Pages tagged with 'Security'

January 2022 Closeup.

On Mondays, I update servers

2023-12-04
5 minutes

Software updates are a critical part of using any kind of electronic device nowadays, particularly if it's internet connected, and even more so if it has any security functionality. If you have any kind of computer online, whether it be a phone, laptop or a server, you should really be…

Balloon

My First CVE

2023-04-03
2 minutes

Today is a special day for me, professionally anyway. It's a day I get to tick a fun item off my bucket list, that I didn't think I'd get the chance to. Today, a CVE was released where I am the discoverer: CVE-2023-28837. I have my first CVE!What is a…

None

USB off-site backup

Today is world backup day, a day to highlight the importance of backups, protecting data, and keeping systems secure (at least that's what Wikipedia says). I'm taking this day as a chance to review my backup strategy, and make sure I'm happy with the coverage I'm getting. I mentioned a…

Cyber security image

You're doing two-factor authentication wrong

2023-03-10
10 minutes

It was recently announced that Twitter was going to begin hiding two-factor authentication (2FA) behind a paywall, or at least that's what a lot of people saw. In reality, Twitter is only allowing subscribers to their new (ish) "Twitter Blue" subscription tier to use SMS-based 2FA. Everyone else will need…

2023

State of the Apps 2023

It's that time of year again, time to steal some of Cortex's search rankings to talk about my own "State of the Apps" - the applications and setups I use to make my life what it is. Since my last post, and in fact in just the last few weeks,…

Educating internet explorer users

2022-04-15
3 minutes

Internet Explorer was, in its prime, the most popular internet browser in the world. Originally released alongside Windows 95, its headline feature seemed to be that it was maintained by Microsoft and was automatically installed. It wasn’t until Internet Explorer 2.0 in November 1995 that feature we’re used to, like…

None

Storing Ansible Vault password in Bitwarden

2021-12-20
5 minutes

I’ve used Ansible for a number of years for the provisioning of both my servers and desktops. It’s versatile, it’s simple, it’s powerful, and has a number of great features. Personally, I make all of my “playbooks” public for all for all to see, but provisioning still requires some secrets.

None

Securing public servers

2021-02-11
10 minutes

At some point, servers need to be put on the public internet. Whether that be a VPS in the cloud, or your new homelab. Once a server is on the internet, it’s subject to anything and everything the internet has to offer, from botnets to hackers and script kiddies. It’s…

None

Unsafe routes with Nebula

2021-02-02
3 minutes

Nebula is a great mesh network I recently deployed into my stack. For connecting nodes spread between networks, it’s great, much better than my previous WireGuard installation. An additional feature of nebula is unsafe_routes. Unsafe routes allow nodes which don’t have Nebula installed to be accessible to other Nebula nodes.

Sublime purple night sky

Nebula mesh network - an introduction

2021-01-08
9 minutes

WireGuard has been the “hot new thing” when it comes to VPNs, but it’s not always the best suited for every workload. Nebula is a mesh network originally created by Slack, but now owned by a separate company.TechSNAP 419 - Nebulous NetworkingLinux Unplugged 329 - Flat Network TruthersWhat’s a mesh…

None

Wiping Hard Drives

2020-11-21
3 minutes

People say there’s no 100% reliable way to wipe a storage drive, and they’re right. By the nature of how mechanical drives work, there’s no real way to say for sure whether the data is ever really gone. With drives, the only way to be sure the content is gone…

None

LAN-only applications with TLS

2020-10-19
4 minutes

The internet is a wild place, filled with well, everything. There are many ways of exposing an application to the internet, but no matter how secure an application claims to be, or how confident you are with your infrastructure, sometimes you may just be more comfortable keeping it internal. Historically,…

Container processes shouldn't run as root!

Docker containers, and containers as a whole, are really just a regular program wrapped in some extra protections provided by the kernel (namely cgroups etc) to create isolation, and other interesting features. Unlike VMs, containers run closer to the host operating system, so close they use the same kernel, meaning…

None

How to store passwords

2020-05-28
6 minutes

Storing passwords is a pretty simple problem in software development, right? Wrong! Storing passwords correctly is pretty complicated. With that said, it’s very simple to just lean on work someone else has done, and the libraries available for your language of choice. In reality, you should never do it yourself.

