Categories
Uncategorized

dnssec, Bind9 on Alpine

Signing your zones might sound complicated, here are 5 steps to get going on Alpine Linux 3.12 with Bind 9.14. 1) Create the bind config Make sure to fulfil the necessary dependencies! The command for alpine is “apk add bind bind-dnssec-tools” # vi /etc/bind/named.conf /etc/bind/named.conf 2) Create your zonefile cd /etc/bind/zones vi bekla.ga /etc/bind/zones/bekla.ga 3) […]

Categories
Uncategorized

Unprivileged containers as root, an oxymoron?

It’s not, it can actually be accomplished by using subuid (subordinate user id’s) & subgid (subordinate group id’s) built into the linux kernel.

Categories
Uncategorized

lxc-top not found

Thats right, i saw the new lxc-top command that is available in 3.0 and i was kind of impressed. Since i’m running version 2 and wanted something similar, i decided to go with a simple bash script, the data is collected via proc and the values are converted with some help from BC (arbitrary precision […]

Categories
Uncategorized

automatic emerging threats iptables blocklist

Can be run from cron every night to make sure you keep those pesky hackers out.

Categories
Uncategorized

DAMP – Docker, Apache, MariaDB & PHP-FPM

Are you still using virtual machines like a sucker? here’s the complete guide to the future, it’s called containerization. I’ve been using chroot for years, not only for webpages with the php-fpm, but also for services like Postfix, Dovecot and Bind.

Categories
Uncategorized

Blacklisting with Ulogd2 & nftables

This script is a part of the Asbra Firewall Project which is a set of utilities for managing a Linux Netfilter Firewall.