Dear reddit,
As an intermediate Linux user and former organizer, I have often sought out beginner level guides to executing security measures. Unfortunately, these guides don't exist on an enterprise level. Obviously, this is because there is a steep learning curve, which requires hundreds of hours of education. Most often I am told that if I don't understand it, I shouldn't be doing it.
There are many reasons why a novice or intermediate user might require access to enterprise level security. For example, activists and many non-profits rely on a do-it-yourself milieu due to a lack of funding and resources. With all that has happened over the past ~5 years between governments and activists around the world, information security and anonymity can be of the utmost importance. I intend to create a website geared towards novice to intermediate computer users that will walk them through effectively executing enterprise level security, crypto-anarchy, and anonymity.
Here are some questions I have for reddit.
A. Mandatory Access Control
I read this page explaining hardened Gentoo. I do not understand any of it. I have so many questions. Here are a few.
From a security standards standpoint, which of these three mandatory access control patches provide the most thorough security; SELinux, AppArmor, or Grsecurity?
Are there any other software packages that should be considered that enhance security beyond these kernel patches?
Are there any beginners guides on proper implementation and configuration of these three kernel patches?
B. Firewalls
I am aware of iptables. I have a few questions regarding this too.
Is there a front-end to iptables that makes its vast features apparent and easily configurable?
How can you configure iptables to work as a whitelist?
Are there any good beginners guides for configuring iptables?
C. Crypto-anarchy
I am aware of LUKS, dm-crypt, GPG, & Truecrypt. Here are my questions regarding crypto-anarchy:
Mathematically speaking, what is the most advanced encryption scheme dm-crypt is capable of? That is to say, what cryptsetup settings will ensure the most secure encryption over the longest period into the future?
Are there any Linux based chat/voice/video conferencing programs that don't rely on 3rd party servers such as Google or Microsoft, and provide encryption? Software that requires you or someone you know to host a server is acceptable.
What are the most polished GPG front-ends?
Thank you, reddit for helping me in this endeavor. If you are interested in assisting me directly with these guides, please pm me. I will release them for peer review before I release them as official guides.
[link][6 comments]