Wazuh: Open Source SIEM for Your Home Lab
Wazuh gives you SIEM, HIDS, FIM, and threat detection in one stack. Here's how to deploy it in your home lab with Docker and actually use it.
Tag: security
All the articles with the tag "security".
LUKS Full Disk Encryption on Linux
LUKS encrypts your drives so a stolen server is just expensive recycling. Here's how to set it up, manage keys, and unlock headless boxes remotely.
Rootless Docker: Run Without Root
Run Docker containers without root privileges — here's the security difference, the install steps, and the gotchas nobody tells you about.
LinkedIn Is Searching Your Computer
LinkedIn scans every visitor's installed extensions and sends the data to third parties without consent. Here's what they're looking for—and how to stop it.
Linux Privilege Escalation: The Defensive Playbook
Attackers love finding ways to go from www-data to root. Here's how they do it, and more importantly, how you harden your Linux boxes to stop them.
Linux su with custom shell
Updated:
Use su with a specific shell to switch users without the default login shell — useful when /etc/passwd points to something unexpected.
SSH keys and secure file copy
Updated:
Generate SSH keys, set up passwordless auth, configure SSH, and transfer files securely with SCP — the foundation of headless Linux work.
dotenv Files: The Mistakes That Leak Secrets
You committed .env.production once. Your database credentials are in git forever. Here's how to use dotenv without shooting yourself.
Using AI to Find Security Bugs in Your Code
Claude Code found a Linux vulnerability hidden for 23 years. You can use the same AI code auditing approach to find bugs in your own projects before attackers do.
Private Docker Registry with Harbor
Stop letting Docker Hub throttle your CI/CD. Run Harbor for RBAC, Trivy scanning, image replication, and a real UI — on infrastructure you control.
TLS 1.3: Modern Encryption Without the Existential Dread
TLS 1.3 explained without the PhD: faster handshakes, better ciphers, and how to actually configure Nginx and Caddy to use it.
The Zero-Trust Home Lab
Apply zero-trust principles to your home lab — network segmentation, VLANs, identity-aware proxies, and Tailscale as the glue.