Tailscale exit nodes allow you to route your traffic through nearly any system in your tailnet. Learn how to build an exit node using firewalld. 🕳️
DISA’s final release of the Red Hat Enterprise Linux (RHEL) 7 Security Technical Implementation Guide (STIG) came out a few weeks ago and it has plenty of improvements and changes.
I’ve decided to start a series of posts called “Chronicles of SELinux” where I hope to educate more users on how to handle SELinux denials with finesse rather than simply disabling it entirely.
I talked a bit about systemd’s network device name in my earlier post about systemd-networkd and bonding and I received some questions about how systemd rolls through the possible names of network devices to choose the final name.
I started working on the Ansible CIS playbook for CentOS and RHEL 6 back in 2014 and I’ve made a few changes to increase quality and make it easier to use.
I’ve been getting involved with the Fedora Security Team lately and we’re working as a group to crush security bugs that affect Fedora, CentOS (via EPEL) and Red Hat Enterprise Linux (via EPEL).
There are plenty of guides out there for making ethernet bridges in Linux to support virtual machines using built-in network scripts or NetworkManager.
While using a Dell R720 at work today, we stumbled upon a problem where the predictable network device naming with systemd gave us some unpredictable results.
After having some interesting discussions last week around KVM and Xen performance improvements over the past years, I decided to do a little research on my own.
Most of my websites run on a pair of Supermicro servers that I purchased from Silicon Mechanics (and I can’t say enough good things about them and their servers).
I’ve converted one of my KVM hypervisors from CentOS 6 to Fedora 18 and now comes the task of migrating my virtual machines off of my single remaining CentOS 6 hypervisor.
I’m in the process of moving back to a postfix/dovecot setup for hosting my own mail and I wanted a way to remove the more sensitive email headers that are normally generated when I send mail.
Automating package updates in CentOS 6 is a quick process and it ensures that your system receives the latest available security patches, bugfixes and enhancements.
As promised in my earlier post entitled Kerberos for haters, I’ve assembled the simplest possible guide to get Kerberos up an running on two CentOS 5 servers.