:hidden: true
security/Transport_Layer_Security
Fail2ban : Python : brute-force protection : Scans log files and bans IPs that show the malicious signs -- too many password failures, seeking for exploits, etc
nftables : C : firewall : Administration tool for packet filtering and classification
OpenSSH : C : secure services : Free SSH protocol suite providing encryption for network services like remote login or remote file transfers
: - “Secure Secure Shell”
WireGuard : C : secure tunnel : Extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography
Firejail : C : sandbox : SUID sandbox program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces, seccomp-bpf and Linux capabilities
Docker : Go : application container : Run applications securely isolated in a container, packaged with all its dependencies and libraries
LXC : C : system container : Offers an environment as close as possible to the one you'd get from a VM but without the overhead that comes with running a separate kernel and simulating all the hardware
:::{seealso}
{doc}security/Transport_Layer_Security
:::
Content Security Policy (CSP) : Mechanism by which web developers can control the resources which a particular page can fetch or execute, as well as a number of security-relevant policy decisions
X-Content-Type-Options
: Require checking of a response’s Content-Type header against the
destination of a request
- OWASP - Free and open software security community