Browsing Tag

Open Source

General

FreshRSS

It took longer than I expected, but I have a self-hosted installation of FreshRSS which I can access via Reeder on macOS, iPad, iOS and the web. This install has been on my to-do for a while. If FreshRSS performs well on my server, I may cancel my Feedbin subscription.…

Continue Reading

General

Large companies aren’t good homes for beloved services

Large companies aren’t good homes for beloved services by Colin Devroe (Colin Devroe) Over the last year I’ve moved my use of platforms, services, or products to things I can control long term or are open source. Examples include my photo management process no longer being reliant on the cloud, my content all being on my own domain, and my site being on my own infrastructure. I still have more work to do but I want to future proof as…

Continue Reading

General

CipherScan

Using cipherscan to test the TLS certificate configuration of my web server. Cipherscan tests the ordering of the SSL/TLS cyphers on a given target, for all major versions of SSL and TLS. It also extracts some certificates information, TLS options, OCSP stapling and more. Cipherscan is a wrapper above the OpenSSL s_client command line. Cipherscan is meant to run on all flavors of UNIX. It ships with its own built of OpenSSL for Linux/64 and Darwin/64. On other platforms, it…

Continue Reading

Tutorials

Setting Up an Open Source Security Lab with Ubuntu

Photo by Markus Spiske on Unsplash

[exif id="36254"] Photo by Markus Spiske on Unsplash It's been a while since I had dedicated Linux server in my home. In the early days of my career, I maintained a small "data centre" in my basement. It included BSD based network storage via FreeNAS, a LAMP installation, a Linux-based firewall and directory server, and a Windows domain controller. I spent a lot of time trying testing my ideas and messing around with open source software. Over time I replaced…

Continue Reading

General

Starting a Security Tools Lab at Home

Raspberry Pi's

[exif id="17435"] I recently realised that although I have worked in the information security space for almost 13 years, the last few years I have done less “hands on” work. When my last full-time employer made the switch to a full outsourced IT stack there was less of a need for the security analyst to work with technology. The team made the transition to a governance, risk and compliance (GRC) model with my role morphing into more of an internal…

Continue Reading