hardenedbsd/HardenedBSD
1
0
Fork 0
mirror of https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git synced 2024-12-04 07:01:52 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
Home
Shawn Webb edited this page 2024-11-30 12:55:51 -07:00

Wiki Page Revisions

79 Commits

Author SHA1 Message Date
Shawn Webb
cefe688f04
Document change in net.inet.tcp.drop_synfin 
We now block TCP packets with SYN+FIN set.

Signed-off-by:	Shawn Webb <shawn.webb@hardenedbsd.org>
 2024-11-30 12:55:51 -07:00
Shawn Webb
0fff2bd388
Document latest enhancements 
The wiki was out-of-date for work that has transpired for the past few
months. This commit brings the wiki more up-to-date, though there may
still be some missing bits of information.

Signed-off-by:	Shawn Webb <shawn.webb@hardenedbsd.org>
 2024-11-03 21:18:33 -07:00
Shawn Webb
c4c3313bf0
HardenedBSD 13-STABLE is no longer supported 
Signed-off-by:	Shawn Webb <shawn.webb@hardenedbsd.org>
 2024-11-03 21:08:45 -07:00
Shawn Webb
aedd076093
Document `hardening.pax.prohibit_new_usb` sysctl tunable 
Signed-off-by:	Shawn Webb <shawn.webb@hardenedbsd.org>
 2024-01-25 02:34:53 +00:00
Shawn Webb
090f89d0a3
Be explicit about /usr/src 
Signed-off-by:	Shawn Webb <shawn.webb@hardenedbsd.org>
 2023-12-16 17:22:35 -07:00
Shawn Webb
43849c5c32
Update branches and add a blurb about building HardenedBSD 
Signed-off-by:	Shawn Webb <shawn.webb@hardenedbsd.org>
 2023-12-16 17:21:21 -07:00
Shawn Webb
f1091330ca
Document lack of OpenSSH RSA host keys 
Signed-off-by:	Shawn Webb <shawn.webb@hardenedbsd.org>
 2023-11-18 16:07:49 -07:00
Shawn Webb
e8fb239d6f
Document hardening vfs.lookup_cap_dotdot{,_nonlocal} 
Signed-off-by:	Shawn Webb <shawn.webb@hardenedbsd.org>
 2023-10-27 17:10:39 -06:00
Shawn Webb
7b3b635c77
Document verifying build artifacts 
Signed-off-by:	Shawn Webb <shawn.webb@hardenedbsd.org>
 2023-10-27 11:11:56 -06:00
Shawn Webb
596cf2abe1
Document more ptrace restrictions 
Signed-off-by:	Shawn Webb <shawn.webb@hardenedbsd.org>
 2023-06-21 17:21:35 -04:00
Shawn Webb
92777e8fc5
Document SHM hardening 
Signed-off-by:	Shawn Webb <shawn.webb@hardenedbsd.org>
 2023-05-28 19:08:35 -04:00
Shawn Webb
bf24864031
Provide more detail on default packet TTL value calculation 
Signed-off-by:	Shawn Webb <shawn.webb@hardenedbsd.org>
 2023-03-24 10:35:30 -04:00
Shawn Webb
2b5e797813
Document packet TTL randomization 
Signed-off-by:	Shawn Webb <shawn.webb@hardenedbsd.org>
 2023-03-23 15:02:51 -04:00
Shawn Webb
83a27d06ef
Document TTY pushback vulnerability mitigation 
Signed-off-by:	Shawn Webb <shawn.webb@hardenedbsd.org>
 2023-03-14 16:49:53 -04:00
Shawn Webb
fd712c4d75
Document recent changes 
Signed-off-by:	Shawn Webb <shawn.webb@hardenedbsd.org>
 2023-02-17 10:23:01 -05:00
Shawn Webb
7db4e5f37d
Document uuidgen(1) change 
Signed-off-by:	Shawn Webb <shawn.webb@hardenedbsd.org>
 2023-01-31 13:13:34 -05:00
Shawn Webb
b064043c0b
Also note that malloc(9) allocations are zeroed upon free 
Signed-off-by:	Shawn Webb <shawn.webb@hardenedbsd.org>
 2023-01-22 11:27:24 -05:00
Shawn Webb
cfcdf7dd88
Document ptrace hardening 
Signed-off-by:	Shawn Webb <shawn.webb@hardenedbsd.org>
 2023-01-21 19:22:55 -05:00
Shawn Webb
79469f4ffe
Provide better documentation on RTLD hardening 
Signed-off-by:	Shawn Webb <shawn.webb@hardenedbsd.org>
 2023-01-21 17:11:29 -05:00
Shawn Webb
2834f6a1ef
Document malloc(9) hardening 
Signed-off-by:	Shawn Webb <shawn.webb@hardenedbsd.org>
 2023-01-21 15:41:00 -05:00
Shawn Webb
9d96dbb928 Document hardening core dumps 
Signed-off-by:	Shawn Webb <shawn.webb@hardenedbsd.org>
 2022-11-07 09:12:03 -05:00
Shawn Webb
bb40a156fa Document new hardening.pax.kmod_load_disable sysctl tunable 
Signed-off-by:	Shawn Webb <shawn.webb@hardenedbsd.org>
 2022-10-21 19:36:22 -04:00
Loic
4a7cd9612c Add games/scratch 2022-09-26 16:13:12 +00:00
Loic
7240e4f5af Add two ports 2022-08-06 15:01:25 +00:00
Shawn Webb
b6d32c0485 Document RTLD hardening 
Signed-off-by:	Shawn Webb <shawn.webb@hardenedbsd.org>
 2022-06-11 17:20:02 -04:00
Shawn Webb
4b911606ca Update Home 2022-05-06 12:06:35 -04:00
Shawn Webb
8c991d3c87 Add fusefs to list of untrusted kernel modules 2022-04-12 16:50:38 -04:00
Shawn Webb
add97d58dd Document untrusted kernel modules 2022-04-08 17:51:07 -04:00
Loic
a2e834efb5 Added list of ports added by HardenedBSD 2022-03-05 07:06:26 -05:00
Loic
5e2cdb7c9b Add the "Ports and Packages Collection" part 2021-10-28 08:43:26 -04:00
Loic
22b5b4c01a Remove a old GitHub reference 2021-10-28 04:05:20 -04:00
Loic
f4c5787757 Correction of a link + version number 2021-10-28 03:35:47 -04:00
Shawn Webb
de5b85823a Add TCP/UDP blackholing hardening documentation 
Signed-off-by:	Shawn Webb <shawn.webb@hardenedbsd.org>
 2021-09-30 10:29:08 -04:00
Shawn Webb
6e268099a9 SEGVGUARD is enabled by default 
Signed-off-by:	Shawn Webb <shawn.webb@hardenedbsd.org>
 2021-09-05 19:59:18 -04:00
Shawn Webb
d4c916625c LibreSSL-in-base is no more 
Signed-off-by:	Shawn Webb <shawn.webb@hardenedbsd.org>
 2021-08-31 16:22:25 -04:00
Shawn Webb
f405fe6b71 Add more hardening feature documentation 
Signed-off-by:	Shawn Webb <shawn.webb@hardenedbsd.org>
 2021-08-31 12:33:36 -04:00
Shawn Webb
0df8cf7b52 Provide some updates 
Signed-off-by:	Shawn Webb <shawn.webb@hardenedbsd.org>
 2021-06-08 12:15:43 -04:00
Loic
d4474d2431 Update Home 2021-05-28 15:34:42 -04:00
Loic
e18ea92804 Update 0 Home 2021-05-28 15:15:38 -04:00
Loic
f4ae30ee63 Add French translation 2021-04-28 14:00:31 -04:00
Shawn Webb
a63e337058 Really fix typo 
Signed-off-by:	Shawn Webb <shawn.webb@hardenedbsd.org>
 2021-04-03 16:34:06 -04:00
Shawn Webb
6f56dbc8ed Fix typo 
Signed-off-by:	Shawn Webb <shawn.webb@hardenedbsd.org>
 2021-04-03 16:33:14 -04:00
Shawn Webb
809db511f0 Post-migration fixups 
After we migrated to GitLab, we need to fix up the wiki.

