June 24, 2017

Security

How to Install PPTP VPN Server on FreeBSD

FreeBSD Logo

This tutorial will cover the steps to set up a virtual private network on FreeBSD. We are using the PPTP VPN server to establish a VPN of 2 and more users. For the clients there is no need to install any VPN application as the built-in VPN client of Windows, Linux or Mac can be used.
This VPN server is using mpd4 and NAT of the VPN users and can be extended to any amount of users and interfaces.

[Read more...]

How to Install and Use the PF Firewall on FreeBSD

FreeBSD Logo

PF or Packet Filter is the in-build firewall software of FreeBSD.
This firewall was originally developed for OpenBSD and has been ported to other operating systems like FreeBSD, NetBSD, Mac and Debian.
In this tutorial we will show you the PF installation and configuration steps on FreeBSD to keep your network secure.

[Read more...]

How to Secure Apache With a Free SSL Certificate From StartSSL on CentOS

StartSSL Logo

Your own web server with an SSL certificate from an approved certificate authority so that the browser also does not cause any warning, that would be a good thing. But only the cost of a certificate from Verisign & Co let you forget those mind games quickly. The provider StartSSL does offer free SSL server certificates that are valid for one year after all. How great is that! In this tutorial we will show you the process of securing your Apache webserver with this free SSL certificate.

[Read more...]

How to Prevent Users From Seeing Processes That run Under Another UID on FreeBSD

FreeBSD Logo

An important step to harden you FreeBSD system is to to disallow users to see processes that are being run under another UID. For this we need to set some kernel states to avoid others from fetching these information with commands like ps, top, sockstat and many more. This changes also applies to jailed systems.

[Read more...]

How to Tunnel a Remote Port to a Local Port with SSH

Administration Logo

Sooner or later you have to restrict access to a specific application from outside the server by blocking a port with a firewall. This is a common scenario when using a development web server. You want to access the service but you do not want to leave it open to the entire world. At this point SSH can help you to create a tunnel.

[Read more...]

How to Install chkrootkit on FreeBSD

chkrootkit Logo

With chkrootkit you can regularly check your system for signs of a rootkit. chkrootkit looks for known signatures in trojaned system binaries. It also checks if the interface is in promiscuous mode, for lastlog deletions, for wtmp deletions, for wtmpx deletions, for signs of LKM trojans and for utmp deletions. Running chkrootkit as cron makes this a very useful security tool. chkrootkit is available on FreeBSD and can be installed through the port directory.

[Read more...]