Suricata is a free, open source, Intrusion Detection System software, or IDS for short. But it can also act as an Intrusion Prevention System, or IPS. It works by finding patterns using heuristics typically from network traffic. When configured to just warn about suspicious activity it is called an IDS, however when it blocks the […]
How to install Suricata on FreeBSD
How to install the ELK stack on CentOS 8
The ELK stack stands for Elasticsearch, Logstash and Kibana. These three pieces of software are very useful since each brings a powerful capability that in combination is just great to use. Elasticsearch is a search and analytics engine. Logstash can process data from multiple sources. Kibana allows to visualize data in a graphic manner. These […]
Abandon Linux. Move to FreeBSD or Illumos.
If you use GNU/Linux and you are only on opensource, you may be doing it wrong. Here’s why. Is your company based on opensource based software only? Do you have a bunch of developers hitting some kind of server you have installed for them to “do their thing”? Being it for economical reasons (remember to […]
How to install Matomo 4 on FreeBSD
Why would anyone need to install Matomo 4 on FreeBSD? Because you’re the admin of a website, or a few of them, and you want/need to count the visitors, how long do the stay looking at the content and some other fancy stuff. This is what Matomo does. But it also does this without you […]
How to synchronize system and network time in FreeBSD
For several applications it is necessary to synchronize your server to the network time. The protocol is called Network Time Protocol (NTP) and is basically giving the correct time to the world nowadays. Reading the Wikipedia entry is very interesting. FreeBSD comes with the ntp client. To set this up you will just add the […]
How to configure the IPFW firewall on FreeBSD
Among the three possible firewalls on FreeBSD (choice is always nice) IPFW is the in-house built one. There is a default, easy way, configuration path but if one needs to build a box to act as a dedicated network appliance with packet filtering capacity fine tunning the IPFW firewall configuration is more than desirable. Before […]
SSH keys
SSH or how to remotely control a UNIX system in a secure manner. The SSH keys is a secure method to interact with a UNIX system remotely. They are also used to transfer data between different systems. Using clever cryptography anyone can use them. As their name state it is a pair of keys, one […]
How to mitigate Spectre and Meltdown on a Lenovo T430s with FreeBSD
As recently announced in a previous article I wanted to write a couple of guides on how to mitigate Spectre and Meltdown vulnerabilities in GNU/Linux and UNIX environments. It is always a good and I hope a standard practice to have your systems patched and if they aren’t for whatever the reason (that legacy thing […]
How to install OSSEC server on Ubuntu
OSSEC is a host-based intrusion detection system (HIDS). It is specially well known for monitoring files that shouldn’t change on a system (such as critical system files, or binaries, etc) and warning administrators (or anyone you’d like) about those issues. But it does more such as rootkit detection and log analysis with a dedicated engine. […]
A word on Spectre and Meltdown
As professionals and many aficionados know, early this year some widespread vulnerabilities were found on Intel CPU’s as well as on AMD’s. It was a bit later discovered the flaws also affected some RISC architectures such as Power and ARM. Everybody went nuts and the world seemed to be tumbling because of two CPU vulnerabilities […]