Apr 252016
PiVPN, Easiest & Quickest Setup of OpenVPN

So I really applaud the efforts and progress by the EFF for the Let’s Encrypt initiative.  In this post-Snowden era I believe it is very important for users to take their privacy and security into their own hands whenever possible.  Let’s Encrypt allows anyone that is running a website to easily be able to serve that site over an encrypted channel.  If you aren’t a technical person you should be able to get a free […]

Feb 012016
Create FIPS Compliant S/MIME Certificates

Those who care about their communications (individuals or enterprise), may at one point decide to look into encrypting email. Email is unfortunately a product of its past, designed for sending communications from one mailbox and delivering to another across the internet, yet during a time where encrypting that communication wasn’t even an afterthought. There have been some bolt on patches to secure email but really a nice new protocol is needed. Being stuck with what […]

Jan 112016
Encrypt All the Webs!

Let’s Encrypt is a non-profit organization that is lowering the bar in getting people to encrypt their websites. They are lowering the bar in two ways, first by making it easy and api driven to obtain and renew the certificates and second by making it entirely free. Note, these are Domain Validation certs not Extended Validation or Organization Validation certs, those you still should buy from a reputable company like DigiCert. Understanding the importance of […]

Jan 082016
Google Nexus Devices Systemless Root

This post will serve to help step you through the process of rooting your Google Nexus device with the systemless root method. As any technique’s change due to software updates, I intend to keep this post updated with that latest information. First a bit of background to clarify the traditional root with what is now known as systemless root. As google releases newer versions of Android, they are also attempting to increase the security of […]

Dec 282015
Helpful Notes & Tidbits

This post will hold little notes and tidbits that I want to ensure I don’t lose yet don’t require their own dedicated blog post to discuss. Removing and cleaning up old linux kernels I run a lot of ubuntu based linux servers and depending how they were partitioned out, over time, the unused and older linux kernels can chew up a ton of space. I used to just remove the old images and headers from […]

Nov 302011
Mastering SSH Keys

Welcome to the wonderful world of SSH keys! If you don’t yet share my enthusiasm you soon will! SSH keys are a perfect way for you to control access to your machine, whether that be a very secure way for only you to have access, locking down other authorized users and preventing their passwords from getting distributed or stolen, or even allowing access to scripts for very specific purposes. SSH keys accomplish all of it […]

Aug 242011
Configure Secure FTP, with VSFTPD

So you need to setup an FTP server?  Are you sure?  The reason I ask is that FTP isn’t really a great option in many cases due to its inherent lack of security “consciousness” as I like to call it.  This can best be summed up from the File Transfer Protocol’s wikipedia page, excerpt here: FTP was not designed to be a secure protocol—especially by today’s standards—and has many security weaknesses. In May 1999, the […]

Jul 252011
Here Come 4K Advanced Format HDD's...Caution

Looks like the 4k sector drives are really starting to hit mainstream. This year marks the first time I’ve received a new laptop that came with a 4k Advanced Format hard drive. The laptop was from Dell and we get in new Dell laptops all the time. The funny thing is that until I tried installing Windows XP on it (came with Windows 7), I would have never even known it was a 4k sector […]

Jun 232011
Using AppArmor - Quick Secure Setup Part III

Application Armor.  I’m sure you can imagine what this little utility does but allow me to elaborate a bit and explain why configuring and using AppArmor has become Part III of our little series.  First let’s quickly look at what we have so far if you’ve gone through Quick Secure Setup Part I and Quick Secure Setup Part II.  From the security standpoint your server has every non-essential port turned off.  Only applications you explicitly […]

May 272011
Xirrus, Dense Wireless Solved

It wasn’t too many years ago that you could calculate the number of wireless clients you’d have to support simply by counting heads. Oh I have 100 people to support here? Okay, roughly 100 wireless clients then, max. Well that nice, simple equation is about as true as 1 + 1 = 1 nowadays. Think of all the things you might possess that have a Wi-Fi chip in them. In my workplace alone we have: […]