Or better said, how to install Apache the hard way. As mentioned before and many other times FreeBSD has two ways to install software. The easy one which is provided by the pkgng tool. And the not so easy one, ports. With ports you compile the programs and you can set the options the way […]
How to install Apache in FreeBSD with ports
How to patch OpenSSH in FreeBSD 12.2
The default version of OpenSSH in FreeBSD 12.2 today, and it’s been this for quite some time, is not the most recent published by the OpenBSD guys, which by the way are the ones developing OpenSSH. Not only is not the latest but it has a few vulnerabilities affecting it, medium risk ones but nevertheless […]
Abandon Linux. How to install iocage to manage FreeBSD Jails
The iocage program is a python 3 piece created to manage FreeBSD Jails leveraging the underpinning ZFS file system on FreeBSD. As already explained on previous articles the FreeBSD operating system offers an OS-level virtualization system called Jails. And as described on past articles it can benefit administrators and developers alike. This is a simple […]
How to configure the IPFW firewall on FreeBSD
Among the three possible firewalls on FreeBSD (choice is always nice) IPFW is the in-house built one. There is a default, easy way, configuration path but if one needs to build a box to act as a dedicated network appliance with packet filtering capacity fine tunning the IPFW firewall configuration is more than desirable. Before […]
How to install the Clamav antivirus in FreeBSD
Clamav is an antivirus. But don’t think of Clamav as the antivirus you have sitting in your personal computer at home or in your office. It’s an antivirus that works under user demand. It is not constantly monitoring the system. So you will have to setup some cronjobs in order to check and monitor the […]
How to securely install WordPress on FreeBSD
If you have already read my guide on how to install WordPress on FreeBSD you will have been a bit disappointed since at the end there is a deceptive paragraph that reads as follows: Now be aware you will set a user name and password for your wordpress install. They will be sent in plain […]
How to configure Modsecurity 3 for WordPress on FreeBSD
A few weeks ago I wrote a guide on how to install Modsecurity 3 on Apache HTTP for the FreeBSD operating system. However there’s a catch with that setting and with Modsecurity in general. As good as it is as a WAF you need to at least adjust its configuration to the tool one pretends […]
Nessus vulnerability scanner
Nessus is a very well known vulnerability scanner used by many large and small companies to assess their systems and correct the issues found in them. Cybersecurity teams and specially auditors, make heavy use of tools like this in order to follow up the state of infrastructure and environments. Having a tool like this saves […]
ARP spoofing attacks
ARP spoofing attacks are quite harming and they can easily constitute a man-in-the-middle (MITM) attack. They consist on the attacker sending ARP packets into the network the victim is located, typically redirecting traffic to the attacker’s machine. Once this is achieved the attacker can sniff all the traffic sent by the victim’s device and obtain […]
List of Speculative Execution Vulnerabilities
Vulnerability CVE Exploit name Public vulnerability name Firmware changes Spectre 2017-5753 Variant 1 Bounds Check Bypass (BCB) No Spectre 2017-5715 Variant 2 Branch Target Injection (BTI) Yes Meltdown 2017-5754 Variant 3 Rogue Data Cache Load (RDCL) No Spectre-NG 2018-3640 Variant 3a Rogue System Register Read (RSRE) Yes Spectre-NG 2018-3639 Variant 4 Speculative Store Bypass (SSB) […]