Tag: security

All the articles with the tag "security".

SSH Agent Forwarding: How It Works

26 Apr, 2025

Understand SSH agent forwarding security risks. When it's safe (almost never), and better alternatives like ProxyJump for jump hosts.

28 Mar, 2025

ENV bakes secrets into layers visible in docker history. Use BuildKit --secret, runtime vars, or .env files.

7 Mar, 2025

Understand Linux umask: what it is, how 022 and 027 work, calculating file permissions, and why it matters for shared directories and security.

19 Feb, 2025

Running as root in containers is a security foot-gun. Learn the USER instruction and numeric UID/GID pattern.

16 Jul, 2024

AV vs EDR — traditional antivirus signatures vs behavioral endpoint detection. What each catches, what it misses, and what you actually need.

10 Jul, 2024

Certificate pinning locks your app to a specific TLS cert so MITM attackers can't swap in a rogue CA — how it works and when to use it.

2 Jul, 2024

regreSSHion (CVE-2024-6387) is a remote code execution bug in OpenSSH — what it is, which versions are affected, and how to patch fast.

13 Jun, 2024

Cloudflare Tunnels expose local services to the internet without open ports — secure setup with zero-trust access controls.

10 Jun, 2024

Go beyond basic UFW rules — rate limiting, geo-blocking, application profiles, logging, and before.rules tricks for serious firewall hardening.

10 Jun, 2024

UFW makes iptables manageable — allow and deny rules, app profiles, default policies, and the 5-minute setup for any new Linux server.

3 Jun, 2024

SSH tunnels forward ports over encrypted connections — local forwarding, remote forwarding, and dynamic SOCKS proxy explained.

30 May, 2024

Create, modify, and delete users and groups on Linux — useradd, usermod, groupadd, sudo access, and /etc/passwd explained.