Sysadmin

Filter USB devices with udev (and some PHP code)

USB devices can be a liability : they can be used to exfiltrate data from a computer or server, to plug a hardware keylogger, or to plant a malware. Hence on a managed computer, USB devices should be filtered and whitelisted. In this blog post we show how this can be achieved thanks to udev, and some PHP code.

Read
Install and use different versions of PHP

When working on different projects, you may have to switch between different versions of PHP. In this blog post we show how to install and use different versions PHP on Ubuntu.

Read
ssh-agent and ssh-add

You probably use ssh on a regular basis. It's easy and powerful. But once in a while you might be confronted to ssh utility tools like ssh-agent and ssh-add. What are these, and what are they used for?

Read
Getting started with Ansible

Ansible is an extremely powerful configuration management system. Ansible is able to perform a wide range of tasks on a large and heterogeneous ensemble of devices. Indeed, it relies on a system of modules (plugins) that allow to perform different tasks like software provisioning, system and application configuration management, application-deployment etc. Moreover, Ansible modules exist to manage a wide variety of devices like Linux and Windows computers, but also network equipment like switches and routers, kubernetes clusters and other cloud services like AWS, GCE and Azure. For this reasons, Ansible is sometimes coined as an infrastructure automation engine.

Read
A light NAT router and DHCP server with Alpine Linux

Alpine Linux is a very light Linux distribution, that can run with less than 100MB of harddisk space. Here is how to configure Alpine Linux to run as a NAT router and DHCP server.

Read
DNS over HTTPS and DNS over TLS with dnsdist

DNS is a real corner stone of privacy and security on the Internet! From the security point of view, DNS is used by your machine to link a domain name to an IP address. DNS is also used to find the email server of a recipient (using MX records). On a desktop computer, DNS is used by email clients to perform auto-configuration. Over the Internet, DNS records are used to prevent BGP hijacking (using RPKI). The list is long! From the privacy point of view, the DNS queries sent by your computer offer a clear view of the services you use.

Read
Network monitoring : log DNS queries with bind

Recording the DNS queries perform by devices on your network is a simple and efficient way of monitoring your network. In this blog post we show how to configure the bind DNS server to log these...

Read
Configure rolling backups with rsnapshot

In this blog post we show how to use rsnapshot to configure nice and easy rolling backups.

Read
Record and share your terminal sessions with asciinema

If you want to share a terminal session, you can record a video of your terminal window, and share it on something like YouTube or vimeo. Or you can can use asciinema! asciinema actually only records the text input and output of your terminal (stdin, stdout and stderr). This means that the recordings are extremely light (it only contains text and timing), while the text remains perfectly readable. You can also easily share and embed your recordings on your website using some javascript code.

Read
Install and use Dell OpenManage Server Administrator (OMSA) on Ubuntu

Dell OpenManage Server Administrator (OMSA) is a Dell utility to monitor your Dell servers. Here is how to install and use OMSA on a Ubuntu server...

Read
Change the MAC address of your Linux system

Still today, some network monitoring tools and security systems rely on the MAC address of the host. However, a MAC address is not an authentication mechanism! It can be easily changed. More precisely, by default most operating systems will use the MAC address burnt into the network interface as the source MAC address for all emitted Ethernet frames. But you can easily reconfigure your system to change this behavior. Here is how to do that on a Linux computer.

Read
Install Volatility on Debian, Ubuntu & Mint

In this blog post we show how to install the latest (GIT) version of Volatility memory forensics framework on Debian, Ubuntu or Mint.

Read
This website uses cookies. More information about the use of cookies is available in the cookies policy.
Accept