OpenSSL Ciphers

Yet another article about why my cipher string is better than yours (updated: Mar 09, 2019) There are several very good articles about hardening OpenSSL ciphers. Over the years I’ve combined lessons learned from others, my own research of standards and best practices, and my own real-life experiences to come up with the OpenSSL cipher …

OpenSSL Ciphers Read More »

Am I Hacked?

Just like driving a car, sooner or later you may have an accident no matter how secure you are. Below are clues to help figure out if you have been hacked and, if so, what to do. The sooner you identify something bad has happened, the more likely you can fix the problem. Clues You …

Am I Hacked? Read More »

Boiler Room’s IP Blocklist

For the Boiler Room’s IP Blocklist I have aggregated several blocklists together into a single list to protect from emerging threats, malware & ransomware command-and-controls systems, cyber-criminals, spammers from hell, and noisy research scanners. The list is updated every hour and I also provide Threat Indicator (IOC) files for the Check Point Firewall.

Webmin System Administration Console (Ubuntu)

Webmin is a web-based interface for system administration for Linux using any modern web browser. NOTE: Do no install Webmin if you are planning to install Virtualmin. The Webmin features are already included in Virtualmin.

Virtualmin LAMP Server (Ubuntu)

Building on the basic Ubuntu Cloud Server (with Emerging Threats Protection) we will create an all-in-one internet hosting server using the Virtualmin web hosting control panel.

Emerging Threats and Geo-Protection (Ubuntu)

This will configure the IPtables firewall with an IP blocklist for specific countries and an IP blocklist for IPs and IP netblocks that are known threats. This uses the IP Sets utility for faster table updates to the blocklist and faster matching in the firewall.

Ubuntu Linux Cloud Install

After deploying a new Ubuntu Linux server on Digital Ocean or Linode, there are a few customization steps I take to improve usability and security of the server.

VPN Keys – There Is An Easier Way

As a security engineer that manages multiple firewalls, I often negotiate the setup of VPNs with other organizations. It is a challenge, at times, to negotiate keying intervals and secure cipher settings between not so compatible firewall/VPN vendors; but the most difficult challenge has to do with the people factor: the Pre-Shared Key (PSK), also …

VPN Keys – There Is An Easier Way Read More »

Fighting Grime On Your PC – Part 1

Keeping your Windows PC running at its best can be accomplished in three simple steps once a month: Keep Windows and all your software updated Clean the system of unused files and settings Scan for malware that may have slipped by your antivirus. This article will focus on step 2, using a program called CCleaner. Piriform’s CCleaner …

Fighting Grime On Your PC – Part 1 Read More »

Scroll to Top