As it can be read in the last post, setting up a Cloudflare Argo Tunnel to serve web content from home or corporate network without poking holes to it, is quite easy to achieve. In this article I’ll show you how to enable TLS traffic from the origin server on Cloudflare Argo Tunnel. Obviously, you […]
How to enable TLS traffic from the origin server on Cloudflare Argo Tunnel
A few useful network commands
Troubleshooting network issues with simple commands is not a very difficult topic once there is a little toolbox to pull from. Needless to say networking topics can be very complicated and any specialist on the field will tell you how cumbersome it can really get. However with a few set of commands one can get […]
Reasonable amount of enabled modules on Apache HTTP
CentOS Ubuntu FreeBSD core_module (static) core_module (static) core_module (static) so_module (static) so_module (static) so_module (static) http_module (static) watchdog_module (static) http_module (static) access_compat_module (shared) http_module (static) mpm_prefork_module (shared) actions_module (shared) log_config_module (static) authn_file_module (shared) alias_module (shared) logio_module (static) authn_core_module (shared) allowmethods_module (shared) version_module (static) authz_host_module (shared) auth_basic_module (shared) unixd_module (static) authz_groupfile_module (shared) auth_digest_module (shared) access_compat_module (shared) […]
Abandon Linux. Jails for developers.
Reading the title you might think I want to put developers in Jail and although some may be good candidates this is in the far opposite of my intention. I am talking about FreeBSD Jails. For the unfamiliar with the concept those Jails are userland secure contained environments that share a common kernel. Purists and […]
The root account
Users. What the hell you mean by “root”? Are you a Windows user? I bet you have the user account badly configured. By default Windows is installed under the Administrator account. And nobody bothers to change this and add a second account. That second account should be an underprivileged one. If you own the computer […]
How to install the Clamav antivirus in FreeBSD
Clamav is an antivirus. But don’t think of Clamav as the antivirus you have sitting in your personal computer at home or in your office. It’s an antivirus that works under user demand. It is not constantly monitoring the system. So you will have to setup some cronjobs in order to check and monitor the […]
How to update FreeBSD using beadm
Beadm is a tool which provides a wonderful and distinctive functionality on Solaris, OpenIndiana and FreeBSD. It relies on the ZFS filesystem allowing to take a filesystem snapshot. That can be used to manage the so called boot environments which provide a great way to secure updates, even when everything goes down the tubes. Hence […]
How to install software in FreeBSD with pkgng
The pkgng is the package management system in FreeBSD. It is used to install applications, and specific modules, libraries, etc. Nowadays you can select in between more than 25.000 thousand. Yes, twenty five thousand. The syntax to use is very intuitive and simple. As you may be already aware software comes in two forms. Source […]
A brief introduction to SSL/TLS certificates
SSL stands for Secure Sockets Layer and it an old implementation of a crytographic protocol. TLS, or Transport Layer Security, is a new one. They are both used to have privacy in the communications between different parties. They are used to secure email, web browsing, instant messaging, etc These protocols work in a complex way […]
Lynis or how to quickly audit your system’s security configuration
A colleague of mine pointed me out to Lynis, a system’s configuration audit tool which checks the hardening of any running UNIX or UNIX-like system, including the BSDs. This tool has a built in check list and a set of sane and safe configurations and compares them to the target system. As output we find […]