decal's security shed

operating systems


LKM for Linux kernel version 2.2.22 that defeats TCP fingerprinting techniques used by tools like nmap and queso. It was originally a patch written by Sean Trifero for the kernel source tree which I ported to a loadable kernel module. The Linux TCP stack has changed significantly since September of 2002 when it was first released. However, porting it to the latest kernel isn't out of the question and the required modifications can be easily gleaned from the code..

tmux.txt Terminal Multiplexer Cheat Sheet in text/plain

Microsoft Windows Control Panel Applet Filenames

List of CLSID or Windows Class Identifiers to open Windows Special Folders

fstat -nv


OSen for Network Routers/Switches/etc.

System hardening templates for both server and router operating systems

Aerohive CLI Guide for HiveOS 6.6r1 (VPN Gateway Virtual Appliance)


Microsoft Windows: A lower Total Cost of 0wnership

Secure Windows Server

MSDN Blogs: The Old New Thing (Low-Level Microsoft Stuff)

Windows Networking at MSDN

Inside the Native API

Essential Microsoft Security Downloads

Office 365 API

The joeware utilities... Saving administrators around the world time and frustration for over twelve years..

Canonical Names of Control Panel Items

Where the CLSIDs of special Explorer objects can be found?

Geoff Chapell, Software Analyst - Windows Studied

ReactOS® is a free open-source operating system based on the best design principles of Windows NT® architecture written from scratch

Open source automated malware analysis system for Windows

Wikipedia Windows components Category

MSDN Featured Security Content

Analyze Crashes to Find Security Vulnerabilities in Your Apps

Windows Security Survival Guide (Microsoft TechNet Wiki Article)

Signing into Windows 8 with a Windows Live ID (Building Windows 8 MSDN Blog)

Signing in with a picture password (Building Windows 8 MSDN Blog)

Optimizing picture password security (Building Windows 8 MSDN Blog)

TLS/SSL Tools and Settings Windows Server 2003

Certificate Tools and Settings Windows Server 2003

DNS Support for Active Directory Tools and Settings Windows Server 2003

Microsoft PE and COFF Specification

Windows Server 2012 Command-Line Reference

Cryptography API: Next Generation (Windows)

Windows Resource Kits - Web Resources

Configure a Web Farm with IIS Servers

Description of Software Update Services and Windows Server Update Services changes in content for 2012

Security Tools to Administer Windows Server 2012

Solution Accelerators: Security Compliance Manager (SCM)

Name Resolution Technologies Windows Server 2003

A-Z Technologies List Windows Server 2003

Microsoft Windows Sysinternals Suite

Mark Russinovich's (Sysinternals author's) technical blog covering topics such as Windows troubleshooting, technologies and security.

Microsoft Server & Developer Tools Blogs

NTDebugging: Advanced Windows Debugging and Troubleshooting

XML Paper Specification (Updated: October 24, 2006)

Back Issues of Microsoft Systems Journal

IT Security Cookbook (technical guidelines for UNIX, Firewalls, NT, Web, Win95, OLTP, Oracle, Sybase)


Categorized Listing of Generic Linux Commands

"Swiss army knife for your daily Linux network plumbing"

Ubuntu CVE Tracker

The Open Group Base Specifications Issue 7
 IEEE Std 1003.1, 2013 Edition

W. Richard Stevens' Home Page (Note: He passed away in 1999)

The Linux Security Auditing Tool (LSAT) is a post install security auditor for Linux/Unix hosted by SourceForge ©LSAT checks many system configurations and local network settings on the system for common security/config errors and for packages that are not needed. is a place to upload, download, and share your dotfiles

The Linux Documentation Project - Search Linux Documentation, Manual Pages and More..

Linux Kernel Newbies Wiki

Linux Kernel Networking

Core Netlink Library Documentation

How to Participate in the Linux Community

Open Source Enterprise-Class Linux Network Management via Web Console

The Rosetta Stone for UNIX

The UNIX Acronym List

Long list of UNIX commands with descriptions

Enabling High Performance Data Transfers

Open Source Software Security Wiki

Linux Standards Base Specifications Archive

Linux Assigned Names and Numbers Authority

ACPI establishes industry-standard interfaces enabling OS-directed configuration, and power/thermal management of mobile, desktop and server platforms

libvirt: The Virtualization API

Linux procps tools

What every programmer should know about memory, Parts 1-9

Ulrich Depper's Home Page (has good Linux links!)

UML (User-mode Linux) as a HoneyPot ...

