/d/OpSec icon

/d/OpSec

16,149 subscribers

Must read: https://anonymousplanet-ng.org/

Discussion of OpSec, Threat Models, Protection, Assessment & Countermeasures.

Vendors, please use /d/vendor_handbook.

While the focus of this community's OpSec discussions may center around Dark Net (DN) activity, all members of this sub are encouraged to think about, discuss, and share ideas relating to OpSec that extend beyond the bounds of the DN.

What linux distros?

by /u/w0rsh1p · 2 votes · 1 month ago

What linux distro's are good for opsec other than kali and arch.

Comments (17)
/u/HeadJanitor Moderator · 3 votes · 1 month ago · Link

You have it slightly backwards. Kali is designed for the opposite of OpSec—-to penetrate. Arch is designed to be versatile and a one-time rolling-release with a minimal base.

If you want OpSec, you want to mimic containerization so that you have a trustless setup. This is the point of Qubes. It's not just about isolating, it sandboxes your drivers, separates your hardware, segments your network, implements and enforces network-level policies on a minute level.

As /u/UberShop mentioned there is Tails and Whonix that Torifies your environment and provides you with anonymity.

Also there is Parrot Security Edition which is geared toward cybersecurity and forensics but is protective as well.

For OpSec you want to provide a completely isolated working environment where private data can be dealt with safely to protect data.

Septor Linux uses Privoxy and Tor and is precisely designed for OpSec.

Extending far, but most accurate for security purposes I would state OpenBSD and HardenedBSD.

But OpSec really isn't about your OS, it's about effectively securing all layers, including the human layer, methodologically and preventing vulnerabilities from being exposed through constant vigilance, assessment and observation. You deliver the OpSec.

/u/UberShop · 1 votes · 1 month ago · Link

fantastic reply, love the info on drivers

Dread rules

/u/decaptchamyass · 1 votes · 1 month ago · Link

No one uses OpenBSD, let alone HardenedBSD, as a daily driver. Also OpenBSD is not secure than a typical linux distro.

Related: https://isopenbsdsecu.re

/u/HeadJanitor Moderator · 1 votes · 1 month ago · Link

That article can't be taken seriously. It's meant to entertain an audience. Serious network engineers rely on OpenBSD—for working purposes, the same with cryptographers. In some schools it's a perquisite.

/u/decaptchamyass · 1 votes · 1 month ago · Link

Really? It's a conference talk by researchers. Yeah, some do (btw most of them use FreeBSD, I have hardly seen any mention of OpenBSD) but we are not talking about engineers here. We are talking about normal people, looking for something rational to use as a daily driver.

/u/HeadJanitor Moderator · 1 votes · 1 month ago · Link

Definitely get your point, that's why I stated, "extending far"... normal humans don't use Operating Systems where the installation doesn't require a few clicks.

/u/sexsymbol22 · 2 votes · 1 month ago · Link

qubes / tails / whonix ( you will probably hear of kodachi but its best to avoid using it )

/u/p4tr10t · 1 votes · 1 month ago · Link

why avoid using kodachi?

/u/sexsymbol22 · 1 votes · 1 month ago · Link

Because i think it is made by one person i think and it is too good to be true. i have read here that on the past it was a virus and it probably tracks you and more. i don't know if these things trully happened but i wouldn't risk it.

/u/UberShop · 1 votes · 1 month ago · Link

Tails is the standard for OPSEC as its amnesic, however all open source linux software can be edited to suit your purpose if you can be bothered

/u/sexsymbol22 · 1 votes · 1 month ago · Link

As far as im concerned all live boot os are amnestic

/u/UberShop · 1 votes · 1 month ago · Link

this is not entirely true, some save cookies and cache along with other nastiest in the sys, it can be deceptive, true amnesia is determined when you think the USB has not valid format

/u/decaptchamyass · 1 votes · 1 month ago · Link

I wouldn't really recommend Tails to anyone, it has had numerous IP leaks in the past and is not hardened as much as Whonix. There is not much difference between a vanilla debian and Tails. Also the reason they ship Tor Browser with ublock origin add-on is very unprofessional (Tor Project recommends against using any kind of add-ons), making you easily fingerprintable. The only advantage they have is over forensics, which doesn't seem to be the primary goal at the moment.

/u/Hep · 1 votes · 1 month ago · Link

Tails is by far the easiest to set up as you just can slap it on a usb and ready to go but it is very limited

/u/MethLabZosoSticker · 1 votes · 1 month ago · Link

Tails or basic ubuntu. It depends your goal

/u/SV2MG · 1 votes · 1 month ago · Link

tbh it depends what type of threat model you are going to face.

personally i don't trust Tails OS much more these days and can't use whonix nor Qubes {let alone both} because of hardware compatibility.

what you could do is distro morphing a Debian 11 if you have the knowledge to do it. {Whonix actually has a distromorphed debian 11 but it's still under work.}

/u/HolyGrailMarket · 1 votes · 1 month ago · Link

whonix and qubes