decal's security shed

operating systems

internal

linux-2.2.22-stealth.diff

LKM for Linux kernel version 2.2.22 that defeats TCP fingerprinting techniques used by tools like nmap and queso. It was originally a patch written by Sean Trifero for the kernel source tree which I ported to a loadable kernel module. The Linux TCP stack has changed significantly since September of 2002 when it was first released. However, porting it to the latest kernel isn't out of the question and the required modifications can be easily gleaned from the code..

tmux.txt Terminal Multiplexer Cheat Sheet in text/plain

C-b Send the prefix key (C-b) through to the application. C-o Rotate the panes in the current window forwards. C-z Suspend the tmux client. ! Break the current pane out of the window. " Split the current pane into two, top and bottom. # List all paste buffers. $ Rename the current session. % Split the current pane into two, left and right. & Kill the current window. ' Prompt for a window index to select. , Rename the current window. - Delete the most recently copied buffer of text. . Prompt for an index to move the current window. 0 to 9 Select windows 0 to 9. : Enter the tmux command prompt. ; Move to the previously active pane. = Choose which buffer to paste interactively from a list. ? List all key bindings. D Choose a client to detach. [ Enter copy mode to copy text or view the history. ] Paste the most recently copied buffer of text. c Create a new window. d Detach the current client. f Prompt to search for text in open windows. i Display some information about the current window. l Move to the previously selected window. n Change to the next window. o Select the next pane in the current window. p Change to the previous window. q Briefly display pane indexes. r Force redraw of the attached client. s Select a new session for the attached client interacâ€ L Switch the attached client back to the last session. t Show the time. w Choose the current window interactively. x Kill the current pane. { Swap the current pane with the previous pane. } Swap the current pane with the next pane. ~ Show previous messages from tmux, if any. Page Up Enter copy mode and scroll one page up. Up, Down Left, Right Change to the pane above, below, to the left, or to the right of the current pane. M-1 to M-5 Arrange panes in one of the five preset layouts: even- horizontal, even-vertical, main-horizontal, main-vertiâ€cal, or tiled. M-n Move to the next window with a bell or activity marker. M-o Rotate the panes in the current window backwards. M-p Move to the previous window with a bell or activity marker. C-Up, C-Down C-Left, C-Right Resize the current pane in steps of one cell. M-Up, M-Down M-Left, M-Right Resize the current pane in steps of five cells. Microsoft Windows Control Panel Applet Filenames

List of CLSID or Windows Class Identifiers to open Windows Special Folders

fstat -nv

external

OSen for Network Routers/Switches/etc.

System hardening templates for both server and router operating systems

Aerohive CLI Guide for HiveOS 6.6r1 (VPN Gateway Virtual Appliance)

Windows

Microsoft Windows: A lower Total Cost of 0wnership

Secure Windows Server

MSDN Blogs: The Old New Thing (Low-Level Microsoft Stuff)

Windows Networking at MSDN

Inside the Native API

windows-commandline.com

Essential Microsoft Security Downloads

Office 365 API

The joeware utilities... Saving administrators around the world time and frustration for over twelve years..

Canonical Names of Control Panel Items

Where the CLSIDs of special Explorer objects can be found?

Geoff Chapell, Software Analyst - Windows Studied

ReactOS® is a free open-source operating system based on the best design principles of Windows NT® architecture written from scratch

Open source automated malware analysis system for Windows

ldapexplorer.com

Wikipedia Windows components Category

MSDN Featured Security Content

Analyze Crashes to Find Security Vulnerabilities in Your Apps

Windows Security Survival Guide (Microsoft TechNet Wiki Article)

Signing into Windows 8 with a Windows Live ID (Building Windows 8 MSDN Blog)

Signing in with a picture password (Building Windows 8 MSDN Blog)

Optimizing picture password security (Building Windows 8 MSDN Blog)