Michael Kerrish:

MPI in Thirty Minutes


The TrustedBSD Project is an open source community developing advanced security features for the open source FreeBSD operating system

EdgeBSD aims at being fun and attractive as a Research & Development platform while remaining a modern, robust, and industrial-grade system for all ranges of computer devices.



The TTY Demystified

Bitrig is a free, fast, and secure Unix-like Open Source operating system and an OpenBSD fork!

Various Cheat Sheets for AIX, Solaris, Linux, etc.

Securing Linux Systems with AppArmor by Crispin Cowan at BlackHat USA 2015

Mike Gancarz: The UNIX Philosophy

Famous UNIX Philosophy Quotes

man pages section 1M: System Administration Commands (October 2012)

"Why NFS Sucks"

Sudo (su "do") allows a system administrator to delegate authority to give certain users (or groups of users) the ability to run some (or all) commands as root or another user while providing an audit trail of the commands and their arguments - Looking for information on a certain UNIX? - write down a command-line to see the help text that matches each argument

The Command Line Rosetta Stone

  • Solaris
  • Tru64 UNIX
  • AIX
  • FreeBSD
  • HP-UX
  • IRIX
  • LynxOS
  • NetBSD
  • Mac OSX
  • QNX
  • Minix
  • OpenBSD
  • SCO

"Oracle" Solaris

Solaris is a server software suite (technically speaking, SunOS is the actual kernel) that was originally developed by Sun Microsystems, so it was created by the same company that introduced the world to the Java programming language. However, Sun Microsystems made several key mistakes. One of which was jumping the gun on cloud computing, i.e. they had thin clients using smart card authentication to access active X11 sessions from any cluster-connected terminal. They pioneered many Internet protocols including: NFS, YP/NIS, ONC RPC with XDR (also known as SunRPC and sometimes used by Linux), and others. However, they were seduced by a trend that was on its way to the ubiquitous popularity it has today: open source software.

Sun's fascination with open source caused it to neglect hardware commitments--they were also the inventor of SPARC, a unique RISC architecture used as a platform for both thin clients and rackmount servers alike. Moore's Law caught up with SPARC and suddenly Intel's Itanium and even Pentium became competitive with Sun in the server hardware market after Sun started to lose some of its software market dominance (which in hindsight could have also partially been due to Microsoft's healthy competition from .NET.) For more info on the ultimate failure story of Sun Microsystems, refer to this Forbes article from the first calendar quarter of 2009 when the writing on the wall had become plain for all to see.

Trusted Solaris Proc Tools
Print the /proc tracing flags, the pending and held signals, and other /proc status information for each LWP in each process.

Print the credentials (effective, real, saved UIDs and GIDs) of each process.
Print the address space map of each process.
List the dynamic libraries linked into each process, including shared objects explicitly attached using dlopen(3DL). See also ldd(1).
List the signal actions of each process. See signal(3HEAD).
Print a hex+symbolic stack trace for each LWP in each process.
Report fstat(2) and fcntl(2) information for all open files in each process.
Print the current working directory of each process.
Stop each process (PR_REQUESTED stop).
Set each process running (inverse of pstop).
Wait for all of the specified processes to terminate.
Print the process trees containing the specified pids or users, with child processes indented from their respective parent processes. An argument of all digits is taken to be a process-id, otherwise it is assumed to be a user login name. Default is all processes.
Time the command, like time(1), but using microstate accounting for reproducible precision. Unlike time(1) children of the command are not timed.
Get the viewable process attribute flags. See the pattr(1) man page for more information.
Get the process clearance. See the pclear(1) man page for more information.
Get the label of a process. See the plabel(1) man page for more information.
Get the effective privileges of a process. See the ppriv(1) man page for more information.
Test the effective privilege set of a process. See the pprivtest(1) man page for more information.

Solaris™ 2.x - Tuning Your TCP/IP Stack and More

Solaris Internals and Performance FAQ

A Brief History of the filesystem mounted under: /proc

OSGi & the Internet of Things (IoT)

OSGi's primary goal is to take the pain out of developing bundles..


Wikipedia Category: Operating system security

Wikipedia Comparison of command shells article

Open Technology - Real Service

Official Microsoft Account on CodePlex; Coordinator for Many Projects

Microsoft TechNet: Ten Immutable Laws of Security (Version 2.0)

SCADA Security Mailing List

Plan9 from Bell Labs

osFree project: development of an open source analogue to OS/2 Warp 4 (Merlin)

Dynamic Instrumentation Tool Platform

Versatile FileSystem Tracing with TraceFS

The Confused Deputy

Time Zone Descriptions

POSIX Environment Variable Names

Legacy Technology

Valid XHTML 1.0 Transitional  Valid CSS!