Description You want to send some sensitive information to somebody who is not part of your network, so the information should no go unprotected through the environment. This post describes the case where you add sensitive data encrypted on a CD, DVD or even on a hard disk, send that…

Blocking unwanted IP addresses on F5 Description A load balancer is a device that acts as a reverse proxy and distributes network or application traffic across a number of servers. Load balancers are used to increase reliability and capacity of the applications. It is very useful to have a solution…

Fail2Ban Description Fail2Ban is a very good tool if you want to protect yourself from intruders and you want to have a good inside of your architecture in terms of access. According with the official description (https://www.fail2ban.org/wiki/index.php/Main_Page) Fail2ban scans log files (e.g. /var/log/apache/error_log) and bans IPs that show the malicious…

DUO as a second factor authentication Description In this post I would like to share a solution that can be used as a second  factor authentication. In this moment on the market there are a few solutions that are doing the same thing, but I really think that DUO is…

Tcpdump and some useful filters Description In this post I would like to share a small solution that is using tcpdump to track only external connections that are new. This script can be very useful especially when you want to migrate some Internet facing servers and after a very long…

Nmap for scanning your infrastructure Description In this post I would like to share a small solution that checks your infrastructure for open ports other than necessary ones that you explicitly want to open. Explanation – The proposed solution is providing a small implementation that checks on regular basis or…

Centralized rsyslog server Description We have a centralized rsyslog server that receives all syslog messages from the servers and networking devices from our infrastructure. We’ll not discuss the redundancy part of the architecture so I’ll consider having a single rsyslog server with all necessary resources for storing and processing logs….