Make terminology consistent

README.md

@@ -50,12 +50,12 @@ configuration file and significant hardening is applied to a myriad of component
   and thwart certain kernel exploitation attempts) and kernel warnings in the `WARN()` path.
 
 - Force immediate system reboot on the occurrence of a single kernel panic, reducing the
-  risk and impact of denial of service attacks and both cold and warm boot attacks.
+  risk and impact of denial-of-service attacks and both cold and warm boot attacks.
 
 - Force immediate kernel panic on OOM (out of memory) which the above setting will force
   an immediate system reboot, as opposed to placing any reliance on the oom_killer to
   avoid arbitrarily terminating security features based on their OOM score. Note this creates
-  the risk of userspace-based denial of service attacks that maliciously fill memory.
+  the risk of userspace-based denial-of-service attacks that maliciously fill memory.
 
 - Disable the use of legacy TIOCSTI operations which can be used to inject keypresses.
 

etc/default/grub.d/40_kernel_hardening.cfg#security-misc-shared

@@ -126,7 +126,7 @@ GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX debugfs=off"
 ## Panics may be due to false-positives such as bad drivers.
 ## Oopses are serious but non-fatal errors.
 ## Certain "oopses" can sometimes indicate and thwart potential kernel exploitation attempts.
-## Note that by forcing kernel panics on oopses, this exposes the system to targeted denial of service attacks.
+## Note that by forcing kernel panics on oopses, this exposes the system to targeted denial-of-service attacks.
 ##
 ## https://en.wikipedia.org/wiki/Kernel_panic#Linux
 ## https://en.wikipedia.org/wiki/Linux_kernel_oops

usr/lib/sysctl.d/990-security-misc.conf#security-misc-shared

@@ -171,7 +171,7 @@ kernel.perf_event_paranoid=3
 ## Certain "oopses" can sometimes indicate and thwart potential kernel exploitation attempts.
 ## Warnings are messages generated by the kernel to indicate unexpected conditions or errors.
 ## By default, code execution continues regardless of warnings emitted by macros like WARN() and WARN_ON().
-## Note that by forcing kernel panics on oopses and warnings, this exposes the system to targeted denial of service attacks.
+## Note that by forcing kernel panics on oopses and warnings, this exposes the system to targeted denial-of-service attacks.
 ##
 ## https://en.wikipedia.org/wiki/Kernel_panic#Linux
 ## https://en.wikipedia.org/wiki/Linux_kernel_oops
@@ -188,7 +188,7 @@ kernel.perf_event_paranoid=3
 #kernel.warn_limit=1
 
 ## Force immediate system reboots on the occurrence of a single kernel panic.
-## Increases resilience and limits impact of denial of service attacks as system automatically restarts.
+## Increases resilience and limits impact of denial-of-service attacks as system automatically restarts.
 ## Ensures the system does not hang forever if a panic occurs, reducing susceptibility to both cold and warm boot attacks.
 ## Immediate rebooting also prevents persistent information disclosure on panic details that were dumped to screen.
 ##
@@ -531,7 +531,7 @@ net.ipv6.conf.*.accept_source_route=0
 ## Do not accept IPv6 router advertisements (RAs) and solicitations.
 ## RAs are unsecured and unauthenticated and any device on the local link can send and accept them without verification.
 ## Malicious RAs can activate IPv6 connectivity on dormant hosts leading to unauthorized access.
-## Flooding the network with malicious RAs can lead to denial of service attacks.
+## Flooding the network with malicious RAs can lead to denial-of-service attacks.
 ## Rogue RAs can lead to interception of all network traffic by setting the attacker's system as the default gateway.
 ##
 ## https://datatracker.ietf.org/doc/html/rfc6104

usr/libexec/security-misc/panic-on-oops#security-misc-shared

@@ -24,7 +24,8 @@ sysctl kernel.oops_limit=1
 sysctl kernel.warn_limit=1
 
 ## Makes the system immediately reboot on the occurrence of a single
-## kernel panic. This reduces the risk and impact of denial of
-## service attacks and both cold and warm boot attacks.
+## kernel panic. This reduces the risk and impact of denial-of-service
+## attacks and both cold and warm boot attacks.
+##
 ## https://docs.kernel.org/admin-guide/sysctl/kernel.html#panic
 sysctl kernel.panic=-1