Projects / Hardened Debian

Hardened Debian

Hardened Debian improves Debian GNU/Linux with high security and hardening features, hardened kernels and packages, DHKP, and other security related enhancements. It makes systems more difficult to compromise using common attacks such as race conditions, chroot jail escapes, and buffer overflows.

Operating Systems

Recent releases

  •  05 Dec 2004 14:58

    Release Notes: This is a port of the latest 2.4 released patch of the NSA's SELinux project to Linux 2.4.28. Since it's not a backport of the 2.6 code, but rather a port of the last 2.4.26 backport of the 2.6 code, many things are deprecated, outdated, and probably obsolete.

    •  26 Nov 2004 16:29

      Release Notes: The 2.6.7-hardened packages are available for Debian Sarge, and hopefully stable for production environments. The changes are many, mainly SELinux PaX hooks, an enhanced IPSec stack (using Openswan), grSecurity 2.0.1, a kernel boot commandline to select SEGMEXEC/PAGEEXEC, /proc/pax_status support, fixes for binfmt_elf loader vulnerabilities and for all the CAN issues published before this date, Fortuna CSRNG, a netdev-random patch, and the TCP Stealth patch.

      •  22 Sep 2004 23:12

        Release Notes: The 2.4.28-pre-3-hardened kernel improves several new features coming from the DHKP that integrates Owl's kernel patch, the Vanheusden patch, enhancements for the entropy pool (use of network cards interrupts for gathering entropy and increased pool sizes), and the introduction of the Fortuna patch. This provides memory page execution prevention, restricted FIFOs at /tmp, linking restrictions for /tmp, better entropy sources, restricted /proc, RLIMIT_NPROC on execve() enforcing, and destruction of shared memory segments not in use.


        Project Spotlight


        A Fluent OpenStack client API for Java.


        Project Spotlight

        TurnKey TWiki Appliance

        A TWiki appliance that is easy to use and lightweight.