Operating System level virtualization is hitting hard now, as much as VM’s did just a few years ago. Docker is the popular framework for this matter, the new kid on the block so to speak. This is the hot spot now and if anyone wants to appear knowledgeable about system administration knowing this technology is […]
How to install Docker on Ubuntu 18.04
How to secure the ELK stack on CentOS 8
This is a follow up of the ‘how to install the ELK stack on CentOS 8’. That is a basic setup with no security at all. There is no encryption, no username and password setup, nothing. Not even firewall rules to filter ports. And as it’s known security can’t only rely on one factor but […]
The firewall
If you don’t know why you need a firewall it’s because you are not very tech savy. Don’t worry. You can discover by yourself why you need one. The router sitting in your house has one installed in it. And please don’t disable that by any mean. You can check why a firewall is important […]
How to configure the PF firewall on FreeBSD
There are three firewall options on FreeBSD. The in-house built IPFW, the ‘old’ IPF (known as IP Filter) and PF ported from OpenBSD. PF is a very popular piece of software which was originally sparked from an issue on the IPF license that prevented making changes publicly available, which the OpenBSD did all the time. […]
How to compile cloudflared in FreeBSD 13/14
I happen to self-host my websites using Cloudflare’s services (article 1, article 2). Since the FreeBSD port seems to be delaying its releases and Cloudflare’s policy on maintaining versions only considers 1 year old code, in an act of prevention I have learnt, and I am publishing, how to compile cloudflared in FreeBSD. Note: At […]
How to secure FreeBSD (server minimal edition)
This is a very simple and easy to follow guide on securely administer your FreeBSD server. That said I am not a security expert although I’ve gained some knowledge as time goes by. Not pretending to be the definitive guide this article is an introduction on how to secure FreeBSD in which I will tackle […]
How to update FreeBSD using beadm
Beadm is a tool which provides a wonderful and distinctive functionality on Solaris, OpenIndiana and FreeBSD. It relies on the ZFS filesystem allowing to take a filesystem snapshot. That can be used to manage the so called boot environments which provide a great way to secure updates, even when everything goes down the tubes. Hence […]
How to replace a disk on a ZFS mirror pool
It’s happened to me, it’s happened to you, it’s happened more than one million times and it will still happen in the future. You run out of disk space or a disk fails. Nowadays you are using ZFS, and instead of having a fancy RAIDZ, because you still don’t need it, you are using a […]
How to find vulnerabilities in your WordPress with WPScan
Vulnerability scanners are useful tools for administrators and security analysts alike. For the casual WordPress user tools like WPScan may look excessive and complicated for their knowledge, they just need their blog, web page, whatever they’re doing up and running. Any complex administration bothers them to the max, and there are good and valid reasons […]
Nmap cheatsheet
Nmap is a discovery tool used in security circles but very useful for network administrators or sysadmins. One can get information about operating systems, open ports, running apps with quite good accuracy. It can even be used in substitution to vulnerability scanners such as Nessus or OpenVAS for not very large environments, or quick audits. […]