- Full protection: securing entire platform via an strong data encryption method including system Boot volume with smart recovery and emergencies options:
-
Platform Full Encryption: Cryptsetup [Linux Kernel] - Geli [FreeBSD Kernel] with physical token
In this scenario system Boot will be encrypted too and asking password will be on top of the platform before operating system starts then token authentication happens after that
- Grsecurity Kernel Patching: kernel compilation with PaX configuration
- Hardening Kernel Parameters: Sysctl, SSH Configs and operating system services
- Security Scanner modules: port, packet and rootkit scanner scripts to check for the possible threats such as Nmap and Chkrootkit
- Network Privacy Configuration: Tor project, Privoxy, I2p technologies and other tools such as OpenSSL, OpenVPN, OpenConnect, OpenNTPD, OpenSMTPD, OpenSSH
- Web Browser Hardening Addons: Firefox anti tracker, https enforcer, ad blocker and script stopper
- Smart Recovery System: journaling file system with default factory restoration and recovery – emergencies options
Debugging by printing
Probably the simplest way to get some debug information from your kernel code is by printing out various information with the kernel's equivalent of printf - the printk function and its derivatives. The k in printk is used to specifically remind kernel developers that the environment is different.
printk: This tool shows the kernel messages at boot and each code tells different behavior by the kernel.
Editing /etc/sysctl.conf with Administration Privilege (set to 3416)
- "0" KERN_EMERG - Emergency messages, system is about to crash or is unstable
- "1" KERN_ALERT - Something bad happened and action must be taken immediately
- "2" KERN_CRIT - A critical condition occurred like a serious hardware/software failure
- "3" KERN_ERR An error condition, often used by drivers to indicate difficulties with the hardware
- "4" KERN_WARNING - A warning, meaning nothing serious by itself but might indicate problems
- "5" KERN_NOTICE - Nothing serious, but notably nevertheless. Often used to report security events.
- "6" KERN_INFO - Informational message e.g. startup information at driver initialization, pr_info
- "7" KERN_DEBUG - Debug messages, pr_debug, pr_devel if DEBUG is defined
- "d" KERN_DEFAULT - The default kernel log level
- "" KERN_CONT - "continued" line of log printout (only done after a line that had no enclosing n)
These values influence printk() behavior when printing or logging error messages. See man 2 syslog for more info on the different loglevels.
- console_loglevel: messages with a higher priority than this will be printed to the console
- default_message_loglevel: messages without an explicit priority will be printed with this priority
- minimum_console_loglevel: minimum (highest) value to which console_loglevel can be set
- default_console_loglevel: default value for console_loglevel