The CVE-2019-0708 is the number assigned to a very dangerous vulnerability found in the RDP protocol in Windows sytems. This is also known as the ‘Blue Keep’ vulnerability. The issue was so critical that Microsoft did even release patches to unsupported operating systems such as Windows XP or Server 2003. To this day there are […]
Exploiting CVE-2019-0708 Remote Desktop Protocol on Windows
How to use find in GNU/Linux and FreeBSD
How to use find is a very basic, but important, UNIX lesson. Find is a very useful command which can help us not just finding a particular file, but for examples files or directories matching certain criteria such as: size, permissions, type. The basic mode of operation for find is the following: find path criteria […]
How to update FreeBSD with freebsd-update
Anytime you set a clean fresh FreeBSD install or just any other operating system you must update it. This should be the first thing. If you are a bit security aware (read paranoid) you can first set up the firewall rules and then update the system to the latest release where you have all the […]
How to mitigate/solve the MDS vulnerabilities of Intel processors in FreeBSD
It had to happen again. Anyone betting on new hardware vulnerabilities on Intel processors would have won. This time these are called the MDS vulnerabilities, which stands for Microarchitectural Data Sampling. The trouble is the ones who would have really made big money would have been those stating the new CPUs were on the same […]
Nessus vulnerability scanner
Nessus is a very well known vulnerability scanner used by many large and small companies to assess their systems and correct the issues found in them. Cybersecurity teams and specially auditors, make heavy use of tools like this in order to follow up the state of infrastructure and environments. Having a tool like this saves […]
How to install the Clamav antivirus on CentOS 8
Clamav is a free antivirus nowadays owned by Cisco and developed under the umbrella of the Talos-Intelligence group. Don’t be fooled by the word free, this is serious business. It supports a wide variety of operating systems from Windows to Linux-based ones as well as FreeBSD. Many companies are using other types of antivirus software […]
How to mitigate Spectre and Meltdown on a Lenovo T430s laptop with Ubuntu
As recently announced in a previous article I wanted to write a couple of guides on how to mitigate Spectre and Meltdown vulnerabilities in GNU/Linux and UNIX environments. It is always a good and I hope a standard practice to have your systems patched and if they aren’t for whatever the reason (that legacy thing […]
Nmap cheatsheet
Nmap is a discovery tool used in security circles but very useful for network administrators or sysadmins. One can get information about operating systems, open ports, running apps with quite good accuracy. It can even be used in substitution to vulnerability scanners such as Nessus or OpenVAS for not very large environments, or quick audits. […]
How to configure Apache HTTP as a reverse proxy on FreeBSD
Apache HTTP as a reverse proxy consists on setting an Apache HTTP server as a frontal access for one or multiple backend servers. In the recent years many have started using NGINX as a reverse proxy since this piece of software really shines for serving static content an acting as a cache server. This doesn’t […]
How to configure the IPFW firewall on FreeBSD
Among the three possible firewalls on FreeBSD (choice is always nice) IPFW is the in-house built one. There is a default, easy way, configuration path but if one needs to build a box to act as a dedicated network appliance with packet filtering capacity fine tunning the IPFW firewall configuration is more than desirable. Before […]