Pi-Hole is an excellent solution to block ads, trackers and malware network-wide at the DNS level. With a few tweaks, it can be a great asset for privacy on the Internet.
Setting up unbound is simple. Getting it to work on Debian Buster with DNS-over-TLS is no rocket science either but does require some fine-tuning explained in this article.
A write-up on how I selected a lightweight tool to finally throw away those big piles of paper and get a decent full text index of all these official documents.
This article covers the specifics of getting OpenVPN to work on unprivileged containers with Proxmox VE 5.2 and the configuration specifics for a site-to-site link.
CTFd is a nice and easy to use CTF management platform based on Python. This article gives a straight guide for quick deployment on a bare Ubuntu 18.04 VM/Container, in case you cannot use Docker.
Following performance issues with my all-in-one IPS/Router setup on my home network, I decided to split it between a pfSense-based IPS and a Linux-based router. This article explains why I made that choice, how I revised my architecture and the resulting implementation.
In this (supposedly) frequently updated article, I list websites and publications that I find useful as a referential/background for my cybersecurity activities. Basically, this is a dump of my Feedly subscriptions list, assorted with additional elements (books that I read, links I don't want to lose, and so on).
Icinga started out as a Nagios refactor. It has now become so much more, and is a pretty solid tool to monitor efficiently an heterogeneous system with minimal effort. Along with the InfluxDB time-series and the Grafana visualization tool, it can be used to build a modern and reactive NOC platform starting point.
If you read this, you've probably been there: you're the family's IT guy, and every now and then you fix a computer. Potentially full of malware and other nasty stuff. This article discusses my approach to being a nice guy without endangering my own machines.
