The theft of credentials has been occurring since almost the beginning of time. But of course when the web ‘happened’ and specially when e-commerce exploded stealing passwords also went on the rise. Emptying bank accounts, ordering stuff on behalf (and expenses) of others, spying, even impersonation was and is achieved by stealing credentials. Luckily for […]
Web credentials stealing
Lynis or how to quickly audit your system’s security configuration
A colleague of mine pointed me out to Lynis, a system’s configuration audit tool which checks the hardening of any running UNIX or UNIX-like system, including the BSDs. This tool has a built in check list and a set of sane and safe configurations and compares them to the target system. As output we find […]
How to enable SSL on Apache on FreeBSD
On this guide you will read about a simple way to enable Apache’s TLS connections on your web server. Aside from useful it secures the connection from the client to the server and prevents unwanted tinkering. Anyone on the need of SSL (nowadays TLS) will benefit from this article but particularly will do those in […]
WordPress administration over SSL
If you are a WordPress user or prettend to become one and you have some IT administration knowledge this guide is of your interest. Many hostings already provide easy point and click solutions to administer WordPress over SSL. However you may be self hosting WordPress or you’re just a curious person. What is TLS? TLS […]
ARP spoofing attacks
ARP spoofing attacks are quite harming and they can easily constitute a man-in-the-middle (MITM) attack. They consist on the attacker sending ARP packets into the network the victim is located, typically redirecting traffic to the attacker’s machine. Once this is achieved the attacker can sniff all the traffic sent by the victim’s device and obtain […]
How to configure Modsecurity 3 for WordPress on FreeBSD
A few weeks ago I wrote a guide on how to install Modsecurity 3 on Apache HTTP for the FreeBSD operating system. However there’s a catch with that setting and with Modsecurity in general. As good as it is as a WAF you need to at least adjust its configuration to the tool one pretends […]
How to set Apache’s MPM Event and PHP-FPM on FreeBSD
As explained in another article the default Apache’s configuration at compile time sets its multi-processing module (MPM for short) to the pre-fork configuration setting. This is not the best performant configuration for Apache. Out of the box Apache comes compiled in its safest form, from the processing mode perspective since the pre-fork setting will open […]
How to update FreeBSD using beadm
Beadm is a tool which provides a wonderful and distinctive functionality on Solaris, OpenIndiana and FreeBSD. It relies on the ZFS filesystem allowing to take a filesystem snapshot. That can be used to manage the so called boot environments which provide a great way to secure updates, even when everything goes down the tubes. Hence […]
How to mirror disks on FreeBSD’s ZFS
This article is not going to be a long, detailed, specialized how to. I just wanted to share the ease and the fantastic quality of ZFS for a dead simple need I had. A spare box with a spare disk doing nothing could be repurposed as a file share box at home. Mirroring the two […]
Monitoring Systems (One)
Monitoring systems or how to get lost in fierce madness. There are many solutions to monitor systems and most of them have some kind of web interface to operate. Choosing the right tool for any job is a tedious task and for a newbie like me it is a bit harder, specially for a sensitive […]