Push icinga2 metrics to Graphite
icinga2 is a monitoring environment that does not inherently process metrics in time series.
Fritzbox behind OPNsense
Fritzbox is a German router brand. Almost everyone in Germany has a Fritzbox. This router is known to work day and night. Unfortunately, you can configure almost nothing and debug very little, which makes the transition very difficult.
Send encrypted logs to Graylog (Part 2: Windows machines)
In the first part we learned how to create a so-called Shadow CA and send logs with Linux machines to Graylog. We now want to make this possible for Windows PCs as well.
Send encrypted logs to Graylog (Part 1: Linux machines)
Graylog is a log aggregation tool that makes it easy to read and analyze logs due to its Elasticsearch or Opensearch implementation. Unfortunately it is not possible to exchange Graylog with old known tools like rsyslog. Rsyslog uses UDP as protocol, which is basically unencrypted (exception QUIC).
Harden your public webserver (Part 3: shutdown SSH)
One of the main points of attack is the SSH interface. Script kiddies love an open SSH port.
Harden your public webserver (Part 2: crowdsec)
Quickly after the server is on the Internet, it is open for script kiddies to eat. One of the first annoyances are bruteforce attacks.
Harden your public webserver (Part 1: unattended-upgrades)
Everyone who at some point comes across the idea of renting their own root server knows the queasy feeling that the server has been released for attack.