Cleaning unneeded kernel images on CentOS 7.4

Running OpenVAS I was shocked about a couple of high security warnings. Closer inspection thought me I had an old kernel that was vulnerable against attacks. I immediately ran yum update but there was nothing to update. Huh? A uname -r and I was relieved: I was actually up to date, but looking in /boot…

Continue Reading

Install OpenVAS on Fedora 26

After a lot of security related installations and modifications on my test server, I want to test if it is indeed secure. A couple of online scanners were discussed here and here for example, but I want to take it a few steps further. I came across OpenVAS in a training video and will be…

Continue Reading

Securing SSL / HTTPS

Securing SSL and HTTPS might seem like a contradiction to you, because SSL and HTTPS are secure right? Well, not entirely and always. There are some awesome tools out there that will get your website from an F to an A+. Check this out. This is a good example of always being on top of…

Continue Reading

Nextcloud security and performance tweaks

Our last post took care of a working Nextcloud installation. Afterwards I pumped 100GB of data to my cloud without a hickup. But, especially in multi-user production environments, there are certainly a couple of important security and performance tricks to be performed. So be sure to check out these tips. I think this post is…

Continue Reading

Complete Nextcloud 12 installation on CentOS 7.4

OK, so here’s the deal. I had ownCloud up and running and was rather happy with it. I’d chosen ownCloud because I knew it from a few years back when I was looking for a Dropbox alternative for a customer. Never heard about Nextcloud before… A few days after this installation, a few sync problems…

Continue Reading

Installing VMWare Workstation Pro 12.5.7 on Fedora 26

I’ve recently switched from Kali Linux to Fedora for different reasons. With the switch I wanted to give Virtualbox a try instead of the commercial VMWare Workstation Pro. Unfortunately, VirtualBox 5.1.28 on Fedora 26 is slow as hell (I believe it got something to do with the extension pack) and after half a day of…

Continue Reading

Setting up rsnapshot on CentOS 7.4

Being a former Mac geek, I like Apples Time Machine as a backup mechanism. It performs a full backup of your data and with hard links it creates a kind of snapshot of your files. You enter Time Machine and at every moment in time it seems you have all your files at you disposal….

Continue Reading

HSTS / HTTP Security Headers and WordPress

After giving SSH a hardening makeover, I’ve discovered something new. Apparently, HTTP Strict Transport Security (HSTS) and all kinds of HTTP Security Headers is pretty hot at the moment. It has been for a while actually, but more people are adopting it nowadays. For WordPress, that I’m running, it is rather easy to setup. Stuff…

Continue Reading

Securing SSH on CentOS 7.4

Yeah! Let’s do some more CentOS 7.4 hardening with SSH. Last hardening post was all about OSSEC. Now something that I set up months ago, and pretty secure as a matter of fact, but nevertheless could use a bit of tweaking. As said, I think my config was rather secure already but in the last…

Continue Reading

WordPress / ownCloud / CentOS 7.4 / PHP 7.1

Getting the above combination running is not too hard if you put your mind to it. I got it running pretty fast when I needed PHP 7.1 because of my ownCloud installation. But syncing had some strange problems now and then and then I discovered the owncloud.log growing and growing to a couple of hundred…

Continue Reading