Disclaimer: This is a long article. I haven’t collected some nice configuration settings here for the sake of it. There are other hardening guides but some fall short on explaining the functionalities to be enabled or disabled. Every step is shortly, and hopefully clearly, explained so any reader can grasp the main idea of every […]
How to harden Apache HTTP
How to install the ELK stack on CentOS 8
The ELK stack stands for Elasticsearch, Logstash and Kibana. These three pieces of software are very useful since each brings a powerful capability that in combination is just great to use. Elasticsearch is a search and analytics engine. Logstash can process data from multiple sources. Kibana allows to visualize data in a graphic manner. These […]
How to install Drupal 8 on FreeBSD
NOTE: Drupal 8 will be soon oudated. A newer article to be released on October 24th on how to install Drupal 9 on FreeBSD can be found here. This is a quick, simple yet effective tutorial on how to install Drupal 8 on FreeBSD. Drupal is a robust, complete well stablished CMS used on many […]
Nmap cheatsheet
Nmap is a discovery tool used in security circles but very useful for network administrators or sysadmins. One can get information about operating systems, open ports, running apps with quite good accuracy. It can even be used in substitution to vulnerability scanners such as Nessus or OpenVAS for not very large environments, or quick audits. […]
How to upgrade FreeBSD from version 11.2 up to 12.0
Although the upgrade process is very well described on the FreeBSD handbook you may be looking for a more detailed hands on how to upgrade FreeBSD from version 11.2 up to 12.0 article. We’re going work here on this process, step by step detailing not only how to upgrade but to do it safely. First […]
How to patch Spectre and Meltdown the ROM way
In a previous article I briefly, sort of, talked about the Spectre and Meltdown vulnerabilities. I have also written two guides to patch them from the OS side using a UNIX flavour from the BSD camp and a GNU/Linux distribution. Both actions resulted successful but there is a third way to patch this vulnerabilities. Regular […]
How to work with Nessus scan results
Working with Nessus scan results is easy. How do I know that? Because I’ve worked with this tool for some time and although I do not know every corner of the things I’ve been doing some scans and solving quite a few deffects on systems that were labeled as ‘production ready’ when they clearly weren’t. […]
Linux VS open source UNIX
Linux is the mainstream UNIX-like platform of choice in the modern world. There are valid open source code base alternatives from which many businesses have benefited from. This is a different approach on both.
Lynis or how to quickly audit your system’s security configuration
A colleague of mine pointed me out to Lynis, a system’s configuration audit tool which checks the hardening of any running UNIX or UNIX-like system, including the BSDs. This tool has a built in check list and a set of sane and safe configurations and compares them to the target system. As output we find […]
How to mitigate Spectre and Meltdown on a Lenovo T430s laptop with Ubuntu
As recently announced in a previous article I wanted to write a couple of guides on how to mitigate Spectre and Meltdown vulnerabilities in GNU/Linux and UNIX environments. It is always a good and I hope a standard practice to have your systems patched and if they aren’t for whatever the reason (that legacy thing […]