Apache HTTP as a reverse proxy consists on setting an Apache HTTP server as a frontal access for one or multiple backend servers. In the recent years many have started using NGINX as a reverse proxy since this piece of software really shines for serving static content an acting as a cache server. This doesn’t […]
How to configure Apache HTTP as a reverse proxy on FreeBSD
How to configure TLS 1.2 on UNIX or GNU/Linux
This is an article willing to help and point out a few useful resources for those using Apache HTTP or NGINX web servers that are still using the deprecated SSLv3, TLS 1.0 and/or TLS 1.1 verions. If you find the articles in Adminbyaccident.com useful to you, please consider making a donation. Use this link to […]
The Original Sin
Disclaimer: What you are about to read may contain inaccuracies. Feel free to discuss them somewhere else. This is also my opinion and as such it may change through time, maybe tomorrow, next month, next year, next decade or never. I do also make very few reviews (if any) of what I write here so […]
Abandon Linux. Move to FreeBSD or Illumos.
If you use GNU/Linux and you are only on opensource, you may be doing it wrong. Here’s why. Is your company based on opensource based software only? Do you have a bunch of developers hitting some kind of server you have installed for them to “do their thing”? Being it for economical reasons (remember to […]
How to mitigate Spectre and Meltdown on a Lenovo T430s with FreeBSD
As recently announced in a previous article I wanted to write a couple of guides on how to mitigate Spectre and Meltdown vulnerabilities in GNU/Linux and UNIX environments. It is always a good and I hope a standard practice to have your systems patched and if they aren’t for whatever the reason (that legacy thing […]
Abandon Linux. How to export and import FreeBSD Jails ‘a la Docker’
FreeBSD Jails is an awesome tool similar to Docker but much older which allows administrators and developers alike to have several securely contained userland environments sharing one kernel. Does it sound familiar? This is operating-system-level virtualization and it’s different than what you find on KVM or Xen camps. For more detailed information I’ve published some […]
How to mitigate DoS attacks with mod_evasive on FreeBSD
Denial of Service attacks or the distributed version of them (DDoS) have been growing throughout the years with their ups and downs. In my view the only thing that will happen to them is even bigger growth. With the advent of IoT devices the next decade will see an increase in these kind of attacks. […]
Nmap cheatsheet
Nmap is a discovery tool used in security circles but very useful for network administrators or sysadmins. One can get information about operating systems, open ports, running apps with quite good accuracy. It can even be used in substitution to vulnerability scanners such as Nessus or OpenVAS for not very large environments, or quick audits. […]
How to install Fail2ban on FreeBSD
Fail2ban is a complementary tool to your firewall. It works by scanning log files and bans IPs which present suspicious activity such as failed logins. It is compatible with many UNIX-like systems and is a security tool to have in your arsenal. It can filter not only ssh logins, but other services too, for example […]
What is Expect?
Expect is a handy scripting tool for task automation. You may have never heard of it. I heard about many scripting things before. But one day I needed something simple but didn’t know how to proceed, what would be a good tool for my purpose. The task was simple. Exporting a website content from a […]