Signed-off-by:	Shawn Webb <shawn.webb@hardenedbsd.org>
 2021-04-03 16:31:38 -04:00
Shawn Webb
d0931cff32 Add link to variable auto-initialization section 
Signed-off-by:	Shawn Webb <shawn.webb@hardenedbsd.org>
 2021-01-15 18:27:06 -05:00
Shawn Webb
b6293f7c18 Document variable auto-initialization 
Signed-off-by:	Shawn Webb <shawn.webb@hardenedbsd.org>
 2021-01-15 18:25:18 -05:00
Shawn Webb
19ab76ab8b Remove stale link 
Signed-off-by:	Shawn Webb <shawn.webb@hardenedbsd.org>
 2020-10-27 18:42:22 -04:00
Shawn Webb
4b044e2580 Fix typo 
Signed-off-by:	Shawn Webb <shawn.webb@hardenedbsd.org>
 2020-07-11 10:06:17 -04:00
Shawn Webb
48fd7f4df5 Document ports hbsdcontrol integration 
Signed-off-by:	Shawn Webb <shawn.webb@hardenedbsd.org>
 2020-07-11 10:04:27 -04:00
zie
4e761046ba minor URL updates 2020-02-03 11:54:23 -08:00
zie
b4bb2808fe add an extra space 2020-02-03 10:32:37 -08:00