security/Transport_Layer_Security
- Fail2ban : Python : brute-force protection
Scans log files and bans IPs that show the malicious signs -- too many password failures, seeking for exploits, etc
- nftables__ : C : firewall
Administration tool for packet filtering and classification
- OpenSSH__ : C : secure services
Free SSH protocol suite providing encryption for network services like remote login or remote file transfers
- “Secure Secure Shell__”
__ https://www.openssh.com/ __ https://stribika.github.io/2015/01/04/secure-secure-shell.html
- WireGuard__ : C : secure tunnel
Extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography
- Firejail__ : C : sandbox
SUID sandbox program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces, seccomp-bpf and Linux capabilities
- Docker__ : Go : application container
Run applications securely isolated in a container, packaged with all its dependencies and libraries
- LXC__ : C : system container
Offers an environment as close as possible to the one you'd get from a VM but without the overhead that comes with running a separate kernel and simulating all the hardware
security/Transport_Layer_Security
- Content Security Policy (CSP)__
Mechanism by which web developers can control the resources which a particular page can fetch or execute, as well as a number of security-relevant policy decisions
- Quick Reference Guide__
__ https://www.w3.org/TR/CSP/ __ https://content-security-policy.com/
- X-Content-Type-Options__
Require checking of a response’s Content-Type header against the destination of a request
__ https://fetch.spec.whatwg.org/#x-content-type-options-header
- OWASP__ - Free and open software security community