As recently announced in a previous article I wanted to write a couple of guides on how to mitigate Spectre and Meltdown vulnerabilities in GNU/Linux and UNIX environments. It is always a good and I hope a standard practice to have your systems patched and if they aren’t for whatever the reason (that legacy thing […]
How to mitigate Spectre and Meltdown on a Lenovo T430s with FreeBSD
The CentOS party is over, isn’t it?
Disclaimer: What you are about to read may contain inaccuracies. Feel free to discuss them somewhere else. This is also my opinion and as such it may change through time, maybe tomorrow, next month, next year, next decade or never. I do also make very few reviews (if any) of what I write here, so […]
How to import iocage jails to Bastille on FreeBSD 13
Being a fan and heavy user of FreeBSD jails, I’ve been using iocage for years now. However, iocage is not the only tool capable of making abstractions on top of the jail infrastructure in FreeBSD to make it easier to manage in a not just easier way, but quicker, centralized manner. Bastille is the other […]
How to enable TLS traffic from the origin server on Cloudflare Argo Tunnel
As it can be read in the last post, setting up a Cloudflare Argo Tunnel to serve web content from home or corporate network without poking holes to it, is quite easy to achieve. In this article I’ll show you how to enable TLS traffic from the origin server on Cloudflare Argo Tunnel. Obviously, you […]
The root account
Users. What the hell you mean by “root”? Are you a Windows user? I bet you have the user account badly configured. By default Windows is installed under the Administrator account. And nobody bothers to change this and add a second account. That second account should be an underprivileged one. If you own the computer […]
How to update FreeBSD using beadm
Beadm is a tool which provides a wonderful and distinctive functionality on Solaris, OpenIndiana and FreeBSD. It relies on the ZFS filesystem allowing to take a filesystem snapshot. That can be used to manage the so called boot environments which provide a great way to secure updates, even when everything goes down the tubes. Hence […]
How to update FreeBSD with freebsd-update
Anytime you set a clean fresh FreeBSD install or just any other operating system you must update it. This should be the first thing. If you are a bit security aware (read paranoid) you can first set up the firewall rules and then update the system to the latest release where you have all the […]
How to format an USB drive on FreeBSD
File system support on FreeBSD falls onto UFS (UNIX File System) or originally named the FFS (Fast File System and on ZFS (Zetabyte File System). If you are using your box as a desktop-workstation you will use USB drives to share files with other systems, to carry things on your pocket or safe the day […]
How to test SSL/TLS configurations
If you are in charge of any site with SSL/TLS conenctions enabled you are always in the chase to get the best possible and most secure configuration. This isn’t always the case and the lack of time does take its toll on many administrators. Those individuals are always asked to do more with less and […]
Exploiting CVE-2019-0708 Remote Desktop Protocol on Windows
The CVE-2019-0708 is the number assigned to a very dangerous vulnerability found in the RDP protocol in Windows sytems. This is also known as the ‘Blue Keep’ vulnerability. The issue was so critical that Microsoft did even release patches to unsupported operating systems such as Windows XP or Server 2003. To this day there are […]