Commit Graph

835 Commits

Author SHA1 Message Date
Patrick Schleizer
ec78a3e42e
Merge pull request #17 from madaidan/patch-13
Disable coredumps
2019-06-30 08:10:28 +00:00
Patrick Schleizer
67de5247c8
Merge branch 'master' into patch-13 2019-06-30 08:10:04 +00:00
Patrick Schleizer
9525ff87c6
Merge pull request #16 from madaidan/patch-12
Mount /proc with hidepid=2
2019-06-30 08:09:23 +00:00
madaidan
dbfb9e1cdf
Update control 2019-06-30 00:21:46 +00:00
madaidan
024a698249
Update control 2019-06-30 00:20:38 +00:00
madaidan
230ef34db4
Create disable-coredumps.conf 2019-06-30 00:19:04 +00:00
madaidan
1bf802f846
Create coredumps.conf 2019-06-30 00:16:50 +00:00
madaidan
f040081a59
Prevent setuid processes from creating coredumps. 2019-06-30 00:13:52 +00:00
madaidan
c6b669f1a5
Create disable-coredumps.conf 2019-06-30 00:11:13 +00:00
madaidan
22267c895b
Update control 2019-06-29 22:30:41 +00:00
madaidan
a2c676ed48
Update proc-hidepid.service 2019-06-29 22:28:41 +00:00
madaidan
dcf57bebf0
Create proc-hidepid.service 2019-06-29 22:27:24 +00:00
Patrick Schleizer
24b19c5976
bumped changelog version 2019-06-29 10:35:13 +00:00
Patrick Schleizer
befa03fea8
fix lintian warning 2019-06-29 10:34:48 +00:00
Patrick Schleizer
250919b821
Merge remote-tracking branch 'origin/master' 2019-06-29 06:06:02 -04:00
Patrick Schleizer
60e6dfcbff
Merge pull request #15 from madaidan/patch-11
Update control
2019-06-29 10:05:34 +00:00
madaidan
9e9c854d27
Update control 2019-06-28 11:34:35 +00:00
madaidan
b26d861dff
Update control 2019-06-28 11:33:48 +00:00
Patrick Schleizer
ecf5d80fdf
bumped changelog version 2019-06-28 07:20:53 +00:00
Patrick Schleizer
36c2b1d283
fix lintian warning 2019-06-28 07:18:30 +00:00
Patrick Schleizer
a978fe1000
chmod +x usr/lib/security-misc/remove-system.map 2019-06-28 07:17:35 +00:00
Patrick Schleizer
fe69dc6173
bumped changelog version 2019-06-28 07:09:35 +00:00
Patrick Schleizer
6a6afc347a
update files list 2019-06-28 03:02:49 -04:00
Patrick Schleizer
ccb89cfd55
Merge remote-tracking branch 'origin/master' 2019-06-28 03:00:21 -04:00
Patrick Schleizer
ab312235ba
Merge pull request #14 from madaidan/patch-10
Add some hardening for other distributions
2019-06-28 06:59:16 +00:00
Patrick Schleizer
5e02100e34
Merge pull request #13 from madaidan/patch-9
Remove System.map and restrict the SysRq key.
2019-06-28 06:58:32 +00:00
Patrick Schleizer
7e12e16dc0
Merge pull request #11 from madaidan/patch-7
Protect against DMA attacks
2019-06-28 06:57:42 +00:00
madaidan
3801a53a9e
Update tcp_hardening.conf 2019-06-27 18:17:58 +00:00
madaidan
c54125270b
Create dmesg_restrict.conf 2019-06-27 18:15:57 +00:00
madaidan
b809185008
Update remove-system-map.service 2019-06-27 16:09:52 +00:00
madaidan
9392c8deb2
Update remove-system.map 2019-06-26 15:03:54 +00:00
madaidan
8ef0db17e6
Use a for loop to detect if System.map exists 2019-06-26 12:59:45 +00:00
madaidan
3116a56f13
Create remove-system-map.service 2019-06-25 19:25:32 +00:00
madaidan
382e336f69
Create remove-system.map 2019-06-25 19:20:27 +00:00
madaidan
01c839c815
Restrict what the SysRq key can do 2019-06-25 19:16:43 +00:00
Patrick Schleizer
0a0be1ad28
bumped changelog version 2019-06-23 19:57:42 +00:00
Patrick Schleizer
7806af1419
readme 2019-06-23 19:51:53 +00:00
Patrick Schleizer
4e32438d75
debian/control syntax fix 2019-06-23 19:47:05 +00:00
Patrick Schleizer
a098b18560
Merge remote-tracking branch 'origin/master' 2019-06-23 19:46:30 +00:00
Patrick Schleizer
90d676ec18
Merge pull request #12 from madaidan/patch-8
Update control
2019-06-23 19:45:31 +00:00
madaidan
1a07d90ed2
Update control 2019-06-23 19:26:03 +00:00
Patrick Schleizer
2a6289980e
syntax fix
GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX mds=full,nosmt"

https://forums.whonix.org/t/kernel-hardening/7296/70
2019-06-23 18:46:52 +00:00
Patrick Schleizer
f1147318c0
Merge remote-tracking branch 'origin/master' 2019-06-23 18:45:41 +00:00
Patrick Schleizer
aec6da28e9
Merge pull request #10 from madaidan/patch-6
Enable more kernel hardening parameters
2019-06-23 18:45:24 +00:00
madaidan
641407c8e9
Enable IOMMU 2019-06-23 18:38:50 +00:00
madaidan
07c6362f1a
Blacklist thunderbolt and firewire 2019-06-23 18:34:45 +00:00
madaidan
2178fb37a8
Add more kernel hardening parameters 2019-06-23 17:54:34 +00:00
Patrick Schleizer
cd7346699c
bumped changelog version 2019-06-23 12:22:13 +00:00
Patrick Schleizer
60334797d0
/etc/sysctl.d/tcp_sack.conf 2019-06-23 09:00:12 +00:00
Patrick Schleizer
d404624bac
bumped changelog version 2019-06-23 08:38:01 +00:00