-
Recent Posts
Recent Comments
- systemd unit hardening followup followup | the world needs more puppet! on systemd unit hardening followup
- systemd unit hardening followup | the world needs more puppet! on systemd unit hardening
- Andreas on Dovecot: Apply sieve filter to existing emails
- Feiko Nanninga on Short Tip: Install shellcheck on an outdated CentOS
- Computerkid/Grayson Penland on Linux Short Tip: systemd-networkd and DNS servers
Archives
- February 2022
- January 2022
- August 2020
- June 2020
- January 2019
- November 2016
- August 2016
- July 2016
- June 2016
- May 2016
- April 2016
- January 2016
- December 2015
- November 2015
- October 2015
- September 2015
- August 2015
- July 2015
- June 2015
- May 2015
- April 2015
- March 2015
- February 2015
- January 2015
- December 2014
- November 2014
- October 2014
- September 2014
- August 2014
- July 2014
- June 2014
- May 2014
- March 2014
- February 2014
- December 2013
- November 2013
- October 2013
- September 2013
- August 2013
- July 2013
- June 2013
- April 2013
- March 2013
- February 2013
- January 2013
- December 2012
- November 2012
- October 2012
- September 2012
- August 2012
- July 2012
- June 2012
- May 2012
- April 2012
- March 2012
- July 2011
Categories
Meta
Category Archives: IT-Security
systemd unit hardening followup followup
I did some more research on systemd hardening and found another blogpost series that I can highly recommend: https://www.ctrl.blog/entry/systemd-service-hardening.html . The first article is quite similar to mine, but the followup articles go a bit more into details. Check them … Continue reading
Posted in General, IT-Security, Linux, Short Tips
Leave a comment
systemd unit hardening followup
at https://blog.bastelfreak.de/2022/01/systemd-unit-hardening/ I blogged about systemd hardening. While doing some research for a followup post I discovered https://docs.arbitrary.ch/security/systemd.html. This covers *a lot* about systemd hardening and general linux optimization. I can highly recommend reading the whole documentation (and it kinda … Continue reading
Posted in General, IT-Security, Linux, Short Tips
1 Comment
Create ssh keys with puppet on a server + pubkey exchange
There are a few solutions to generate ssh keys on a puppet master/server or copy them from hiera to a box. I have got several boxes and every box needs to have ssh access to every other box. I don’t … Continue reading
Posted in General, IT-Security, Linux, Puppet
1 Comment
Let’s Encrypt automation – The awesome way
Free SSL for the mass \o/ Cryptography is important. I like to encrypt as much traffic and data as possible, not only the important stuff. Let’s Encrypt is a new project sponsored by multiple big companies and the Linux Foundation … Continue reading
Posted in 30in30, General, Internet found pieces, IT-Security, Linux
1 Comment
32C3 Review Part 1
I visited the 32C3, the annual Hacker conference organized by the CCC and many many volunteers. Here is the first part of a short list of recommended videos (Day 1 of 4): Part1 – annual must-see talks: The Opening is … Continue reading
Posted in General, Internet found pieces, IT-Security, Linux, Nerd Stuff
Leave a comment
Securing Postfix on a shared Webserver
I’m operating a webserver for shared webspace accounts. I’m not responsible for the stuff hosted on the webspace, but for the server itself. Many people like to host their wordpress or joomla on this server, both scripts are well known … Continue reading
Posted in General, IT-Security, Linux, Short Tips
Leave a comment
Fighting PHP spam
A good friend owns a very old joomla website which has been hacked. It is massively sending spam, how can we investigate this? First of all, reject outgoing mails in your firewall (ferm.conf style): Now we have time to investigate. … Continue reading
Posted in General, IT-Security, Linux, Short Tips
Leave a comment
Why the internet sucks part 2
[Here is part 1] The Internet is split up into three different provider types. The first type are the access provider. They provide you with DSL access via old copper based phone lines or with access to their shared TV-cable. … Continue reading
Posted in 30in30, General, IT-Security
1 Comment
Link collection of the (last) week(s)
Some interesting and important happenings and things I found in the past week (and prior): Differences between shell types + their workflow Puppet 4.3 got released! 2.2.5 New Nmap! after 3.5 years of development Commitmas is comming! (still thinking about … Continue reading
Posted in 30in30, General, Internet found pieces, IT-Security, Linux, Puppet
Leave a comment
Preparing Puppet Workshops
I’m currently planning a puppet workshop for my colleagues to introduce them into the world of puppet and code driven infrastructure. Here is my current agenda: Why do I want configuration mangement, why do I want puppet? puppet (Configuration Management) … Continue reading
Posted in 30in30, General, Internet found pieces, IT-Security, Linux, Puppet
1 Comment