To put it simply, if a hacker gains access to your system and can access the data as normal, then the data is not encrypted at rest. See the table below: There’s two types of so-called “encryption at rest” and each protects against the same thing with one exception, hackers.
Read moreLatest Articles
Windows 10/11 Minimum Security Settings to Check
This article is a check list of the critical items to check to ensure your computers are baseline secure. Of course, baseline is something you should determine, not me. Here;s a quick list. You may be able to use InTune to manage these items and more. Windows Updates Make sure
Read moreEnforcing 2FA Defaults on Azure and Enforcing on Office 365
This article demonstrates how to enforce 2FA for users of Azure and Office 365. Depending on your license levels, you may not get all the settings that Microsoft article recommend, so this article covers the bare minimum. Microsoft has an overarching enforcement settings which needs to be set (although it
Read moreCreating New Users & Placing SSH Keys on Ubuntu and CentOS/Redhat
This is a simple reminder to those creating user accounts on Linux systems with the expectation that the intended user will be able to log in using their SSH keys. There’s also instructions on adding them to the “sudoers” groups. Ubuntu & CentOS/Redhat Create the user and place their SSH
Read moreLandscape – Canonical’s Answer to WSUS
In recent times, we’ve been experimenting with Landscape from Canonical. This article describes our experience. While I don’t claim to be an expert (or even a long time user) of Landscape, I have spent time to test and deploy it. While I hope I have missed a few key points,
Read moreSelf-Host a Docker Registry
This article walks through the process of creating a self-hosted Docker Registry. We’re using Ubuntu but given that Docker is basically cross-platform (in a way), this should work on any Linux distribution. You can host your Docker Registry on any host you like. When I refer to you “Docker Registry
Read moreUpgrade the Netgate 7100 1U Hard Disk – Off the shelf disk
Recently I upgrade the disk of a Netgate 7100 1U firewall appliance. I’ve been looking forward to doing this but was not sure on the success of using a locally purchased (off the shelf) hard disk. The installation process is pretty simple based on the Netgate article here “https://docs.netgate.com/pfsense/en/latest/solutions/xg-7100-1u/m-2-sata-installation.html”. The
Read moreInstall and Configure PostgreSQL Stream Replication
This article walks us through the process of installing and configuring two Postgres servers for stream replication. “Stream” replication allows us to replicate all databases from the master to the/a slave. There’s another kind of replication called “Logical” replication, that will replicate “individual” databases on the master to the slave.
Read moreUpgrade WordPress Fast from the CLI (quick and dirty)
This article describes the fastest way I know to upgrade a WordPress site. A little background: I recently had a WordPress site that was error’ing when attempting to administer it. There were missing functions, etc. I decided to simply upgrade the WordPress code-base to the latest and solve the problem
Read moreChange OpenVPN Site-to-Site VPN from Shared Key to SSL/TLS (Netgate pfSense)
In this article, we’re modifying an existing OpenVPN site-to-site (peer to peer) VPN. We’re aware of the change that will come into effect soon that OpenVPN will no longer support shared keys for site-to-site VPNs. We’re going to modify an existing VPN to use SSL rather than the shared key
Read more