Clik here to view.
Adding HSTS To Your Website
So you’ve moved your website to use SSL/TLS and that’s it? Not quite! Your next step should to test your site and enable HSTS (HTTP Strict Transport Security).Changelog 19Dec2017 – Originally posted...
View ArticleClik here to view.
Redirect outgoing NTP traffic to an internal NTP server
Tired of seeing outbound NTP blocks in your firewall logs because you restrict outgoing traffic? Or maybe you are receiving alerts because some device uses NTP pool resources (such as pool.ntp.org) and...
View ArticleClik here to view.
Block Ads & Malvertising on pfSense Using pfBlockerNG (DNSBL) – Old
This walkthrough uses the DNSBL portion of pfBlockerNG to remove ads/advertising and more importantly, malvertising. It essentially creates a functionality similar to the pi-Hole project except it...
View ArticleClik here to view.
Monitor For Expiring SSL/TLS Certs with Nagios
We’ve all been there. Your SSL/TLS certificate on your webserver, mail server, or <insert service name here> has expired and your users are miffed!!! Expiring SSL/TLS certificates have been a...
View ArticleClik here to view.
Mysterious outbound UDP traffic on port 8888… Help!
What is this traffic on port 8888? Or a device is infected and trying to communicate over port 8888 to IP addresses all over the world?!?! I’ve seen forum posts with similar titles a handful of times...
View ArticleClik here to view.
An Open Letter To Ransomware Authors
Dear ransomware authors,Thank you! No joking, no saltiness, no BS. You may think this is in jest, but I whole-heartedly want to say ‘thank you.’ I’ve been around security long enough to see *many* turn...
View ArticleClik here to view.
Block Ads & Malvertising on pfSense Using pfBlockerNG (DNSBL)
This walkthrough uses the DNSBL portion of pfBlockerNG to remove ads/advertising and more importantly, malvertising. It essentially creates a functionality similar to the pi-Hole project except it...
View ArticleClik here to view.
Installing OpenVAS (GVM) on CentOS 7
This is a walkthough for installing and configuring OpenVAS (GVM) on CentOS 7. OpenVAS (Open Vulnerability Assessment System) is an opensource vulnerability scanner.Greenbone has deprecated OpenVAS...
View ArticleClik here to view.
Configuring Quad9 on pfSense
Quad9 is a DNS platform that adds several layers of security. It does this via standard DNS queries/responses.Basically, if a machine on your network queries a known bad hostname, the Quad9 DNS server...
View ArticleClik here to view.
Installing pi-hole on Ubuntu 18.04 LTS
In this guide, I will walkthrough how to install and test the pi-hole on Ubuntu and more specifically, Ubuntu Server. These same instructions may work on Ubuntu Desktop, but I strongly suggest Server....
View Article
