Clear systemd journal logs

Journald is a system service for collecting and storing log data, introduced with systemd. It tries to make it easier for system administrators to find interesting and relevant information among an ever-increasing amount of log messages. One of the main differences in journald was to replace simple plain text log files with a special file …

Clear systemd journal logs Read More »

OpenSSL Ciphers

Yet another article about why my cipher string is better than yours (updated: Mar 09, 2019) There are several very good articles about hardening OpenSSL ciphers. Over the years I’ve combined lessons learned from others, my own research of standards and best practices, and my own real-life experiences to come up with the OpenSSL cipher …

OpenSSL Ciphers Read More »

Am I Hacked?

Just like driving a car, sooner or later you may have an accident no matter how secure you are. Below are clues to help figure out if you have been hacked and, if so, what to do. The sooner you identify something bad has happened, the more likely you can fix the problem. Clues You …

Am I Hacked? Read More »

Boiler Room’s IP Blocklist

For the Boiler Room’s IP Blocklist I have aggregated several blocklists together into a single list to protect from emerging threats, malware & ransomware command-and-controls systems, cyber-criminals, spammers from hell, and noisy research scanners. The list is updated every hour and I also provide Threat Indicator (IOC) files for the Check Point Firewall.

Webmin System Administration Console (Ubuntu)

Webmin is a web-based interface for system administration for Linux using any modern web browser. NOTE: Do no install Webmin if you are planning to install Virtualmin. The Webmin features are already included in Virtualmin.

Virtualmin LAMP Server (Ubuntu)

Building on the basic Ubuntu Cloud Server (with Emerging Threats Protection) we will create an all-in-one internet hosting server using the Virtualmin web hosting control panel.

Emerging Threats and Geo-Protection (Ubuntu)

This will configure the IPtables firewall with an IP blocklist for specific countries and an IP blocklist for IPs and IP netblocks that are known threats. This uses the IP Sets utility for faster table updates to the blocklist and faster matching in the firewall.

Ubuntu Linux Cloud Install

After deploying a new Ubuntu Linux server on Digital Ocean or Linode, there are a few customization steps I take to improve usability and security of the server.

VPN Keys – There Is An Easier Way

As a security engineer that manages multiple firewalls, I often negotiate the setup of VPNs with other organizations. It is a challenge, at times, to negotiate keying intervals and secure cipher settings between not so compatible firewall/VPN vendors; but the most difficult challenge has to do with the people factor: the Pre-Shared Key (PSK), also …

VPN Keys – There Is An Easier Way Read More »

Scroll to Top