A colleague of mine pointed me out to Lynis, a system’s configuration audit tool which checks the hardening of any running UNIX or UNIX-like system, including the BSDs. This tool has a built in check list and a set of sane and safe configurations and compares them to the target system. As output we find […]

Lynis or how to quickly audit your system’s security configuration

List of Speculative Execution Vulnerabilities
Vulnerability CVE Exploit name Public vulnerability name Firmware changes Spectre 2017-5753 Variant 1 Bounds Check Bypass (BCB) No Spectre 2017-5715 Variant 2 Branch Target Injection (BTI) Yes Meltdown 2017-5754 Variant 3 Rogue Data Cache Load (RDCL) No Spectre-NG 2018-3640 Variant 3a Rogue System Register Read (RSRE) Yes Spectre-NG 2018-3639 Variant 4 Speculative Store Bypass (SSB) […]

The Original Sin
Disclaimer: What you are about to read may contain inaccuracies. Feel free to discuss them somewhere else. This is also my opinion and as such it may change through time, maybe tomorrow, next month, next year, next decade or never. I do also make very few reviews (if any) of what I write here so […]

Abandon Linux. Jails for developers.
Reading the title you might think I want to put developers in Jail and although some may be good candidates this is in the far opposite of my intention. I am talking about FreeBSD Jails. For the unfamiliar with the concept those Jails are userland secure contained environments that share a common kernel. Purists and […]

Linus on ZFS
Disclaimer: What you are about to read may contain inaccuracies. Feel free to discuss them somewhere else. This is also my opinion and as such it may change through time, maybe tomorrow, next month, next year, next decade or never. I do also make very few reviews (if any) of what I write here so […]

How to setup MariaDB master-slave replication on FreeBSD
Having all the data in just one server is not the best idea. Especially when talking about a database server. Spreading information in several boxes is a good measure to prevent data loss but also for performance. A MySQL/MariaDB master-slave replication scheme is often used as a good solution for both, data redundancy and speed. […]

How to install Nessus 10 on FreeBSD 12
Nessus is a professional vulnerability scanner from the reputable cybersecurity company Tenable. I have already written about it in the past but installing it on a GNU/Linux distro. This very article will guide anyone to install Nessus 10 on FreeBSD, since Tenable is releasing binaries for FreeBSD 11 and 12 as of the time of […]

How to install RKHunter on FreeBSD
In this post you will find simple instructions to install rkhunter on FreeBSD which is a root kit “hunter” so your system/s will have some security in place for that kind of unwanted software. But for those who do not know what a rootkit is, let’s give it a simple definition (which you can get […]

How to install WordPress on Debian 9 (LAMP stack)
In this guide we’ll see how to install a simple, clean, new WordPress site. In order to run this site we’ll have to have a LAMP (or FAMP if you prefer FreeBSD over Linux) stack in place. Read the correspondent guides in order to get the necessary software layers all together, rightly configured. If you […]

How to install Mate on FreeBSD 12/13
In this how to install Mate on FreeBSD I’m not going to repeat the same guides you can read elsewhere. If you desire to use FreeBSD as a daily driver desktop, I do encourage you to read and follow the guides from this other guy. The guide you are currently reading can be considered the […]
