Run Zeek as user zeek on FreeBSD
5 January, 2021
Zeek runs as the user root
by default when it is implemented on FreeBSD using the package system.
But we want a more secure setup than this and run Zeek as a normal user. Fortunately this is possible on our favorite Operating System!
read more
Implement Zeek on FreeBSD
17 December, 2020
I wanted to get more visibility in my network on the application and services level. An example of a current missing insight on my network is e.g. which domains are queried by the systems on my network? And no other tool than Zeek can answer this question the best! Zeek is a network security monitoring platform which generates rich network metadata that is very valuable for general network troubleshooting, getting insight in what happens on your network, and even for incident response and forensics!
This blog post is the first blog post of a series of posts about Zeek on FreeBSD! So more to come after this one.
read more
How to implement an internet facing FreeBSD IPFW firewall
12 November, 2020
I am a FreeBSD user since version 2.2. And I've never used the FreeBSD native packet filtering firewall IPFW before.
But that changed a little while ago, so I've decided to write about it and share my insights and gained knowledge about this subject. So this blog post is about implementing an internet facing firewall using FreeBSD IPFW!
read more
Vulnerability management for FreeBSD
29 October, 2020
If you run a FreeBSD system, you want to run it healthy you want to keep it up to date. A system in this case can be a physical system, a virtual machine or even a jail. And keeping it up to date means not only implementing newer versions of the Operating System and or packages, because of i.e. increased functionality, but also keep track of vulnerabilities of both and patch them when necessary. This is vulnerability management!
But this is not as easy as it sounds! It involves identifying, classifying, prioritizing and mitigating the vulnerabilities, which can be a complex and difficult process!
read more
Software inventory with Salt on FreeBSD
July 20, 2020
Software inventory is one of the 20 CIS Controls.
Up to recently I was not doing software inventory (and control) for the SoCruel.NU platform. The platform is (almost) completely based on FreeBSD and all hosts (physical, virtual, laptop) are managed with SaltStack, so it would be nice if these can be used for this purpose. And it can!
read more
Asset inventory with Rumble on FreeBSD
June 8, 2020
Inventory and control of your IT hardware and software based assets is one of the basic processes you must have in place managing and securing an IT infrastructure properly. Rumble is a network asset discovery tool and as of 2 June 2020 it is also available on FreeBSD!
In this post can read how to implement and use Rumble on FreeBSD.
read more
How to implement gdnsd on FreeBSD
April 28, 2020
I was looking for a solution to increase the availability of my public websites. gdnsd is an authoritative-only name server. The initial ‘g’ stands for geographic, as gdnsd offers a plugin system for geographic (or other sorts of) balancing, redirection, and service-state-concious failover.
This post explains how gdnsd is implemented at SoCruel.NU to achieve the availability goals.
read more
See the archive page or category pages on the right for more (older) blog posts.