The last time I wrote about basic “Linux Server Hardening Security” tips. In this post I will write about the /proc/sys/kernel/cap-bound file which act as a powerful Linux hardening tool. This file holds the value of the kernel capability bounding set (expressed as a signed decimal number). This set is ANDed against the capabilities permitted to a process during exec. You can make changes to this file (bit value of cap-bound) and you can restrict many capabilities of process and put restrictions on root related process too. Using capability you can enable or disable Linux kernel modules loading, firewall, routing, raw sockets, locking of memory segments, restrictions on changing file ownership, restrictions on read and search of files and directories, sending signals to processes owned by others, modification of immutable and append-only file attributes, use of chroot(), rebooting the system, conman sys admin tasks such as mount, quotas, swapping and much more.
Linux is a free and open source operating system. However, Linux (and another open source operating system) can use and load device drivers without publicly available source code. These are vendor-compiled binary drivers without any source code and known as Binary Blobs. Die hard open source fans and Free Software Foundation (FSF) recommends completely removing all proprietary components including blobs. In this post, I will list seven best Linux distribution that meets the FSF’s strict guidelines and contains no proprietary components such as firmware and drivers.
Our FAQ section is updated in last few days with new howtos:
A DVD ripper software allows you to copying the content of a DVD to a hard disk drive. You transfer video on DVDs to different formats, or make a backup of DVD content, and to convert DVD video for playback on media players, streaming, and mobile phone. A few DVD rippers software can copy protected disks so that you can make discs unrestricted and region-free.
Debian GNU/Linux version 6.0 has been released ( jump to download ) after 24 months of constant development and available for download in various media format. Debian 6.0 is a free operating system, coming for the first time in two flavours. Alongside Debian GNU/Linux, Debian GNU/kFreeBSD is introduced with this version as a “technology preview”. It also supports various processor architectures and includes the KDE, GNOME, Xfce, LXDE and other desktop environments. It also features compatibility with the FHS v2.3 and software developed for version 3.2 of the LSB.