Sandbox Systemd Units
What many do not know is that SystemD offers the possibility to restrict services and very easily displays the exposure level.
Send encrypted logs to Graylog (Bonus: Docker container)
Docker allows logs to be sent unencrypted to a remote log system. Encryption plays a minor role on the intranet, but what if you want to send logs via the web?
Set up a simple SSH bruteforce check in Graylog
There is no security without proper log monitoring, but nobody has time to check all logs all the time. Graylog automates that.
Send encrypted logs to Graylog (Part 1: Linux machines)
Graylog is a log aggregation tool that makes it easy to read and analyze logs due to its Elasticsearch or Opensearch implementation. Unfortunately it is not possible to exchange Graylog with old known tools like rsyslog. Rsyslog uses UDP as protocol, which is basically unencrypted (exception QUIC).
Harden your public webserver
This three-part guide shows three simple steps to increase server security.
Harden your public webserver (Part 3: shutdown SSH)
One of the main points of attack is the SSH interface. Script kiddies love an open SSH port.
Harden your public webserver (Part 2: crowdsec)
Quickly after the server is on the Internet, it is open for script kiddies to eat. One of the first annoyances are bruteforce attacks.