only removes the vulnerability. Upon getting into your system, the attacker probably ensured that there were several other ways to get back in.
2957
2958
2959
2960You can’t clean a compromised system by removing the back doors. You can never guarantee that you found all the back doors the attacker put in. The fact that you can’t find any more may only mean you don’t know where to look, or that the system is so compromised that what you are seeing is not actually what is there.
2961
2962
2963
2964You can’t clean a compromised system by using some “vulnerability remover.” Let’s say you had a system hit by Blaster. A number of vendors (including Microsoft) published vulnerability removers for Blaster. Can you trust a system that had Blaster after the tool is run? I wouldn’t. If the system was vulnerable to Blaster, it was also vulnerable to a number of other attacks. Can you guarantee that none of those have been run against it? I didn’t think so.
2965
2966
2967
2968You can’t clean a compromised system by using a virus scanner. To tell you the truth, a fully compromised system can’t be trusted. Even virus scanners must at some level rely on the system to not lie to them. If they ask whether a particular file is present, the attacker may simply have a tool in place that lies about it. Note that if you can guarantee that the only thing that compromised the system was a particular virus or worm and you know that this virus has no back doors associated with it, and the vulnerability used by the virus was not available remotely, then a virus scanner can be used to clean the system. For example, the vast majority of e-mail worms rely on a user opening an attachment. In this particular case, it is possible that the only infection on the system is the one that came from the attachment containing the worm. However, if the vulnerability used by the worm was available remotely without user action, then you can’t guarantee that the worm was the only thing that used that vulnerability. It is entirely possible that something else used the same vulnerability. In this case, you can’t just patch the system.
2969
2970
2971
2972You can’t clean a compromised system by reinstalling the operating system over the existing installation. Again, the attacker may very well have tools in place that tell the installer lies. If that happens, the installer may not actually remove the compromised files. In addition, the attacker may also have put back doors in non-operating system components.
2973
2974
2975
2976You can’t trust any data copied from a compromised system. Once an attacker gets into a system, all the data on it may be modified. In the best-case scenario, copying data off a compromised system and putting it on a clean system will give you potentially untrustworthy data. In the worst-case scenario, you may actually have copied a back door hidden in the data.
2977
2978
2979
2980You can’t trust the event logs on a compromised system. Upon gaining full access to a system, it is simple for an attacker to modify the event logs on that system to cover any tracks. If you rely on the event logs to tell you what has been done to your system, you may just be reading what the attacker wants you to read.
2981
2982
2983
2984You may not be able to trust your latest backup. How can you tell when the original attack took place? The event logs cannot be trusted to tell you. Without that knowledge, your latest backup is useless. It may be a backup that includes all the back doors currently on the system.
2985
2986
2987
2988The only way to clean a compromised system is to flatten and rebuild. That’s right. If you have a system that has been completely compromised, the only thing you can do is to flatten the system (reformat the system disk) and rebuild it from scratch (reinstall Windows and your applications).Although there are State-Sponsored malicious firmware that can create a secret storage vault that can survive military-grade disk wiping and reformatting, making sensitive data stolen from victims available even after reformatting the drive and reinstalling the operating system. 
2989(https://arstechnica.com/information-technology/2015/02/how-omnipotent-hackers-tied-to-the-nsa-hid-for-14-years-and-were-found-at-last/) 
2990(https://technet.microsoft.com/en-us/library/cc700813.aspx)