Vulnerability scanners are useful tools for administrators and security analysts alike. For the casual WordPress user tools like WPScan may look excessive and complicated for their knowledge, they just need their blog, web page, whatever they’re doing up and running. Any complex administration bothers them to the max, and there are good and valid reasons […]
How to find vulnerabilities in your WordPress with WPScan
How to install OSSEC agents on Windows
On a recent post I published about how to install an OSSEC server on Ubuntu I explained how this solution can help secure an infrastructure by deploying agents which report back to a central server. This is the second part of this server-client story. On this guide you will read about setting up agents and […]
How to analyze suspicious email
Millions of emails are sent and received every day. Most of them are just junk. And many among those are potentially harmful. Phishing still is one of the most effective ways for malicious actors to penetrate into well secured networks. The weakest link, too often, is the human factor. Training can help mitigate this 24×7 […]
How to install MariaDB in FreeBSD
MariaDB is a derivative from the world-famous enterprise class MySQL database. The MySQL founder is Michael Widenius, also known as Monty. He created the project, it worked out for some time, it caught Sun’s attention and they bought it. Then Oracle bought Sun and knowing Larry everyone left running without looking what was left behind. […]
How to install the bash shell on FreeBSD
Believe it or not the Bash shell does not come installed on the system. By default FreeBSD uses the sh shell (after the rewrite under the BSD license on 1989 of the original Bourne Shell found on UNIX, which had inherited the ‘sh’ name from the original’s Thomson shell), the C shell or the tcsh […]
How to secure the ELK stack on CentOS 8
This is a follow up of the ‘how to install the ELK stack on CentOS 8’. That is a basic setup with no security at all. There is no encryption, no username and password setup, nothing. Not even firewall rules to filter ports. And as it’s known security can’t only rely on one factor but […]
Abandon Linux. How to install iocage to manage FreeBSD Jails
The iocage program is a python 3 piece created to manage FreeBSD Jails leveraging the underpinning ZFS file system on FreeBSD. As already explained on previous articles the FreeBSD operating system offers an OS-level virtualization system called Jails. And as described on past articles it can benefit administrators and developers alike. This is a simple […]
How to mitigate Spectre and Meltdown on a Lenovo T430s with FreeBSD
As recently announced in a previous article I wanted to write a couple of guides on how to mitigate Spectre and Meltdown vulnerabilities in GNU/Linux and UNIX environments. It is always a good and I hope a standard practice to have your systems patched and if they aren’t for whatever the reason (that legacy thing […]
How to set CentOS 7 repositories
CentOS is the free open source replica of the well known Red Hat Enterprise Linux (RHEL). With a very good reputation because of its stability and performance RHEL is nowadays the dominating GNU/Linux distribution in the enterprise environment. As a gift, in a similar fashion to Microsoft’s Windows trial versions (without limits to the use), […]
How to update FreeBSD with freebsd-update
Anytime you set a clean fresh FreeBSD install or just any other operating system you must update it. This should be the first thing. If you are a bit security aware (read paranoid) you can first set up the firewall rules and then update the system to the latest release where you have all the […]