Fail2ban is a complementary tool to your firewall. It works by scanning log files and bans IPs which present suspicious activity such as failed logins. It is compatible with many UNIX-like systems and is a security tool to have in your arsenal. It can filter not only ssh logins, but other services too, for example […]
How to install Fail2ban on FreeBSD
A brief introduction to SSL/TLS certificates
SSL stands for Secure Sockets Layer and it an old implementation of a crytographic protocol. TLS, or Transport Layer Security, is a new one. They are both used to have privacy in the communications between different parties. They are used to secure email, web browsing, instant messaging, etc These protocols work in a complex way […]
What is GNU/Linux?
To answer this question one must split it. Plus make other questions like: «What is a, so called, Linux distro?». It seems complex and it is in a way. But let´s explain GNU/Linux in simple terms. GNU stands for GNU is Not UNIX. So it´s clear is not UNIX but it´s related to it in […]
How to install OSSEC agents on Windows
On a recent post I published about how to install an OSSEC server on Ubuntu I explained how this solution can help secure an infrastructure by deploying agents which report back to a central server. This is the second part of this server-client story. On this guide you will read about setting up agents and […]
How to enable log rotation on FreeBSD
This is a very short simple entry but it may help you. As many others you may be running a web server, or any other service that creates some logging information. Enable log rotation on FreeBSD will keep those log files in a manageable size (at least more readable) and they won’t grow and expand […]
Nessus vulnerability scanner
Nessus is a very well known vulnerability scanner used by many large and small companies to assess their systems and correct the issues found in them. Cybersecurity teams and specially auditors, make heavy use of tools like this in order to follow up the state of infrastructure and environments. Having a tool like this saves […]
How to install the Clamav antivirus on CentOS 8
Clamav is a free antivirus nowadays owned by Cisco and developed under the umbrella of the Talos-Intelligence group. Don’t be fooled by the word free, this is serious business. It supports a wide variety of operating systems from Windows to Linux-based ones as well as FreeBSD. Many companies are using other types of antivirus software […]
How to configure a Virtual Host in Apache
You may have just one website and that is ok. If that is your case you can avoid this entire chapter. But some of you may also have several websites. And quite probably you want to use one single public ip to resolve all the domains you have. The Apache documentation is the main resource […]
A word on Spectre and Meltdown
As professionals and many aficionados know, early this year some widespread vulnerabilities were found on Intel CPU’s as well as on AMD’s. It was a bit later discovered the flaws also affected some RISC architectures such as Power and ARM. Everybody went nuts and the world seemed to be tumbling because of two CPU vulnerabilities […]
ARP spoofing attacks
ARP spoofing attacks are quite harming and they can easily constitute a man-in-the-middle (MITM) attack. They consist on the attacker sending ARP packets into the network the victim is located, typically redirecting traffic to the attacker’s machine. Once this is achieved the attacker can sniff all the traffic sent by the victim’s device and obtain […]