security.md

!meta title="Security"

Research and development in security:

• Creepy - Geolocation OSINT Tool (package).
• Qubes OS:
  • Qubes - Debian Wiki.
  • i3 | Qubes OS.
  • Qubes OS 3.2 [LWN.net].
• bitmask and LEAP.
• port knocking.
• hardened systems: apparmor, gradm2, firejail, seccomp, etc.
• sshd:
  • https://stribika.github.io/2015/01/04/secure-secure-shell.html
  • https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774711#60
  • http://security.stackexchange.com/questions/64562/how-should-i-defend-against-zero-day-attack-on-ssh
  • https://charlieharvey.org.uk/page/ssh_port_pros_and_cons
• fuzzy testing: fusil, etc.
• router: serial console to other boxes with dhe luks! :)
• Mailcap, HTML and AppArmor.
• Increased security on smtp/imaps password storage:
  • https://github.com/sup-heliotrope/sup/wiki/Securely-Store-Password
  • http://serverfault.com/questions/149452/how-can-i-use-fetchmail-or-another-email-grabber-with-osx-keychain-for-authent
  • http://mah.everybody.org/docs/mail/fetchmail_check
• Enhanced shell:
  • Add a counter-measure to prevent SSH timing attacks: http://users.ece.cmu.edu/~dawnsong/papers/ssh-timing.pdf http://www.slideshare.net/idsecconf/countermeasure-against-timing-attack-on-ssh-using-random-delay http://www.scribd.com/doc/59628153/Timing-Analysis-of-Keystrokes-and-Timing-Attacks-on-SSH-Revisited
• https://shodan.io
• https://censys.io
• https://keybase.io
• https://github.com/shadowsocks/shadowsocks-go