It had to happen again. Anyone betting on new hardware vulnerabilities on Intel processors would have won. This time these are called the MDS vulnerabilities, which stands for Microarchitectural Data Sampling. The trouble is the ones who would have really made big money would have been those stating the new CPUs were on the same […]
How to mitigate/solve the MDS vulnerabilities of Intel processors in FreeBSD
How to secure FreeBSD (server minimal edition)
This is a very simple and easy to follow guide on securely administer your FreeBSD server. That said I am not a security expert although I’ve gained some knowledge as time goes by. Not pretending to be the definitive guide this article is an introduction on how to secure FreeBSD in which I will tackle […]
How to enable TLS traffic from the origin server on Cloudflare Argo Tunnel
As it can be read in the last post, setting up a Cloudflare Argo Tunnel to serve web content from home or corporate network without poking holes to it, is quite easy to achieve. In this article I’ll show you how to enable TLS traffic from the origin server on Cloudflare Argo Tunnel. Obviously, you […]
How to configure the IPFW firewall on FreeBSD
Among the three possible firewalls on FreeBSD (choice is always nice) IPFW is the in-house built one. There is a default, easy way, configuration path but if one needs to build a box to act as a dedicated network appliance with packet filtering capacity fine tunning the IPFW firewall configuration is more than desirable. Before […]
How to set Apache’s MPM Event and PHP-FPM on FreeBSD
As explained in another article the default Apache’s configuration at compile time sets its multi-processing module (MPM for short) to the pre-fork configuration setting. This is not the best performant configuration for Apache. Out of the box Apache comes compiled in its safest form, from the processing mode perspective since the pre-fork setting will open […]
ARP spoofing attacks
ARP spoofing attacks are quite harming and they can easily constitute a man-in-the-middle (MITM) attack. They consist on the attacker sending ARP packets into the network the victim is located, typically redirecting traffic to the attacker’s machine. Once this is achieved the attacker can sniff all the traffic sent by the victim’s device and obtain […]
How to install OSSEC agents on Windows
On a recent post I published about how to install an OSSEC server on Ubuntu I explained how this solution can help secure an infrastructure by deploying agents which report back to a central server. This is the second part of this server-client story. On this guide you will read about setting up agents and […]
What is UNIX?
UNIX is an operating system. And your known equivalent is Windows or the Mac. You may even know about Linux. The purpose of an OS is to accommodate programs in order to get some work done. Editing pictures, browsing the web or serving data from a database. It is the thing that lets you operate […]
How to use Fail2ban with WordPress
In a previous article we did an install of Fail2ban on a FreeBSD server. This tool can help us to protect our WordPress install, independatly from if we are using the FAMP stack or the LAMP stack. As I mentioned on that article Fail2ban is a complementary tool to our firewall. It works by scanning […]
How to install AWStats on FreeBSD 13.0
AWStats is a very powerful and useful software allowing webmasters count the visits to their managed websites. The tool is basically coded in Perl and it was a very popular choice before Google made it way easy when they launched their Google Analytics tool. However, nowadays not everyone is using Google Analytics services and even […]