Following performance issues with my all-in-one IPS/Router setup on my home network, I decided to split it between a pfSense-based IPS and a Linux-based router. This article explains why I made that choice, how I revised my architecture and the resulting implementation.
In this (supposedly) frequently updated article, I list websites and publications that I find useful as a referential/background for my cybersecurity activities. Basically, this is a dump of my Feedly subscriptions list, assorted with additional elements (books that I read, links I don't want to lose, and so on).
Icinga started out as a Nagios refactor. It has now become so much more, and is a pretty solid tool to monitor efficiently an heterogeneous system with minimal effort. Along with the InfluxDB time-series and the Grafana visualization tool, it can be used to build a modern and reactive NOC platform starting point.
If you read this, you've probably been there: you're the family's IT guy, and every now and then you fix a computer. Potentially full of malware and other nasty stuff. This article discusses my approach to being a nice guy without endangering my own machines.
Firewalls are a good thing, but they're not enough anymore. Ports don't define traffic anymore, we must have a look at the applicative level to enforce policies and block malicious traffic efficiently. Here I present how I set up one of the open source leaders, Suricata.
When you have a limited trust in your ISP and don't know how far he can (or wants to) enter your network from the modem, you're like me and end up settings up your own router behind this modem. This article starts this story with an IPv4-only router.