TLS/SSL Tools and Settings Windows Server 2003

Certificate Tools and Settings Windows Server 2003

DNS Support for Active Directory Tools and Settings Windows Server 2003

Microsoft PE and COFF Specification

Windows Server 2012 Command-Line Reference

Cryptography API: Next Generation (Windows)

Windows Resource Kits - Web Resources

Configure a Web Farm with IIS Servers

Description of Software Update Services and Windows Server Update Services changes in content for 2012

Security Tools to Administer Windows Server 2012

Solution Accelerators: Security Compliance Manager (SCM)

Name Resolution Technologies Windows Server 2003

A-Z Technologies List Windows Server 2003

Microsoft Windows Sysinternals Suite

Mark Russinovich's (Sysinternals author's) technical blog covering topics such as Windows troubleshooting, technologies and security.

Microsoft Server & Developer Tools Blogs

NTDebugging: Advanced Windows Debugging and Troubleshooting

XML Paper Specification (Updated: October 24, 2006)

Back Issues of Microsoft Systems Journal

IT Security Cookbook (technical guidelines for UNIX, Firewalls, NT, Web, Win95, OLTP, Oracle, Sybase)

Linux

Categorized Listing of Generic Linux Commands

"Swiss army knife for your daily Linux network plumbing"

Ubuntu CVE Tracker

The Open Group Base Specifications Issue 7
IEEE Std 1003.1, 2013 Edition

W. Richard Stevens' Home Page (Note: He passed away in 1999)

The Linux Security Auditing Tool (LSAT) is a post install security auditor for Linux/Unix hosted by SourceForge ©. LSAT checks many system configurations and local network settings on the system for common security/config errors and for packages that are not needed.

dotfiles.org is a place to upload, download, and share your dotfiles

The Linux Documentation Project

linuxdoc.org

linux.die.net - Search Linux Documentation, Manual Pages and More..

Linux Kernel Newbies Wiki

Linux Kernel Networking

Core Netlink Library Documentation

How to Participate in the Linux Community

Open Source Enterprise-Class Linux Network Management via Web Console

The Rosetta Stone for UNIX

The UNIX Acronym List

Long list of UNIX commands with descriptions

Enabling High Performance Data Transfers

Open Source Software Security Wiki

Linux Standards Base Specifications Archive

Linux Assigned Names and Numbers Authority

ACPI establishes industry-standard interfaces enabling OS-directed configuration, and power/thermal management of mobile, desktop and server platforms

libvirt: The Virtualization API

Linux procps tools

What every programmer should know about memory, Parts 1-9

Ulrich Depper's Home Page (has good Linux links!)

UML (User-mode Linux) as a HoneyPot ...

Michael Kerrish: man7.org

MPI in Thirty Minutes

UNIX

The TrustedBSD Project is an open source community developing advanced security features for the open source FreeBSD operating system

EdgeBSD aims at being fun and attractive as a Research & Development platform while remaining a modern, robust, and industrial-grade system for all ranges of computer devices.

MirBSD

TrueOS

The TTY Demystified

Bitrig is a free, fast, and secure Unix-like Open Source operating system and an OpenBSD fork!

Various Cheat Sheets for AIX, Solaris, Linux, etc.

Securing Linux Systems with AppArmor by Crispin Cowan at BlackHat USA 2015

Mike Gancarz: The UNIX Philosophy

Famous UNIX Philosophy Quotes

man pages section 1M: System Administration Commands (October 2012)

"Why NFS Sucks"

Sudo (su "do") allows a system administrator to delegate authority to give certain users (or groups of users) the ability to run some (or all) commands as root or another user while providing an audit trail of the commands and their arguments

unixpower.org - Looking for information on a certain UNIX?
explainshell.com - write down a command-line to see the help text that matches each argument

