Feature name Linux FreeBSD OpenBSD TrustedBSD NetBSD Illumos Native File System Support Ext2/3/4 UFS UFS UFS UFS UFS (read only) XFS ZFS ZFS ZFS JFS Btrfs ZFS Support Yes Yes No Yes No Yes Native ZFS No Yes No Yes No Yes Boot … [Read more...]
Reasonable amount of enabled modules on Apache HTTP
CentOS Ubuntu FreeBSD core_module (static) core_module (static) core_module (static) so_module (static) so_module (static) so_module (static) http_module (static) watchdog_module (static) http_module (static) access_compat_module (shared) http_module (static) mpm_prefork_module (shared) actions_module (shared) log_config_module … [Read more...]
Lynis or how to quickly audit your system’s security configuration
A colleague of mine pointed me out to Lynis, a system’s configuration audit tool which checks the hardening of any running UNIX or UNIX-like system, including the BSDs. This tool has a built in check list and a set of sane and safe configurations and compares them to the target system. As output we find several topics, from system discovery to suggestions for some … [Read more...]
How to harden Apache HTTP
Disclaimer: This is a long article. I haven’t collected some nice configuration settings here for the sake of it. There are other hardening guides but some fall short on explaining the functionalities to be enabled or disabled. Every step is shortly, and hopefully clearly, explained so any reader can grasp the main idea of every setting. Following the recommendations in here … [Read more...]
How to find vulnerabilities in your WordPress with WPScan
Vulnerability scanners are useful tools for administrators and security analysts alike. For the casual Wordpress user tools like WPScan may look excessive and complicated for their knowledge, they just need their blog, web page, whatever they’re doing up and running. Any complex administration bothers them to the max, and there are good and valid reasons for that. This is why … [Read more...]