This article shows an example configuration that will achieve three objectives: Provide GeoIP Fending, Provide SSL/TLS Termination, and server as a Reverse Proxy. In this example we’re using Ubuntu 22.04. Connections coming in on HTTP (port 80) are redirected to HTTPS (port 443) which is where the GeoIP Fencing takes
Read moreBrowse through our full list of articles. Everything from Linux & Cybersecurity to automation and Windows topics.
NXLog Example Configuration File – Sending Logs From Windows to Syslog in JSON Format
This article explains how to send logs from Windows systems to Syslog servers using NXLog (community edition). In this case we’re sending to Syslog listening on TCP. NXLog is easy enough to install but the configuration process is not so easy. Because Windows EventLog uses many more fields than Syslog,
Read moreComparing Syslog Formats – BSD RFC3164 vs IETF RFC5424
This article compares the two Syslog formats. If you can’t decide, consider “IETF RFC 5424”. This article compares two log entries using different Syslog formats. The event is the same for both entries – logging into a Synology server’s web portal. The user “agix” is logging in from host “10.1.1.100”.
Read moreRunning LogStash in Docker
This is a short HowTo for running LogStash in Docker. We’re using Ubuntu 22.04. Install Docker and create our directory structure: apt install docker docker.io mkdir ~/logstash mkdir ~/logstash/config/ ~/logstash/pipeline/ Create the Dockerfile file “~/Dockerfile”: # The image to use: FROM docker.elastic.co/logstash/logstash:8.15.0 # Remove the pre-existing config file from within
Read moreAndroid VPN (Always On) with pfSense
This article shows the settings on the pfSense and Android device for the always on IPSec VPN. The best article to start with is “https://docs.netgate.com/pfsense/en/latest/recipes/ipsec-mobile-ikev2-client-android.html”. Then compare your settings to those on this page if you need more help than the linked article provides. The VPN cryptographic settings are: Phase
Read moreInstalling Graylog Open on Ubuntu 22.04
This article is a walkthrough for installing “Graylog Open 6” and leverages the documentation at “https://go2docs.graylog.org/current/downloading_and_installing_graylog/ubuntu_installation.html” and “https://www.mongodb.com/docs/manual/tutorial/install-mongodb-on-ubuntu/”. We’re using Ubuntu 22.04 because 24.04 is not supported using the documentation linked above. We’re starting from a fresh “standard” Ubuntu 22.04 installation. Our resources are “4GB RAM, 8 CPU Cores, 25GB
Read morepfBlockerNG and Whitelisting Internal Source Addresses – pfSense
This article explains a method of whitelisting one or more devices on your internal network so that pfBlockerNG doesn’t block those devices/servers due to any configured restrictions. For example, you might block a country using pfBlockerNG’s GeoIP filtering, but you may need one of your internal devices to be able
Read morepfSense Cannot allocate memory with pfBlockerNG – Firewall Rules Not Working
This article discusses the cause and solution to the error message “Cannot allocate memory” relating to pfBlockerBG. In this scenario, we’re using a Netgate 2100 Base firewall appliance. The firewall was receiving the following error message when reloading the filter rules (in “Status – Filter Reload“). There were error(s) loading
Read moreSynology NAS Not Reporting Disk Issues, But Should
This article describes a situation where the Synology 720+ NAS has poor write performance due to a disk issue. However, the NAS is not reporting an issue. SMART is reporting that everything is OK. First, the symptoms. The following two screenshots show the actual speed when the disk was in
Read moreAdvert Blocking Comparison Between pfBlockerNG & AdBlocker
This article is a quick comparison of advert blocking for web browsing between pfBlockerNG DNS filtering, and the web browser plugin Ad Blocker. This is hardly scientific, but it does give an idea of how effective each are with basic settings. I’m sure with more effort, the impact could be
Read more