Month: December 2023

eBPF bypass with Suricata 7.0.2 in Debian 12 Bookworm

This does not work out-of-the-box currently. I saw a bug report that the currently shipped .bpf files are not working with current libbpf (version >1.0). However, here’s how you can compile them yourself.

Continue reading eBPF bypass with Suricata 7.0.2 in Debian 12 Bookworm

Your site is unable to reach wordpress.org or dokuwiki plugin store through suricata?

I had some trouble with Suricata as an IPS with wordpress and dokuwiki. My wordpress was unable to reach wordpress.org and my dokuwiki was unable to reach the plugin/extension store of dokuwiki. While I’m (still) not sure what exactly is causing this, I found a work-around for it.

Continue reading Your site is unable to reach wordpress.org or dokuwiki plugin store through suricata?

Hardening your OpenSSH Configuration – Do you know about the tool ssh-audit? [updated]

OpenSSH usually comes with a default configuration which provides high compatibility. So even old clients can still connect. However, this compatibility comes at a price because some of the ciphers / algorithms used may be open to vulnerabilities. If you want to strengthen the encryption and get an overview about known vulnarabilities with your OpenSSH Server or Client configuration, ssh-audit is for you.

Continue reading Hardening your OpenSSH Configuration – Do you know about the tool ssh-audit? [updated]

Digitization of documents in Linux with paperless-ngx Part 1 – Installing and securing it

When I read about paperless-ngx I liked the idea of having all my documents in a central storage so that I could access them from all my devices. Furthermore those documents would be indexed (also using OCR) so that I could search (fulltext) in all of them. Due to the tagging system – if done correctly – exporting all my documents for my yearly tax declaration should just take seconds…

Continue reading Digitization of documents in Linux with paperless-ngx Part 1 – Installing and securing it