aboutsummaryrefslogtreecommitdiff
path: root/research/security.mdwn
blob: 38e32ced3cc25b67f92d4a35b33bfaa086c241c2 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
[[!meta title="Security"]]

Research and development in security:

* [Creepy - Geolocation OSINT Tool](http://www.geocreepy.com/) ([package](https://packages.debian.org/wheezy/creepy)).
* [Qubes OS](https://www.qubes-os.org/):
  * [Qubes - Debian Wiki](https://wiki.debian.org/Qubes).
  * [i3 | Qubes OS](https://www.qubes-os.org/doc/i3/).
  * [Qubes OS 3.2 [LWN.net]](https://lwn.net/Articles/705827/).
* bitmask and LEAP.
* port knocking.
* hardened systems: apparmor, gradm2, firejail, seccomp, etc.
* sshd:
  * https://stribika.github.io/2015/01/04/secure-secure-shell.html
  * https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774711#60
  * http://security.stackexchange.com/questions/64562/how-should-i-defend-against-zero-day-attack-on-ssh
  * https://charlieharvey.org.uk/page/ssh_port_pros_and_cons
* fuzzy testing: fusil, etc.
* router: serial console to other boxes with dhe luks! :)
* [Mailcap, HTML and AppArmor](http://www.justgohome.co.uk/blog/2014/02/mailcap-html-apparmor.html).
* Increased security on smtp/imaps password storage:
  * https://github.com/sup-heliotrope/sup/wiki/Securely-Store-Password
  * http://serverfault.com/questions/149452/how-can-i-use-fetchmail-or-another-email-grabber-with-osx-keychain-for-authent
  * http://mah.everybody.org/docs/mail/fetchmail_check
* Enhanced shell:
  * Add a counter-measure to prevent SSH timing attacks:
    http://users.ece.cmu.edu/~dawnsong/papers/ssh-timing.pdf
    http://www.slideshare.net/idsecconf/countermeasure-against-timing-attack-on-ssh-using-random-delay
    http://www.scribd.com/doc/59628153/Timing-Analysis-of-Keystrokes-and-Timing-Attacks-on-SSH-Revisited
* https://shodan.io
* https://censys.io
* https://keybase.io
* https://github.com/shadowsocks/shadowsocks-go