In a previous article I briefly, sort of, talked about the Spectre and Meltdown vulnerabilities. I have also written two guides to patch them from the OS side using a UNIX flavour from the BSD camp and a GNU/Linux distribution. Both actions resulted successful but there is a third way to patch this vulnerabilities. Regular […]
How to patch Spectre and Meltdown the ROM way
What is UNIX?
UNIX is an operating system. And your known equivalent is Windows or the Mac. You may even know about Linux. The purpose of an OS is to accommodate programs in order to get some work done. Editing pictures, browsing the web or serving data from a database. It is the thing that lets you operate […]
How to use Fail2ban with WordPress
In a previous article we did an install of Fail2ban on a FreeBSD server. This tool can help us to protect our WordPress install, independatly from if we are using the FAMP stack or the LAMP stack. As I mentioned on that article Fail2ban is a complementary tool to our firewall. It works by scanning […]
How to secure the ELK stack on CentOS 8
This is a follow up of the ‘how to install the ELK stack on CentOS 8’. That is a basic setup with no security at all. There is no encryption, no username and password setup, nothing. Not even firewall rules to filter ports. And as it’s known security can’t only rely on one factor but […]
How to install OSSEC server on Ubuntu
OSSEC is a host-based intrusion detection system (HIDS). It is specially well known for monitoring files that shouldn’t change on a system (such as critical system files, or binaries, etc) and warning administrators (or anyone you’d like) about those issues. But it does more such as rootkit detection and log analysis with a dedicated engine. […]
How to install Nextcloud on FreeBSD 12
Nextcloud. Have you heard of it? That’s quite probable if you’re here. But, what is it, what is it? Some say it is a Google Apps replacement, some say it’s just a place to store your documents, some others just rely on it to share documents across the company and edit them just in time […]
List of Speculative Execution Vulnerabilities
Vulnerability CVE Exploit name Public vulnerability name Firmware changes Spectre 2017-5753 Variant 1 Bounds Check Bypass (BCB) No Spectre 2017-5715 Variant 2 Branch Target Injection (BTI) Yes Meltdown 2017-5754 Variant 3 Rogue Data Cache Load (RDCL) No Spectre-NG 2018-3640 Variant 3a Rogue System Register Read (RSRE) Yes Spectre-NG 2018-3639 Variant 4 Speculative Store Bypass (SSB) […]
How to install the Clamav antivirus in FreeBSD
Clamav is an antivirus. But don’t think of Clamav as the antivirus you have sitting in your personal computer at home or in your office. It’s an antivirus that works under user demand. It is not constantly monitoring the system. So you will have to setup some cronjobs in order to check and monitor the […]
How to install Drupal 8 on FreeBSD
NOTE: Drupal 8 will be soon oudated. A newer article to be released on October 24th on how to install Drupal 9 on FreeBSD can be found here. This is a quick, simple yet effective tutorial on how to install Drupal 8 on FreeBSD. Drupal is a robust, complete well stablished CMS used on many […]
How to enable TLS traffic from the origin server on Cloudflare Argo Tunnel
As it can be read in the last post, setting up a Cloudflare Argo Tunnel to serve web content from home or corporate network without poking holes to it, is quite easy to achieve. In this article I’ll show you how to enable TLS traffic from the origin server on Cloudflare Argo Tunnel. Obviously, you […]