Verified Commit c7d32fa2 authored by s1udge's avatar s1udge 💬

Merge branch 'dev'

Signed-off-by: s1udge's avatars1udge <s1udge@parrotsec.org>
parents 8e502a26 c10ec163
2019/04/23
- updated Contributing, README, and FAQ
-s1udge
2019/04/13
- Added new Contributing statement
- updated Team list.
-s1udge
2019/03/26
- Added Name change from Parrot Linux to Parrot OS.
- Added disrupt_the_flow's tutorials for Tor, Custom kernel, Firejail and AppArmor.
-s1udge
2019/03/10
- Added Creative Commons license to repository and embedded within docs site.
......
2019/03/01
## Developer Certificate of Origin + License
Currently all software without a respective license which is part of the Parrot repositories are governed by the GNU GPL v3 license under Lorenzo "Palinuro" Faletra
(not to include user repositories or software that has a license).
By contributing to the Parrot Project, You accept and agree to the following terms and
conditions for your present and future Contributions submitted to the Parrot Project.
Except for the license granted herein to the Parrot Project and recipients of software
distributed by the Parrot Project, You reserve all right, title, and interest in and to
Your Contributions. All Contributions are subject to the following DCO + License
terms.
All documentation and media rights fall under our new Creative Commons License (which is copyleft share-alike [CC-BY-SA](https://creativecommons.org/licenses/by-sa/4.0/).
[DCO + Licenses](LICENSES.md)
_This notice should stay as the first item in the CONTRIBUTING.md file._
## Contributing
First off thank you for your interest and help!
**Security Issues**
We take security very seriously, if you find a security vulnerability, do NOT open an issue.
Please email `security at parrotsec dot org` or send Palinuro a PM on Telegram.
You can help improve our documentation by submitting merge requests (pull requests in github) to this repository.
For more information about how to contribute please see our [Technical Guidelines for Contributing](https://nest.parrotsec.org/parrot-organization/community/blob/master/Tech-GL-4C.md).
We want to create a welcome environment for everyone who is interested in contributing. Please see our [Code of Conduct](https://nest.parrotsec.org/parrot-organization/community/blob/master/code-of-conduct.md) to learn more about our committment to an open environment.
_Please do not use the issue tracker for support questions, please post on the [forum](https://community.parrotsec.org) or on Telegram._
## Maintainers, response time and security issues.
**Primary:** Palinuro <br>
**Alternate:** s1udge
You should get a response from a maintainer within **five days** for a merge request and **seven days** for everything else.
If you haven't heard anything in that timeframe please ping the thread with the names of the maintainers.
After feedback is given we expect a response within two weeks if no response is given we may close the merge request or issue.
_Commit access is given on a case by case basis and is at the discretion of the Core Dev Team._
### How to suggest a feature or enhancement
Please make a post in the forum under development category. Please add why it is needed, the scope of the feature and any research you have.
Your topic will be read and checked if the request is possible, if not you will be notified why this isn't possible.
If it is possible you will be asked to open an issue here.
Any written works or other media (not to include software) uploaded to this site without license outside of user repositories fall under the above license.
If you feel your copyright has been violated please send an email to team@parrotsec.org with the Subject line "COPYRIGHT CLAIM" anmd we will resolve it as quickly as possible.
By Committing, Using or otherwise interacting with Parrot's repositories on https://nest.parrotsec.org you agree to these terms.
-s1udge
......@@ -19,11 +19,9 @@ Not sure if Parrot is for you? Check out "[Should I use Parrot?](https://www.par
### What is the default live password?
Live user: **user**
Live pass: **live**
Live pass: **toor**
If the password does not work, also try with: **toor**
Parrot does not have a root password since Parrot 4.4, to launch programs as root or to obtain a root terminal, use **sudo**
Parrot may not have a root password since Parrot 4.4, to launch programs as root or to obtain a root terminal, use **sudo**
### How do I upgrade my system?
......@@ -90,8 +88,8 @@ If you are not sure what software is involved, or if you don't know how to conta
`/etc/apt/sources.list.d/parrot.list` should contain the following content
```bash
deb http://deb.parrotsec.org/parrot stable main contrib non-free
#deb-src http://deb.parrotsec.org/parrot stable main contrib non-free
deb https://deb.parrotsec.org/parrot stable main contrib non-free
#deb-src https://deb.parrotsec.org/parrot stable main contrib non-free
```
......@@ -101,7 +99,7 @@ If this happens, then you did something terribly wrong during the creation of th
This usually happens when you use software that doesn't respect the isohybrid standards.
We have a dedicated documentation page which describes this issue, how to fix it and why.
The following page will describe the issue, how to fix it and why it can occur.
[Create a Boot Device](https://www.parrotsec.org/docs/getting-started/create-boot-device/)
......
......@@ -16,20 +16,24 @@ What do these servers actually do? What kind of private information is stored? H
The edge nodes do not host private information of the users, only our master servers host user information.
The edge servers are owned by us, we can delete servers, migrate them, deploy new ones, change providers etc. We can force users in a country to stay away from a particular node and transit the parrot network from a node in another country.
