GNU/Linux

  • 0

WireGuard: modern VPN  wireguard.io

"WireGuard is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography. It aims to be faster,simpler, leaner, and more useful than IPSec, while avoiding the massive headache. It intends to be considerably more performant than OpenVPN. "

  • 0

Dev-Sec: Security + DevOps - Automatic Server Hardening  dev-sec.io

"Hardening adds a layer into your automation framework, that configures your operating systems and services. It takes care of difficult settings, compliance guidelines, cryptography recommendations, and secure defaults."

  • 0

Linux Foundation: Linux workstation security checklist  github.com

"This is a set of recommendations used by the Linux Foundation for their systems administrators. All of LF employees are remote workers and we use this set of guidelines to ensure that a sysadmin's system passes core security requirements in order to reduce the risk of it becoming an attack vector against the rest of our infrastructure."

  • 0

EXT4 Encryption Design Document  docs.google.com

"EXT4 encryption will currently focus exclusively on attacks against file content (not metadata) confidentiality under a single point-in-time permanent offline compromise of the block device content. EXT4 encryption in its current form does not protect the confidentiality of file metadata, including the file sizes and permissions."

  • 0

Linux-internals  github.com

  • 0

An Introduction to SELinux on CentOS 7 – Part 1/3: Basic Concepts  digitalocean.com

Security Enhanced Linux or SELinux is an advanced access control mechanism built into most modern Linux distributions.

"Many system administrators find SELinux a somewhat uncharted territory. The topic can seem daunting and at times quite confusing. However, a properly configured SELinux system can greatly reduce security risks, and knowing a bit about it can help you troubleshoot access-related error messages."