· 10 min read
The TLS Foundation
What TLS actually does, how the chain of trust works, and why your browser ships the public keys of every CA in the world — but never the private ones.
Tag
#security
7 posts tagged with #security
· 11 min read
OPNsense Core Features Setup: Blocking, DNS Resolution & Hardening
Learn how to block websites and categories, resolve LAN hostnames in firewall logs, and harden OPNsense itself — practical steps every homelab admin should complete after the initial install.
· 6 min read
OPNsense Hardening: Lock Down Your Firewall After Install
Seven steps to harden a fresh OPNsense install: restrict the admin interface, lock down SSH, enable automatic updates, disable unused services, audit firewall rules, and set up Suricata IDS.
· 12 min read
OPNsense on Proxmox: Build a Dedicated Home Firewall
Your ISP router is a black box you cannot inspect or extend. This guide walks through replacing it with OPNsense running as a Proxmox VM on an Intel N100 MiniPC — with full traffic visibility, per-device rules, and IDS/IPS.
· 7 min read
Fail2ban on Debian 13: The Right Config for OpenSSH 9.x
The base configurations of fail2ban to protect the linux server, tested against real wrong-key attempts.
· 14 min read
Linux Server Security Baseline: What Every DevOps Engineer Should Apply
Seven hardening steps to run on any fresh Debian or Ubuntu server — whether it is an AWS EC2 instance, a GCP VM, or bare metal. SSH hardening, UFW, Fail2ban, and automatic security updates.
· 13 min read
OPNsense Intrusion Detection: Detecting and Simulating Real-World Attacks
Learn how to configure OPNsense IDS/IPS using Suricata to detect suspicious network activity. Includes real-world attack examples and safe simulation techniques for testing your security setup.