Among the three possible firewalls on FreeBSD (choice is always nice) IPFW is the in-house built one. There is a default, easy way, configuration path but if one needs to build a box to act as a dedicated network appliance with packet filtering capacity fine tunning the IPFW firewall configuration is more than desirable. Before […]
How to configure the IPFW firewall on FreeBSD
Nmap cheatsheet
Nmap is a discovery tool used in security circles but very useful for network administrators or sysadmins. One can get information about operating systems, open ports, running apps with quite good accuracy. It can even be used in substitution to vulnerability scanners such as Nessus or OpenVAS for not very large environments, or quick audits. […]
How to compile cloudflared in FreeBSD 13/14
I happen to self-host my websites using Cloudflare’s services (article 1, article 2). Since the FreeBSD port seems to be delaying its releases and Cloudflare’s policy on maintaining versions only considers 1 year old code, in an act of prevention I have learnt, and I am publishing, how to compile cloudflared in FreeBSD. Note: At […]
How to install software in FreeBSD with pkgng
The pkgng is the package management system in FreeBSD. It is used to install applications, and specific modules, libraries, etc. Nowadays you can select in between more than 25.000 thousand. Yes, twenty five thousand. The syntax to use is very intuitive and simple. As you may be already aware software comes in two forms. Source […]
How to install WPScan on FreeBSD
Vulnerability scanners are useful tools to find issues on systems, networks and the like. WPScan is dedicated to find vulnerabilities on WordPress installations. A short tutorial as an introduction to the tool has been published here. So if you are interested on the tool and on FreeBSD, let’s dig on this how to install WPScan […]
How to install MariaDB in FreeBSD
MariaDB is a derivative from the world-famous enterprise class MySQL database. The MySQL founder is Michael Widenius, also known as Monty. He created the project, it worked out for some time, it caught Sun’s attention and they bought it. Then Oracle bought Sun and knowing Larry everyone left running without looking what was left behind. […]
How to secure the ELK stack on CentOS 8
This is a follow up of the ‘how to install the ELK stack on CentOS 8’. That is a basic setup with no security at all. There is no encryption, no username and password setup, nothing. Not even firewall rules to filter ports. And as it’s known security can’t only rely on one factor but […]
How to install the Clamav antivirus on CentOS 8
Clamav is a free antivirus nowadays owned by Cisco and developed under the umbrella of the Talos-Intelligence group. Don’t be fooled by the word free, this is serious business. It supports a wide variety of operating systems from Windows to Linux-based ones as well as FreeBSD. Many companies are using other types of antivirus software […]
How to mitigate Spectre and Meltdown on an HP Proliant server with Ubuntu
As recently announced in a previous article I wanted to write a couple of guides on how to mitigate Spectre and Meltdown vulnerabilities in GNU/Linux and UNIX environments. It is always a good and I hope a standard practice to have your systems patched and if they aren’t for whatever the reason (that legacy thing […]
How to update FreeBSD using beadm
Beadm is a tool which provides a wonderful and distinctive functionality on Solaris, OpenIndiana and FreeBSD. It relies on the ZFS filesystem allowing to take a filesystem snapshot. That can be used to manage the so called boot environments which provide a great way to secure updates, even when everything goes down the tubes. Hence […]