Network Switch used by TensorDock. If you will be using this image, it would be greatly appreciated if you could link back to this image or include a snippet of text that links to our company's website.

Exposing your Homelab

2020-04-29
6 minutes

In the current lockdown situation, a lot of people are starting to eye up that old desktop machine, or Raspberry Pi they bought for a project and just left on a shelf, and thinking of putting it to use, as a server! Naturally, once you’ve got something set up in…

WireGuard HAProxy Gateway

2020-03-21
4 minutes

Last year, I wrote a post on setting up a gateway to a private network, powered by OpenVPN-AS. I ran this network setup for quite a while with a lot of success, exposing services on my home network to the public internet, securely. Unfortunately, there were a couple issues with…

Why WireGuard

2020-03-06
3 minutes

What is WireGuard? The website defines it as “… extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography.”. Which basically means it’s a VPN, but sane. The point of a VPN is to allow two machines to talk to eachother, no matter how the network inbetween is set…

nologin vs false

2020-03-05
2 minutes

When disabling a user account on a Linux box, it is good practice to also change the shell to something which, well, isn’t a shell. The point of these shells is rather than presenting the user with a prompt to execute further commands, it returns a failure code, and log…

CVE-2019-19844

2019-12-18
7 minutes

Yesterday, an email was sent to django-announce, informing of an upcoming security update, labelled “high” severity. Previous notifications like this have been one week before the actual disclosure; This email, just 12 hours. The updates were scheduled to be released 12:00 UTC the next day (today). Already, not the best…

Getting started with WireGuard

2019-09-15
3 minutes

WireGuard is taking the VPN world by storm, coming very close to the current champion OpenVPN in simple, small-scale deployments. It’s just unfortunate few people know about it, and quite how incredible it is!What is WireGuard?WireGuard® is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography. It…

None

Creating a fast, secure WordPress site

2018-10-08
4 minutes

In terms of security, WordPress, and PHP in general for that matter, have become a bit of a joke. If you want a site to be secure, people tend to steer clear of WordPress and PHP. That being said, nothing stands even close to WordPress in plugin support, community size,…

VPN Gateway - Opening ports the safe way

2018-06-21
4 minutes

VPNs are a way of accessing application which sit on a separate network using an encrypted tunnel. Contrary to popular belief, they are not designed to anonymize your internet habits. Whilst VPNs are designed to enable a client to access the servers network, it’s possible to use them to provide…

KeePassXC 2.3 Migration Guide

2018-03-03
4 minutes

I’ve been using KeePassXC since not long after it’s initial split from KeePassX in late 2016. I’ve bounced around many password managers, but KeePassXC looked to fill all the boxes:It’s actively maintained, unfortunately unlike KeePassXIt’s open source, and easy to contribute to, as I haveIt’s got all the features I…

Opening Port 22

2018-01-23
2 minutes

My university has a development sever, which it uses to host our coursework without the need to set up a development environment locally. It also enables lecturers to mark our work in a controlled environment, without needing to spin up an environment, and run untrusted code on their machines, a…

Haha, thats me! Had this image in my mind after seeing a advanced selfie video on youtube. Turned out great althought i wish the monitor in front of me was a bit more brighter so that you could understand that it is an monitor without me having to describe it. But, it was too dark to pull out the shadows from that area.

Cyber Security Month 2016

2016-10-01
2 minutes

As it is Cyber Security Month, now is the perfect time to work on improving the security on my websites, projects, and servers. But, upgrading them for now isn’t good enough for me, I wanted to add a way of scanning projects automatically, to check for any new issues. As…

ProtonMail - Can it replace your email provider?

2016-06-28
2 minutes

Throughout my life, I’ve had numerous email providers, starting with Hotmail almost 10 years ago. Recently, I’ve been focusing more on ways I can secure my emails. No, I may not have anything to hide, but that doesn’t matter! Originally I thought the best way to keep things secure, and…