Sign in Subscribe

Security

All things security related

pfSense and Tor

I have recently moved from a pfSense vm to dedicated hardware. I may move back, but while I was evaluating the system, I installed TOR ( The Onion Router) package on to my firewall to allow me to route traffic.

Using Kestra to update my proxmox IPSet

I've been using Kestra for a while now to automate some of the more mundane tasks around my network. One of these tasks is keeping the firewall up to date. This blog sits behind cloudflare, and as such, only cloudflare needs to access it. All other sources should be be denied (except internally).

Updating docker hosts with Kestra

Patching is a balancing act. There are some who say you shouldn't if it works, others who say you should, but stay a certain about of time behind and those that think that bleed edge is the way to stay protected.

Smart doorbell failure #2?

Following on from my failure to detect my doorbell button being pushed, I considered a few different alternatives solutions. The first solution to spring to mind was to use a zigbee button.

Security Through Marketing?

Need extra sponsors to drive your email security program? Want to see your logo in certain mail clients like gmail? If so, then you need BIMI.

Deploying vault via docker and ansible

Adding to my in-promptu series on automating docker containers with ansible, this time I'm looking at Hashicorp's Vault. This is slightly different, in that it required a binary to be installed on the ansible controller (a raspberry pi). Once vault is deployed, we need to unseal the containter.

Monitoring DMARC with Docker

In this post, I deploy a docker container via docker compose and ansible to read my dmarc reports.

Wireless doorbell hacking

I bought a wireless doorbell from B&M and the doorbell works great. I have always been interested in decoding radio, so this gave me a chance to try this out. My end goal here is to be able to press the doorbell and have home assistant act on the button press.

Gitlab pipelines

As a later post will show, I've been using gitlab pipelines to validate some of my code for me. As a security conscious person, I've been interested in building security in to pipelines.

The laziest talk I've ever done.

Tonight, when this post goes live, I'll be presenting my laziest talk ever. It is entitled "Security horror stories". I can't share any of the content, but I can share how it came to be.
As an Amazon Associate I earn from qualifying purchases.

If you have found this post useful, please consider donating.