-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathnote.txt
146 lines (127 loc) · 4.22 KB
/
note.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
ISRG nssdb
ieee
pentoo
krn_drs
USB
bInterfaceClass 224 Wireless
bInterfaceSubClass 1 Radio Frequency
bInterfaceProtocol 1 Bluetooth
menuetos
FreeBSD fb: https://www.reddit.com/r/freebsd/comments/fbd80i/comment/fj9win7/?utm_source=share&utm_medium=web3x&utm_name=web3xcss&utm_term=1&utm_content=share_button
https://guides.library.cmu.edu/c.php?g=883178
https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml
TODO: proxy IMAP/POP3 traffic
TODO: check Whonix and Kicksecure
TODO: find and copy the browser hardening script to this project
TODO: DNS CAA CRL OCSP
Bruce Schneier, The NSA Is Breaking Most Encryption on the Internet (2013)
https://www.schneier.com/blog/archives/2013/09/the_nsa_is_brea.html
https://www.timesys.com/security/securing-your-linux-configuration-kernel-hardening/
SRV _kerberos._tcp.dc._msdcs.usilu.net
https://www.qemu.org/docs/master/system/arm/raspi.html
https://w3techs.com/technologies/overview/ssl_certificate
https://someonewhocares.org/hosts/
pki.intel.com
certificates.intel.com
www.intel.com
wss.im.qcloud.com
wss.tim.qq.com
sf.symcd.com
sf.symcb.com
https://www.tu-chemnitz.de/informatik/ce/files/guideline_master_thesis.pdf
https://www.uregina.ca/science/cs/graduate/theses/index.html
https://www.cs7.tf.fau.eu/teaching/student-theses/writing-your-thesis/
improve logs with dnsmasq logs
https://www.intel.com/content/dam/www/public/us/en/security-advisory/documents/intel-csme-security-white-paper.pdf
https://www.intel.com/content/www/us/en/support/articles/000008927/software/chipset-software.html
https://www.kaspersky.com/about/press-releases/2023_kaspersky-discloses-iphone-hardware-feature-vital-in-operation-triangulation-case
https://software.intel.com/sites/manageability/AMT_Implementation_and_Reference_Guide/default.htm
use chains and priorities instead of rule index
use dtoverlay=vc4-fkms-v3d for buggy new kernel
https://downloads.raspberrypi.com/raspios_arm64/images/raspios_arm64-2023-12-06/2023-12-05-raspios-bookworm-arm64.img.xz
https://downloads.raspberrypi.com/raspios_armhf/images/raspios_armhf-2023-12-06/2023-12-05-raspios-bookworm-armhf.img.xz
https://dnsnl.alekberg.net/dns-query{?dns}
https://doh.xfinity.com/dns-query{?dns}
https://doh.opendns.com/dns-query{?dns}
https://doh.familyshield.opendns.com/dns-query{?dns}
https://doh-02.spectrum.com/dns-query{?dns}
https://doh-01.spectrum.com/dns-query{?dns}
https://doh.quickline.ch/dns-query{?dns}
https://dns.google/dns-query{?dns}
https://dns64.dns.google/dns-query{?dns}
https://doh.dns.sb/dns-query{?dns}
https://doh.cox.net/dns-query
https://dns.quad9.net/dns-query
https://dns11.quad9.net/dns-query
https://dns10.quad9.net/dns-query
https://public.dns.iij.jp/dns-query
https://chrome.cloudflare-dns.com/dns-query
sed -i "s|...../dns-query|123456.nxdomain|g" code
apparmor
seccomp
enable_uart=0
gpu_mem=256
dtparam=disable-bt
dtparam=disable-wifi
otg_mode=0
""" Samples
FireFox
GET / HTTP/2
Host: www.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:120.0) Gecko/20100101 Firefox/120.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-GB,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
Chrome
:authority:
www.bing.com
:method:
GET
:path:
/
:scheme:
https
Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Accept-Encoding:
gzip, deflate, br
Accept-Language:
en-US,en;q=0.9
Cookie:
Sec-Ch-Ua:
"Not_A Brand";v="8", "Chromium";v="120", "Google Chrome";v="120"
Sec-Ch-Ua-Arch:
"x86"
Sec-Ch-Ua-Bitness:
"64"
Sec-Ch-Ua-Full-Version:
"120.0.6099.71"
Sec-Ch-Ua-Full-Version-List:
"Not_A Brand";v="8.0.0.0", "Chromium";v="120.0.6099.71", "Google Chrome";v="120.0.6099.71"
Sec-Ch-Ua-Mobile:
?0
Sec-Ch-Ua-Model:
""
Sec-Ch-Ua-Platform:
"Windows"
Sec-Ch-Ua-Platform-Version:
"10.0.0"
Sec-Fetch-Dest:
document
Sec-Fetch-Mode:
navigate
Sec-Fetch-Site:
none
Sec-Fetch-User:
?1
Upgrade-Insecure-Requests:
1
User-Agent:
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
"""