I am a busy guy. Answering comments takes precious time from my daily life so don’t get mad if I don’t reply you back quickly or if I just don’t do. Plus, think twice before posting. If you really have something interesting to say, just go ahead. If that is something you really think I’d […]
Contact

How to patch OpenSSH in FreeBSD 12.2
The default version of OpenSSH in FreeBSD 12.2 today, and it’s been this for quite some time, is not the most recent published by the OpenBSD guys, which by the way are the ones developing OpenSSH. Not only is not the latest but it has a few vulnerabilities affecting it, medium risk ones but nevertheless […]

How to export a MySQL database.
You are your website editor, owner and now administrator. You want control over the whole process and you are migrating from a managed site. Or you are a versed user on unix-like environments and you are just willing to export your database. This is a simple post on how to export a MySQL database. If […]

How to mitigate DoS attacks with mod_evasive on FreeBSD
Denial of Service attacks or the distributed version of them (DDoS) have been growing throughout the years with their ups and downs. In my view the only thing that will happen to them is even bigger growth. With the advent of IoT devices the next decade will see an increase in these kind of attacks. […]

How to configure the PF firewall on FreeBSD
There are three firewall options on FreeBSD. The in-house built IPFW, the ‘old’ IPF (known as IP Filter) and PF ported from OpenBSD. PF is a very popular piece of software which was originally sparked from an issue on the IPF license that prevented making changes publicly available, which the OpenBSD did all the time. […]

A word on Spectre and Meltdown
As professionals and many aficionados know, early this year some widespread vulnerabilities were found on Intel CPU’s as well as on AMD’s. It was a bit later discovered the flaws also affected some RISC architectures such as Power and ARM. Everybody went nuts and the world seemed to be tumbling because of two CPU vulnerabilities […]

How to install Apache in FreeBSD with pkgng
The Apache Web Server is one of the most widely deployed web servers around the world. There are new and powerful alternatives you may have heard of, such as NGINX which seems to be the coolest thing around lately. There are meaningful differences between the two. Both are great but for example Apache has set […]

How to install MariaDB in FreeBSD
MariaDB is a derivative from the world-famous enterprise class MySQL database. The MySQL founder is Michael Widenius, also known as Monty. He created the project, it worked out for some time, it caught Sun’s attention and they bought it. Then Oracle bought Sun and knowing Larry everyone left running without looking what was left behind. […]

Lynis or how to quickly audit your system’s security configuration
A colleague of mine pointed me out to Lynis, a system’s configuration audit tool which checks the hardening of any running UNIX or UNIX-like system, including the BSDs. This tool has a built in check list and a set of sane and safe configurations and compares them to the target system. As output we find […]

How to work with Nessus scan results
Working with Nessus scan results is easy. How do I know that? Because I’ve worked with this tool for some time and although I do not know every corner of the things I’ve been doing some scans and solving quite a few deffects on systems that were labeled as ‘production ready’ when they clearly weren’t. […]
