I was wondering if anyone would be interested in continuing it here. It could use some additions like fail2ban, Linux Malware Detection, perhaps firejail, and other things. Does the community have any interest in resurrecting it here?
Really? How is OpenBSD more secure? OK I see this, interesting. But how would a noob like me know that's more secure than Linux? I mean Linux has that other OS beat three ways to Sunday IMNO (Noobish)
Crunchbang Linux Download 32 Bit
Download Zip 🔥 https://geags.com/2yGAT8 🔥
I'm a big fan of OpenBSD and have been using it for many (15?) years. I love it as a transparent bridging firewall. There are times, though, that Linux is a preferable choice. I mainly use OpenBSD for firewalls, routing, etc. I do have a laptop running OpenBSD/XFCE, but it's not going to be for everyone. A good guide to securing linux can reach a larger user base.
I'm sick at the moment, but I will work on bringing the old guide over. I'd like to see Linux Malware Detection, Firejail, and other things added. We may even want to touch on SELinux/AppArmor/grsecurity. Anyone who can write concise details on security would be more than welcome to help. Other things I've experimented with on Linux would be things like AIDE and tripwire HIDS, Bro NIDS, various firewalls, Sophos Linux Antivirus (free), kernel hardening, and so forth. There's a lot of stuff out there that may or may not help, and I'd be happy discuss it here after I copy over the initial guide.
It's also worth noting OpenBSD is secure out of the box, in a configuration where SSH is basically the only service remotely available. As you add network services, it reduces security unless you secure them appropriately, just like any other OS.
@snarkyguy I was thinking about this the day these forums opened. Then I went back over to crunchbang to take a look and started just skimming through the thread to figure out how much work it would be.
But seriously, I'm glad you want to take on the job. I'd be happy to contribute in some way once something is up. In fact if you want to collaborate a bit you can shoot me a PM. I may not respond right away but I will answer.
The university is well structured, well tooled, to turn out people with all the sharp edges worn off...." Mario Savio
"Protections for anonymous speech are vital to democratic discourse". Help enforce our right to free and anonymous speech by running a Tor relay.
I've been thinking of porting, as well as updating and cleaning / structuring, that guide. It's an excellent collection of resources, but it could use some serious formatting and refactoring. Would anybody be with me on that one?
@dot|not I'll make the same offer I did with snarkyguy. I'm willing to collaborate on this. The only reason I have not just gone ahead and done the whole thing myself is the amount of work involved. Shoot me a PM if you want to take the helm and I would be glad to assist. There is more than just some reformatting to do. Much needs to be checked for updated info, and there are a number of relevant things scattered through later parts of the thread that came after sorcerer's_apprentice stopped maintaining it.
^ Well no need to excuse yourself. It IS relevant. In fact I would be in favour of de-emphasizing some parts of the guide and referring people to the Securing Debian Manual where appropriate. This would make it easier to focus more on those other areas not covered there.
I'll make the same offer I did with snarkyguy. I'm willing to collaborate on this. The only reason I have not just gone ahead and done the whole thing myself is the amount of work involved. Shoot me a PM if you want to take the helm and I would be glad to assist. There is more than just some reformatting to do. Much needs to be checked for updated info, and there are a number of relevant things scattered through later parts of the thread that came after sorcerer's_apprentice stopped maintaining it.
Beside the things you mentioned there should also be a discussion about where this guide is going to, because as of now it's 'just' (Don't get me wrong, excellent work was done!) an assortment of links, tutorials, opinions. Do we want it to be a list of every somewhat-sane security- and/or privacy-related software or do we actually want it to be a guide how to be reasonably safe (in regards to safety and privacy) while using Bunsenlabs or Linux in general or even in general?
Our opinions on that seem to overlap greatly, indeed. I'm lucky enough to not be in a position where I'm depending on flawless COMSEC and OPSEC, so I get to tinker and learn. For me it's a hobby, and I'm glad that I can sometimes be of use to others with that.
there should also be a discussion about where this guide is going to....
Do we want it to be a list of every somewhat-sane security- and/or privacy-related software or do we actually want it to be a guide how to be reasonably safe (in regards to safety and privacy) while using Bunsenlabs or Linux in general or even in general?
I think editing-updating the original guide by sorcerer's_apprentice would be frustrating compared to simply writing something up from scratch. Using it as a rough guide to how to do this would on the other hand be quite useful. If this approach was taken, I would suggest in terms of attribution, "inspired by" would be appropriate.
Regarding what and how much to include, I would be in favour of including nearly every tool that was in the original and perhaps a bit that was not. With an approach to the subject emphasizing threat model and OPSEC. Some tools and tricks are "good enough" to cut down on corporate info harvesting etc and some things are for the next Edward Snowden or the investigative journalists they would work with.
Regarding how to handle the individual topics, I don't think writing a detailed guide to how to set up and use each tool is needed. In some cases this would be ok as some of the things are simple enough to handle this way. In other cases a link to a good guide with perhaps some brief comments would suffice.
I wholeheartedly agree. I spent some time this afternoon skimming through it, making notes, trying to find a way to get some order or structure into it, but ended up discarding every possible model I could come up with. It's just too wildly mixed. So not just an overhaul but a complete redo from scratch seems the only non-insane way; attribution via 'inspired by' ought to be enough, yeah.
A straightforward guide, sort of a basic checklist what you should and should not do in terms of security. ("There is this service enabled per default, you should disable it", "This setting for Firefox leaks information, do this", "This tool allows you to handpick outgoing network connections comfortably", etc.) Really as detailed and as much step-by-step as possible, specifically dedicated to and aimed towards not-so-savvy users.
Putting an emphasis und operational security might be a little bit out of scope for this guide, especially because it would potentially boring for the avid reader who 'just' wants to be a little bit more secure. While I'm enjoying reading about the way Hamas-operatives act your average visitor probably won't, he'd rather give us some weird looks. But I agree, including a section on how tooling is just that, tools, is a necessity.
Regarding the threat model and OPSEC stuff, I don't think what I had in mind is really all that different from where you are going. Threat model first, meaning "just give me the basics" vs "I work with whistle blowers". In the first scenario OPSEC is not that vital and can be treated as such. Just give them the basic tools and very basic pointers if needed. In the second scenario OPSEC does become more important and needs to be dealt with.
You mentioned in another post that this stuff is not so vital for you but more of a hobby type interest. That's how it started for me too, but lately I have begun strongly advocating the use of whistle blower quality surveillance circumvention tools to political activists. I've seen too many news stories about the surveillance state abusing so-called anti terrorist tools and targeting activists who are exercising their right to voice their disagreement with govt policies. Some of the stronger tools and techniques under discussion may also be appropriate for law firms, accountants or even just the technically curious etc. 152ee80cbc
arduino create for education download
the charismatic charlie wade pdf download chapter 41 to 50