Following performance issues with my all-in-one IPS/Router setup on my home network, I decided to split it between a pfSense-based IPS and a Linux-based router. This article explains why I made that choice, how I revised my architecture and the resulting implementation.
In this (supposedly) frequently updated article, I list websites and publications that I find useful as a referential/background for my cybersecurity activities. Basically, this is a dump of my Feedly subscriptions list, assorted with additional elements (books that I read, links I don't want to lose, and so on).
Icinga started out as a Nagios refactor. It has now become so much more, and is a pretty solid tool to monitor efficiently an heterogeneous system with minimal effort. Along with the InfluxDB time-series and the Grafana visualization tool, it can be used to build a modern and reactive NOC platform starting point.
If you read this, you've probably been there: you're the family's IT guy, and every now and then you fix a computer. Potentially full of malware and other nasty stuff. This article discusses my approach to being a nice guy without endangering my own machines.
Firewalls are a good thing, but they're not enough anymore. Ports don't define traffic anymore, we must have a look at the applicative level to enforce policies and block malicious traffic efficiently. Here I present how I set up one of the open source leaders, Suricata.