Sometimes you want to access services running on unusual ports, like a SSH server running on port 2222 for example. If connection fails, how can we detect the outgoing ports that are filtered or open on the network?
ReadUSB devices can be a liability : they can be used to exfiltrate data from a computer or server, to plug a hardware keylogger, or to plant a malware. Hence on a managed computer, USB devices should be filtered and whitelisted. In this blog post we show how this can be achieved thanks to udev, and some PHP code.
ReadWhen working on different projects, you may have to switch between different versions of PHP. In this blog post we show how to install and use different versions PHP on Ubuntu.
ReadYou probably use ssh on a regular basis. It's easy and powerful. But once in a while you might be confronted to ssh utility tools like ssh-agent and ssh-add. What are these, and what are they used for?
ReadAnsible is an extremely powerful configuration management system. Ansible is able to perform a wide range of tasks on a large and heterogeneous ensemble of devices. Indeed, it relies on a system of modules (plugins) that allow to perform different tasks like software provisioning, system and application configuration management, application-deployment etc. Moreover, Ansible modules exist to manage a wide variety of devices like Linux and Windows computers, but also network equipment like switches and routers, kubernetes clusters and other cloud services like AWS, GCE and Azure. For this reasons, Ansible is sometimes coined as an infrastructure automation engine.
ReadAlpine Linux is a very light Linux distribution, that can run with less than 100MB of harddisk space. Here is how to configure Alpine Linux to run as a NAT router and DHCP server.
ReadDNS is a real corner stone of privacy and security on the Internet! From the security point of view, DNS is used by your machine to link a domain name to an IP address. DNS is also used to find the email server of a recipient (using MX records). On a desktop computer, DNS is used by email clients to perform auto-configuration. Over the Internet, DNS records are used to prevent BGP hijacking (using RPKI). The list is long! From the privacy point of view, the DNS queries sent by your computer offer a clear view of the services you use.
ReadRecording the DNS queries perform by devices on your network is a simple and efficient way of monitoring your network. In this blog post we show how to configure the bind DNS server to log these...
ReadIn this blog post we show how to use rsnapshot to configure nice and easy rolling backups.
ReadIf you want to share a terminal session, you can record a video of your terminal window, and share it on something like YouTube or vimeo. Or you can can use asciinema! asciinema actually only records the text input and output of your terminal (stdin, stdout and stderr). This means that the recordings are extremely light (it only contains text and timing), while the text remains perfectly readable. You can also easily share and embed your recordings on your website using some javascript code.
ReadDell OpenManage Server Administrator (OMSA) is a Dell utility to monitor your Dell servers. Here is how to install and use OMSA on a Ubuntu server...
ReadStill today, some network monitoring tools and security systems rely on the MAC address of the host. However, a MAC address is not an authentication mechanism! It can be easily changed. More precisely, by default most operating systems will use the MAC address burnt into the network interface as the source MAC address for all emitted Ethernet frames. But you can easily reconfigure your system to change this behavior. Here is how to do that on a Linux computer.
Read