The Command Line Rosetta Stone

Solaris

Tru64 UNIX

AIX

FreeBSD

HP-UX

IRIX

LynxOS

NetBSD

Mac OSX

QNX

Minix

OpenBSD

SCO

"Oracle" Solaris

Solaris is a server software suite (technically speaking, SunOS is the actual kernel) that was originally developed by Sun Microsystems, so it was created by the same company that introduced the world to the Java programming language. However, Sun Microsystems made several key mistakes. One of which was jumping the gun on cloud computing, i.e. they had thin clients using smart card authentication to access active X11 sessions from any cluster-connected terminal. They pioneered many Internet protocols including: NFS, YP/NIS, ONC RPC with XDR (also known as SunRPC and sometimes used by Linux), and others. However, they were seduced by a trend that was on its way to the ubiquitous popularity it has today: open source software.

Ironically, this wasn't long after Sun attempted to sue Kevin Mitnick for millions of dollars based on his alleged access of Sun-owned source code.

Sun's fascination with open source caused it to neglect hardware commitments--they were also the inventor of SPARC, a unique RISC architecture used as a platform for both thin clients and rackmount servers alike. Moore's Law caught up with SPARC and suddenly Intel's Itanium and even Pentium became competitive with Sun in the server hardware market after Sun started to lose some of its software market dominance (which in hindsight could have also partially been due to Microsoft's healthy competition from .NET.) For more info on the ultimate failure story of Sun Microsystems, refer to this Forbes article from the first calendar quarter of 2009 when the writing on the wall had become plain for all to see.

Trusted Solaris Proc Tools

pflags

Print the /proc tracing flags, the pending and held signals, and other /proc status information for each LWP in each process.

pcreds

Print the credentials (effective, real, saved UIDs and GIDs) of each process.

pmap

Print the address space map of each process.

pldd

List the dynamic libraries linked into each process, including shared objects explicitly attached using dlopen(3DL). See also ldd(1).

psig

List the signal actions of each process. See signal(3HEAD).

pstack

Print a hex+symbolic stack trace for each LWP in each process.

pfiles

Report fstat(2) and fcntl(2) information for all open files in each process.

pwdx

Print the current working directory of each process.

pstop

Stop each process (PR_REQUESTED stop).

prun

Set each process running (inverse of pstop).

pwait

Wait for all of the specified processes to terminate.

ptree

Print the process trees containing the specified pids or users, with child processes indented from their respective parent processes. An argument of all digits is taken to be a process-id, otherwise it is assumed to be a user login name. Default is all processes.

ptime

Time the command, like time(1), but using microstate accounting for reproducible precision. Unlike time(1) children of the command are not timed.

pattr

Get the viewable process attribute flags. See the pattr(1) man page for more information.

pclear

Get the process clearance. See the pclear(1) man page for more information.

plabel

Get the label of a process. See the plabel(1) man page for more information.

ppriv

Get the effective privileges of a process. See the ppriv(1) man page for more information.

pprivtest

Test the effective privilege set of a process. See the pprivtest(1) man page for more information.

Solaris

solaris-x86.org/security
Solaris™ 2.x - Tuning Your TCP/IP Stack and More

Solaris Internals and Performance FAQ

A Brief History of the filesystem mounted under: /proc

OSGi & the Internet of Things (IoT)

http://upload.wikimedia.org/wikipedia/commons/c/c9/Osgi-system-layering.svg

OSGi's primary goal is to take the pain out of developing bundles..

Miscellaneous

Wikipedia Category: Operating system security

Wikipedia Comparison of command shells article

Open Technology - Real Service

Official Microsoft Account on CodePlex; Coordinator for Many Projects

Microsoft TechNet: Ten Immutable Laws of Security (Version 2.0)

SCADA Security Mailing List

Plan9 from Bell Labs

osFree project: development of an open source analogue to OS/2 Warp 4 (Merlin)

Dynamic Instrumentation Tool Platform

Versatile FileSystem Tracing with TraceFS

The Confused Deputy

Time Zone Descriptions

POSIX Environment Variable Names

Legacy Technology