The edge servers are owned by us, we can delete servers, migrate them, deploy new ones, change providers etc. We can force users in a country to stay away from a particular node and transit the parrot network from a node in another country if we beieve that such countries or providers may inspect user traffic.
We log user activities from the web server logs and use goaccess to monitor strange activities.
We log user activities from the web server logs and use log analyzers to investigate uncommon (malicious) activities and spot possible intrusions or cyber attacks.
Our sysadmin is the only person authorized to access the servers and handle the logs.
Sometimes we collect statistical usage data on our infrastructure usage (downloads, website hits, unique visitors, geographical distribution etc). Such data is aggregate and does not contain personal user information, and ip addresses and other components useful to identify specific users are stripped out before the data aggregation, or sometimes they are not collected at all.
Goaccess analyzes the logs for us to show aggregated data such as page hits, unique visitors, most used browsers, origin country, most requested addresses, most accessed domains etc. The data we retain is aggregated and does not reveal private user information.
We do NOT log user activities on some services, like the DNS resolvers, to respect user privacy, and we do not collect user information if we don't have a technical reason to log it.
The only private information directly visible from goaccess is the ip address of the users, but the servers already have automatic protections to ban misbehaving ip addresses, We store ip addresses temporarily in case of cyberattacks.
Our sysadmin is the only person authorized to access the servers and handle the logs, and no third parties have access to such data.
Logs are disabled on the edge nodes, so we can keep them secure on the central infrastructure where authorities or third parties can’t take them without our approval.
The only private information directly visible from goaccess is the ip address of the users, but the servers already have automatic protections to ban misbehaving ip addresses, We store ip addresses temporarily in case of cyberattacks against our web infrastructure.
Personal user data is not stored on our CDN edge nodes, so we can keep user data as safe as possible on the central infrastructure where authorities or third parties can’t take them without our approval.
We periodically delete logs from servers when we are sure that no attacks were received in that period of time, and we shred them for security before restarting the service.
When we dismiss a dedicated server or a VPS, we manually shred the hard disk with random data from a recovery unit to make data unrecoverable before the service deletion.
We have never received a warrant since we began this project. Please note our [warrant canary](warrant-canary.md).
......@@ -38,14 +42,15 @@ We have never received a warrant since we began this project. Please note our [w
We provide free DNS resolvers for the OpenNIC network. These servers have logs disabled by default.
There is a tiny log buffer that hosts the latest service hits for debugging purposes but this is just a buffer that keeps a bunch of recent elements it disappears
automatically as new requests come in and it is the standard behavior of the DNS resolver we use (PowerDNS).
There is a tiny log buffer that hosts the latest service hits for technical purposes, allowing the system to identify and automatically ban ip addresses abusing the service.
The temporary log is just a buffer that keeps a bunch of recent elements, and old entries disappear
automatically as new requests come in. It is the standard behavior of the DNS resolver we use (PowerDNS).
Since DNS logs are disabled, and the abuse prevention system is completely automatic, we don't have systems to manually analyze such logs, and we don't perform direct or indirect analysis of DNS services usage.
Last updated 26 Mar 2019
Last updated 25 Apr 2019
&nbsp;
[Using Parrot](https://www.parrotsec.org/docs/info/start/) | [Troubleshooting](https://www.parrotsec.org/docs/trbl/start/) | [Linux Beginner Guide](https://www.parrotsec.org/docs/library/lbg-basics/) | [Home](https://www.parrotsec.org/docs/)
\ No newline at end of file
[Using Parrot](https://www.parrotsec.org/docs/info/start/) | [Troubleshooting](https://www.parrotsec.org/docs/trbl/start/) | [Linux Beginner Guide](https://www.parrotsec.org/docs/library/lbg-basics/) | [Home](https://www.parrotsec.org/docs/)
......@@ -24,7 +24,7 @@ Warrant Canaries have been found to be legal by the United States Justice Depart
![warrant canary](https://www.parrotsec.org/docs/img/warrant-canary.png)
Warrant Canary, March 16 2019
Warrant Canary, April 25 2019
......
......@@ -98,8 +98,8 @@ NOTE:
### Content of /etc/apt/sources.list.d/parrot.list:
```
deb http://deb.parrotsec.org/parrot stable main contrib non-free
#deb-src http://deb.parrotsec.org/parrot stable main contrib non-free
deb https://deb.parrotsec.org/parrot stable main contrib non-free
#deb-src https://deb.parrotsec.org/parrot stable main contrib non-free
```
......
......@@ -6,9 +6,9 @@ taxonomy:
visible: true
---
ParrotOS is a community-driven project.
The Parrot Project is a community-driven project.
In this page we list contributors and members past and present, who've given a significant contribution to the project.
In this page we list contributors and members, past and present, who have contributed significantly to the project.
