Advanced Search
Search Results
247 total results found
Graylog
Graylog is a robust and scalable open-source software designed for centralized log management and analysis. It provides a comprehensive set of tools for collecting, processing, and analyzing log data in real-time.
XCP-NG
XCP-NG is an open-source server virtualization platform that enables the creation and management of virtual machines on a single physical host or cluster of hosts. XCP-NG is distributed as a free, open-source software and is supported by a large community of u...
Apache Guacamole
Apache Guacamole is an open-source software that provides remote desktop access via a web browser. It allows users to access their desktops, applications, and files from anywhere, using just a web browser. Apache Guacamole eliminates the need for additional cl...
CrowdSec
Crowdsec is an open-source and lightweight security software package designed to protect Linux systems and applications from various types of attacks and malicious activities. It achieves this by leveraging crowd intelligence, which means that it collects and ...
Cloudflare
Cloudflare is a prominent technology company known for providing a wide range of services related to internet security, content delivery, and domain name system (DNS) management.
SimpleLogin
SimpleLogin is a service that provides email aliasing and privacy features. It allows users to create disposable email aliases that can be used to protect their primary email address from spam, track unwanted sign-ups, and maintain a higher level of online pri...
OpenProject
OpenProject is an open-source project management software that provides a comprehensive platform for planning, tracking, and collaborating on projects. It offers a range of features, including task and timeline management, agile and traditional project plannin...
KASM Workspace
KASM Workspace is a versatile and innovative software solution designed to facilitate collaborative and remote work environments. It is a container streaming platform that can keep your web browsing secure, private, and non-attributable, with no risk of compro...
Veracrypt
Veracrypt is a free, open-source disk encryption software that allows you to create encrypted volumes or encrypt entire disk drive. It's a powerful tool for securing sensitive data by creating encrypted volumes that can only be accessed with the correct passwo...
Docker
Docker is a platform and toolset that simplifies the process of building, deploying, and managing applications using containers. Docker utilizes containerization technology, allowing developers to package an application and its dependencies (such as librarie...
MikroTik
MikroTik is a Latvian company that specializes in the development of networking hardware and software. The company is popular in the networking community due to its affordable yet powerful solutions, particularly for small to medium-sized businesses and ISPs.
Securely Wiping HDD and SSD
Securely wiping a hard drive (HDD) or solid-state drive (SSD) ensures that sensitive data is permanently removed, preventing unauthorized access or data recovery.
Users, Groups, and Permissions
Creating users, groups, and setting Access Control Lists (ACL)
Storage Pool
Where the data will lie
Network Shares
Sharing Datasets over the Network
Users and Groups
Interfaces, Firewall Rules, and IP Addresses
OpenVPN Package
pfBlockerNG Package
pfBlockerNG is an package that can be added onto pfSense to allow for advertisement and malicious IP blocking.
dchan.tech
Website related pages
Hardware Options, Installation and Upgrades
Options for Managing XCP-NG Hosts
There are a few different options for managing XCP-NG hosts: Xen Orchestra and XCP-ng Center.
Automated Tasks
Cron Jobs, Snapshots, Backup, SMART Tests, etc
Installation
Core Component - Security Engine
The Security Engine is a crucial part of CrowdSec. It analyzes logs and provides decisions through an API for the remediation components to act upon.
Remediation Components - Bouncers
The Remediation Components - a.k.a Bouncers - are the parts that will take action upon the decisions made by the Security Engine.
Installation
Configurations
Managing XCP-NG with Xen Orchestra
Installation
Configurations
Installation
Prerequisites
Are you alarmed by the way your browser warns you that there’s a potential security risk when you try to visit your local servers (like pfSense’s WebGUI) via its IP address? For modern browsers like Firefox, it will treat websites with a Self-Signed Certificat...
Adding Self-Signed CA to Firefox
Firefox uses its own CA store within the browser itself to identify certificates. The following steps will work for Firefox on Windows, Linux, and MacOS. Click on the More tab near the top right of the browser, and go into Settings. Click on Privacy & Secu...
Adding Self-Signed CA to Chrome & Chromium-based Browsers (Edge, Brave, etc) on Windows
For Chrome and Chromium-based browsers (Brave, Microsoft Edge, etc), they use the built-in certificate store on Windows. Double-click on the exported CA on your Windows machine, and it will launch the Certificate details window. Click on the Install Certifica...
Adding Self-Signed CA to Safari, Chrome & Chromium-based Browsers on macOS
MacOS uses the Key Chain access to manage the CAs for Safari and Chrome. Double-click the exported CA. Enter your MacOS User account credential to allow Keychain Access to add the CA to the Keychain store. Once you added the CA, open up the Keychain app....
Apt-based Package Manager Update and Upgrade
sudo apt update && sudo apt upgrade
pwd, cd, & ls
pwd – present working directory – shows the full path of the current directory you are in pwd cd – change directory – navigates to a different directory cd /path/to/new/directory cd /etc/default ls : list the items in the current directory ls ls...
Adding SSH Public Key and Disable SSH Password Authentication
Paste the SSH Public key inside the authorized_keys file in the .ssh folder of the user’s home directory. mkdir ~/.ssh #Use your perferred text editor to create the authorized_keys file; here I am using nano nano ~/.ssh/authorized_keys Edit the sshd_conf...
Enable Password Feedback
Add the line Default pwfeedback to the sudoer file to enable asterisks when typing in passwords for sudo sudo visudo
Unattended-upgrades
The Unattended-upgrades package allows for automatic security updates to be installed on Linux systems. sudo apt install unattended-upgrades sudo dpkg-reconfigure --priority=low unattended-upgrades
Change Timezone
sudo dpkg-reconfigure tzdata
UFW (Uncomplicated Firewall)
UFW is a simple package on Linux systems for managing the system firewall. It can be use to allow only HTTPS traffic for web servers, lock down SSH to certain IPs, and much more. Installation sudo apt install ufw Enable UFW sudo ufw enable Check UFW St...
passwd
passwd can be used to change a user’s password, or force password change upon next login Change current user password: passwd Force password change at next login: sudo passwd -e username
Starting Config Changes
enable configure terminal
Saving Changes to Start-up Config
write memory
Fan & Temperature Information
show chassis
System Logs
View Logs show log Clearing logs clear log
Interfaces Details
Show all interface in a table show interface brief Show one interface in detail show interfaces ethernet 1/1/5 Show interface statistics show statistics ethernet 1/1/5 Clearing and reset all interface statistics clear statistics
PoE Interfaces
Show brief PoE interface details show inline power Show more details show inline power detail Show details for one interface show inline power 1/1/20 Turn off PoE for one interface interface ethernet 1/1/20 no inline power exit Turn on PoE for ...
LACP Link Aggregation
To use Link Aggregation, the following criteria needs to be met on the to-be member ports: All member ports cannot have existing configuration on it (no IP set, etc) All member ports must be the same port type and speed (Cannot mix SFP+ and RJ45, or mix 1G...
VLAN Steup
Show Existing VLANs show vlan Create VLAN vlan VLAN_ID name VLAN_Name Tag Ports tagged ethernet 1/1/2 Untag Ports untag ethernet 1/1/11 Undo a tag or untag port Use no before the above commands: no untag ethernet 1/1/5 Remove all VLAN conf...