The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →
Linux-hardened Alternatives
Similar projects and alternatives to linux-hardened
-
-
vaultwarden
Unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
-
steam-for-linux
Issue tracking for the Steam for Linux beta client
-
hardened-kernel
Hardened kernel configuration optimized for virtual machines. - https://www.kicksecure.com/wiki/Hardened-kernel
-
-
kernel-hardening-checker
A tool for checking the security hardening options of the Linux kernel
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
focus-android
Discontinued ⚠️ Firefox Focus (Android) moved to a new repository. It is now developed and maintained as part of: https://github.com/mozilla-mobile/firefox-android
-
-
lynis
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
-
-
keepassxc
KeePassXC is a cross-platform community-driven port of the Windows application “Keepass Password Safe”.
-
-
opensnitch
OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.
-
-
firecracker-containerd
firecracker-containerd enables containerd to manage containers as Firecracker microVMs
-
-
usbguard
USBGuard is a software framework for implementing USB device authorization policies (what kind of USB devices are authorized) as well as method of use policies (how a USB device may interact with the system)
-
pass-import
A pass extension for importing data from most existing password managers
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
linux-hardened reviews and mentions
-
Question about immutability
Glossing over their hardening guide, we notice that the kernel-hardened package is mentioned. This is a fork of what once was the kernel of GrapheneOS. While this hardened kernel can be used on a variety of distros, unfortunately this doesn't apply to Fedora Silverblue. Furthermore, I haven't seen any mention of the hardened kernel being used on openSUSE Tumbleweed. Therefore I see no reason to believe that this is possible on openSUSE Aeon either. Though, I'd love to be corrected on this!
- How to obtain hardened kernel?
-
Let's Play with the Linux Kernel
Here is the source code for the hardened Linux kernel.
-
Deploying Firecracker VMs
so that we can use it liberally in CLI) > **Additionally, here's a 'building from the source section** - https://github.com/firecracker-microvm/firecracker/blob/main/docs/getting-started.md#building-from-source ### Running Firecracker > "*In production, Firecracker is designed to be run securely, inside an execution jail, carefully set up by the jailer binary. This is how our integration test suite does it. However, if you just want to see Firecracker booting up a guest Linux machine, you can do that as well.*" 1. We need to first obtain an "uncompressed Linux kernel binary, and an ext4 file system image (to use as rootfs)" ; great, these are two things that we need to seek out before we move forward in our 'adventure' (*this really feels like a "quest" of some sort, like the ones that they forced you to play on Runescape back in the days*) **How to Decompress Linux Kernel** (explicit instructions to be honest here) - https://0xax.gitbooks.io/linux-insides/content/Booting/linux-bootstrap-5.html **Linux-Hardened Kernel** - https://github.com/anthraxx/linux-hardened (this is something that they're all still actively working on at this very point in time) They also say that we need an 'ext4 file system image' (where do we obtain this from?) - found it **Full Guide on How to Create an EXT4 filesystem image here** -https://fabianlee.org/2020/01/13/linux-mounting-a-loopback-ext4-xfs-filesystem-to-isolate-or-enforce-storage-limits/ Assuming that the above has been handled, the directions insist that we create two separate shell prompts, (one to run Firecracker, and another one to control it [by writing to the API socket]; both shells have to run "in the same directory where the firecracker binary was placed") ^^ What? - This is a pain in the ass because this is something that they should've mentioned earlier (obv. everyone is going to move a binary where the rest of their binaries go ; and you're not going to just load up some random project to be used in that manner) - Not even sure what the end goal of opening up an API socket here would really be But fuck it, let's just assume that we play ball and we adhere to all of these (additional) steps that we're being put through (just for the setup up this virtualization tool!). ### Following Through on the Next Steps 1. Ensuring that Firecracker can create its own API ``` bash rm -f /tmp/firecracker.socket
-
The flashing screen bug seems to be fixed with the 5.19.13 kernel
Officially supported kernels Community support on forum and bug reporting is available for officially supported kernels. Stable — Vanilla Linux kernel and modules, with a few patches applied. https://www.kernel.org/ || linux Hardened — A security-focused Linux kernel applying a set of hardening patches to mitigate kernel and userspace exploits. It also enables more upstream kernel hardening features than linux. https://github.com/anthraxx/linux-hardened || linux-hardened Longterm — Long-term support (LTS) Linux kernel and modules. https://www.kernel.org/ || linux-lts Zen Kernel — Result of a collaborative effort of kernel hackers to provide the best Linux kernel possible for everyday systems. Some more details can be found on https://liquorix.net (which provides kernel binaries based on Zen for Debian). https://github.com/zen-kernel/zen-kernel || linux-zen
-
windows kernel patch guard-like for linux ?
Those two don't protect the kernel itself from "misuse". To do that, there are ways like kernel hardening 3, using hardened kernel 4 5.
-
Is Arch dangerously out of date?
You can find the repository here: https://github.com/anthraxx/linux-hardened/ And IRC channel is #linux-hardening on libera.
-
Linux-hardened kernel on Pop OS?
So, I recently discovered linux-hardened, a kernel that is tweaked for extreme security. I would like to use it on my second machine that runs Pop OS (Ubuntu-based)
The instructions are located at https://github.com/anthraxx/linux-hardened/blob/master/Documentation/admin-guide/README.rst
-
A note from our sponsor - WorkOS
workos.com | 29 Mar 2024
Stats
anthraxx/linux-hardened is an open source project licensed under GNU General Public License v3.0 or later which is an OSI approved license.
The primary programming language of linux-hardened is C.
Popular Comparisons
- linux-hardened VS zen-kernel
- linux-hardened VS vaultwarden
- linux-hardened VS checksec.sh
- linux-hardened VS hardened-kernel
- linux-hardened VS steam-for-linux
- linux-hardened VS kernel-hardening-checker
- linux-hardened VS lkrg
- linux-hardened VS focus-android
- linux-hardened VS lynis
- linux-hardened VS droid-native