Tag: security

All the articles with the tag "security".

Your Server Doesn't Know What Random Means (And That's a Problem)

19 Nov, 2025

Linux entropy explained: /dev/random vs /dev/urandom, entropy pools, haveged, virtio-rng, and hardware RNG. Fix low entropy on VMs and containers for safe crypto key generation.

Caddy Advanced: Automatic HTTPS, Plugins, and Config That Doesn't Make You Cry

7 Nov, 2025

Advanced Caddy server configuration: wildcard certs, Caddyfile matchers, Docker label integration, rate limiting, forward auth with Authelia, and the JSON API.

Auditd & Audit Logging: Know Exactly Who Touched What on Your Server

7 Nov, 2025

Master auditd for Linux audit logging: watch critical files, audit syscalls, use aureport and ausearch, and ship logs to Loki or Elasticsearch for compliance and security monitoring.

HashiCorp Vault: Stop Hardcoding Secrets Like It's 2012

1 Nov, 2025

HashiCorp Vault tutorial: Docker Compose setup, KV v2 secrets, AppRole auth, dynamic database credentials, PKI engine for internal certs, and auto-unseal with cloud KMS.

VPN Kill Switch and DNS Leak Prevention: Paranoia, Justified

25 Oct, 2025

Set up a WireGuard VPN kill switch and prevent DNS leaks on Linux. Practical iptables rules, resolv.conf locking, and systemd-resolved config.

Suricata vs Snort: Intrusion Detection for the Paranoid Home Lab Owner

24 Oct, 2025

Suricata vs Snort for home lab IDS/IPS: compare performance, rules, and setup. Includes Suricata installation, suricata.yaml config, EVE JSON logging, and OPNsense integration.

nmap for Your Own Network: What You Should Be Scanning

2 Oct, 2025

nmap isn't just for pen testers. Learn what's actually worth scanning on your home network and what those open ports really mean.

Vaultwarden Organization Sharing: Password Management for Your Whole Household (or Team)

30 Sep, 2025

Vaultwarden organizations let you share passwords with family or team members securely. Collections, permissions, CLI usage, and backup — all explained.

Linux Capabilities: Drop Root Without Breaking Everything

24 Sep, 2025

Learn Linux capabilities to drop root privileges without breaking your apps. Master cap_drop, cap_add in Docker, and setcap for fine-grained privilege control.

Docker Security Hardening: 15 Things You're Doing Wrong Right Now

22 Sep, 2025

Stop running Docker containers like it's the Wild West. Learn 15 critical Docker security mistakes and practical fixes to harden your containers today.

UFW Advanced: Rate Limiting, Logging, and Rules That Actually Make Sense

13 Sep, 2025

Go beyond ufw allow/deny: rate limiting with ufw limit, logging levels, before.rules for iptables, IPv6 handling, Docker bypass fixes, and fail2ban integration.

Open Source Security: Scanning Your Dependencies Before They Scan You

25 Aug, 2025

Supply chain attacks are real. Use syft, grype, trivy, and osv-scanner to generate SBOMs, scan containers, and find vulnerable dependencies before they find you.