As it can be read in the last post, setting up a Cloudflare Argo Tunnel to serve web content from home or corporate network without poking holes to it, is quite easy to achieve. In this article I’ll show you how to enable TLS traffic from the origin server on Cloudflare Argo Tunnel. Obviously, you […]
How to enable TLS traffic from the origin server on Cloudflare Argo Tunnel
How to configure TLS 1.2 on UNIX or GNU/Linux
This is an article willing to help and point out a few useful resources for those using Apache HTTP or NGINX web servers that are still using the deprecated SSLv3, TLS 1.0 and/or TLS 1.1 verions. If you find the articles in Adminbyaccident.com useful to you, please consider making a donation. Use this link to […]
ARP spoofing attacks
ARP spoofing attacks are quite harming and they can easily constitute a man-in-the-middle (MITM) attack. They consist on the attacker sending ARP packets into the network the victim is located, typically redirecting traffic to the attacker’s machine. Once this is achieved the attacker can sniff all the traffic sent by the victim’s device and obtain […]
How to install ModSecurity 3 on FreeBSD
A couple of years ago I wrote a guide on how to install Modsecurity on FreeBSD. Now the program is on its third iteration so a new article is needed. Or so I think. In this article I’ll be covering Modsecurity 3 applied to protect Apache HTTP. If you find the articles in Adminbyaccident.com useful […]
How to enable log rotation on FreeBSD
This is a very short simple entry but it may help you. As many others you may be running a web server, or any other service that creates some logging information. Enable log rotation on FreeBSD will keep those log files in a manageable size (at least more readable) and they won’t grow and expand […]
Exploiting CVE-2019-0708 Remote Desktop Protocol on Windows
The CVE-2019-0708 is the number assigned to a very dangerous vulnerability found in the RDP protocol in Windows sytems. This is also known as the ‘Blue Keep’ vulnerability. The issue was so critical that Microsoft did even release patches to unsupported operating systems such as Windows XP or Server 2003. To this day there are […]
List of Speculative Execution Vulnerabilities
Vulnerability CVE Exploit name Public vulnerability name Firmware changes Spectre 2017-5753 Variant 1 Bounds Check Bypass (BCB) No Spectre 2017-5715 Variant 2 Branch Target Injection (BTI) Yes Meltdown 2017-5754 Variant 3 Rogue Data Cache Load (RDCL) No Spectre-NG 2018-3640 Variant 3a Rogue System Register Read (RSRE) Yes Spectre-NG 2018-3639 Variant 4 Speculative Store Bypass (SSB) […]
How to update FreeBSD using beadm
Beadm is a tool which provides a wonderful and distinctive functionality on Solaris, OpenIndiana and FreeBSD. It relies on the ZFS filesystem allowing to take a filesystem snapshot. That can be used to manage the so called boot environments which provide a great way to secure updates, even when everything goes down the tubes. Hence […]
How to mitigate/solve the MDS vulnerabilities of Intel processors in FreeBSD
It had to happen again. Anyone betting on new hardware vulnerabilities on Intel processors would have won. This time these are called the MDS vulnerabilities, which stands for Microarchitectural Data Sampling. The trouble is the ones who would have really made big money would have been those stating the new CPUs were on the same […]
What is Expect?
Expect is a handy scripting tool for task automation. You may have never heard of it. I heard about many scripting things before. But one day I needed something simple but didn’t know how to proceed, what would be a good tool for my purpose. The task was simple. Exporting a website content from a […]