# Core Dev Team
......@@ -23,36 +23,55 @@ In this page we list contributors and members past and present, who've given a s
| s1udge | | Operations lead <br> Forum Admin <br> Docs writer | s1udge at parrotsec dot org |
&nbsp;
# Dev Team
| nickname | name | role(s) | email |
| ---------------- | --------------------- | --------------------------------------------------------------- | ---------------------------- |
| Andi | | | |
&nbsp;
# Community Team
| nickname | name | role(s) | email |
| ---------------- | --------------------- | --------------------------------------------------------------- | ---------------------------- |
| meu | M. Emrah Ünsür | Turkish Community Leader <br> Forum Moderator | meu at parrotsec dot org |
| terabreik | Jose Gatica | Spanish Community Leader <br> Forum Moderator | josegatica at parrotsec dot org |
| Nemo | Sandipan Roy | Indian community Leader <br> Forum Moderator | nemo at parrotsec dot org |
| anubi5 | Abdel Rhman Anter | Arabic Community Leader <br> Forum Moderator | anubi5 at parrotsec dot org |
| meu | M. Emrah Ünsür | Turkish Community Leader <br> Forum Moderator | meu at parrotsec dot org |
| terabreik | Jose Gatica | Spanish Community Leader <br> Forum Moderator | josegatica at parrotsec dot org |
| ByteHackr | Nemo Sandipan Roy | Indian community Leader <br> Forum Moderator | nemo at parrotsec dot org |
| AresX | | Chinese Community Leader <br> Forum Moderator | |
| anubi5 | Abdel Rhman Anter | Arabic Community Leader <br> Forum Moderator | anubi5 at parrotsec dot org |
| disrupt_the_flow | | Greek Community Leader <br> Docs writer <br> Telegram Admin <br> Forum Moderator | disrupt_the_flow at parrotsec dot org|
| Mr-B Relax | | Indonesian Community Leader <br> Forum Moderator | |
| Fugu | | French Community Leader <br> Forum Moderator | |
| Kratvers | Denis | Russian Community Leader <br> Forum Moderator | |
| | | German Community Leader <br> Forum Moderator | |
| Mr-B Relax | Bimantara Sutato Putra | Indonesian Community Leader <br> Forum Moderator | |
| Fugu | | French Community Leader <br> Forum Moderator | |
| Kratvers | Denis | Russian Community Leader <br> Forum Moderator | |
| xx4h | Fabian Melters | German Community Leader <br> Forum Moderator | |
| ku3k3n | | German Community Leader (Alternate) <br> Forum Moderator | |
| Nico_Paul | Nico Gialluca | English Community Leader <br> Forum Moderator <br>Organizer | nico at parrotsec dot org |
| Kidklown | | English Community Leader <br> Forum Moderator | |
| Palinuro | Lorenzo Faletra | Italian Community Leader (see above) | palinuro at parrotsec dot org |
| Jeff | Jeff Seyzel | Facebook admin <br> System Tester | jeff at parrotsec dot org |
| Zaphod BB | | Telegram Admin <br> Forum Moderator | |
| mastrobirraio | Pino Matranga | Website contributor <br> Forum Moderator | |
| LulzRose | Kurt Bruggeman | Graphic Design <br> Forum Moderator | |
| Kidklown | | English Community <br> Forum Moderator | |
| Jeff | Jeff Szydel | Facebook admin <br> System Tester | jeff at parrotsec dot org |
| Zaphod BB | Patrick Dunn | Telegram Admin <br> Forum Moderator | |
| mastrobirraio | Pino Matranga | Web Team Leader <br> Italian Community Leader <br> Forum Moderator | |
| LulzRose | Kurt Bruggeman | | LulzRose@riseup.net |
| Dm knght | | Forum Moderator <br> Tutorial writer | |
| KileXt | | Forum Moderator <br> Tutorial writer | |
| h0tw4t3r | | Forum Moderator <br> Tutorial Writer <br> Website contributor | |
&nbsp;
# Design Team
| nickname | name | role(s) | email |
| ---------------- | --------------------- | --------------------------------------------------------------- | ---------------------------- |
| Serverket | Manuel Hernandez | Design Team Leader | |
| janopineda | Alejandro Pineda | | |
| marafed | Federica Marasà | Graphic Designer | marafed at parrotsec dot org |
&nbsp;
Contributors
# Contributors
| nickname | name | role(s) | email |
| ---------------- | --------------------- | --------------------------------------------------------------- | ---------------------------- |
| v1s1t0r | | Airgeddon Creator/Maintainer | v1s1t0r.1s.h3r3 at gmail dot com |
&nbsp;
......@@ -85,3 +104,4 @@ Contributors
&nbsp;
[Using Parrot](https://www.parrotsec.org/docs/info/start/) | [Troubleshooting](https://www.parrotsec.org/docs/trbl/start/) | [Linux Beginner Guide](https://www.parrotsec.org/docs/library/lbg-basics/) | [Home](https://www.parrotsec.org/docs/)
......@@ -25,7 +25,7 @@ nav:
- Using Parrot: info/start.md
- Troubleshooting: trbl/start.md
- Library:
- Parrot Linux: library/start.md
- ParrotOS: library/start.md
- Knowledge Nest: library/knowledge-start.md
- The Project:
- Infrastructure:
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment