While CentOS 7 will reach its EOL in 2024-06-30 users will be required to migrate to CentOS Stream 8 at least. While there is no official option to upgrade to CentOS 9 Stream we will cover today only upgrading from CentOS 7 to CentOS 8 Stream. In this tutorial I Read more…
In previous post I’ve discusses how to setup 2FA using Yubikey with any Ubuntu box gnome login. This time we will discuss about how to lock screen when Yubikey will be removed. This is a mandatory security requirement while using Yubikey to complete secure your box. First of all we Read more…
With YubiKey you can protects access to computers, networks, and online services. YubiKey 5 Series eliminates account takeovers by providing strong phishing defense using multi-protocol capabilities that can secure legacy and modern systems. It provides a range of authentication choices including strong two-factor, multi-factor and passwordless authentication, and seamless touch-to-sign. Read more…
In most cases we can use official Docker images hosted on the public Hub but in some cases there are needed to build custom images. We can add some additional packages to the OS or add everything that is needed with recurence. To build custom images we will use a Read more…
Today we will learn to configure out Proxmox hypervisor on a rented server in Hetzner datacenter. Proxmox need a special setup for public IPs because they filter traffic based on MAC address of physical host and a standard bridge is not enough. Also today we will configure a second linux Read more…
In this post I will describe steps to replace a failed mirror disk in a software RAID array. As an example we will use /dev/sda1 as good partition, and /dev/sdb1 as failing partition. Before starting it is recommended to backup the original disk. Before removing raid disk, please run the Read more…
Configure Strong Ciphers Configure mailbox settings Open file /opt/zimbra/conf/localconfig.xml and find the line mailboxd_java_options and set it like the following one. Configure DH parameters Set additional HTTP headers Validate settings using SSL Labs on url https://www.ssllabs.com/ssltest/analyze.html Looking to secure your email infrastructure and prevent attacks?→ Explore our Emailing Solutions
Kubernetes is a portable, extensible, open-source platform for managing containerized workloads and services, that facilitates both declarative configuration and automation. It has a large, rapidly growing ecosystem. Kubernetes services, support, and tools are widely available. K8s is a nice to have for developers, security researchers but not limited to because Read more…
OpenWrt Project is a Linux OS targeting many embedded devices. Instead of trying to create a single firmware it provides a fully writable filesystem with package management. This is free starting from the application selection and configuration provided by the vendor and allows you to customize your device through the Read more…
Setting up VLANs over LAGG interfaces in pfSense can increase bandwidth and redundancy while keeping your network segmented and secure. In this tutorial, you’ll learn how to configure everything properly and avoid common pitfalls. pfSense project is a free network firewall distribution based on FreeBSD with a custom kernel and Read more…