(very simple) auto update bash script for paperless-ngx docker-compose

Just like the title states. In my previous post I published a very very simple script for doing pull automatically for the docker-compose stuff of paperless-ngx. I modified this one a bit more. Maybe useful to you, too.

Continue reading (very simple) auto update bash script for paperless-ngx docker-compose

Updating & Upgrading paperless-ngx stack (Installed with docker compose)

Just some notes on how I update my paperless-ngx Stack which I previously installed with docker compose as explained in one of my previous posts. In this one I’ll also upgrade PostgreSQL from 15 to 16 and Gotenberg from 7.10 to 8. This is with Paperless-NGX 2.5.3.

Continue reading Updating & Upgrading paperless-ngx stack (Installed with docker compose)

Automatic / Unattended (Security) Updates in Debian

If you follow current IT security vulnerabilities and security breaches, you’ll probably agree that keeping systems up to date is becoming increasingly important. Unattended upgrades for Debian/Ubuntu have been around for as long as I can remember and it’s a pretty easy way to achieve that. Here’s how.

Continue reading Automatic / Unattended (Security) Updates in Debian

eBPF bypass with Suricata 7.0.2 in Debian 12 Bookworm

This does not work out-of-the-box currently. I saw a bug report that the currently shipped .bpf files are not working with current libbpf (version >1.0). However, here’s how you can compile them yourself.

Continue reading eBPF bypass with Suricata 7.0.2 in Debian 12 Bookworm

Your site is unable to reach wordpress.org or dokuwiki plugin store through suricata?

I had some trouble with Suricata as an IPS with wordpress and dokuwiki. My wordpress was unable to reach wordpress.org and my dokuwiki was unable to reach the plugin/extension store of dokuwiki. While I’m (still) not sure what exactly is causing this, I found a work-around for it.

Continue reading Your site is unable to reach wordpress.org or dokuwiki plugin store through suricata?

Hardening your OpenSSH Configuration – Do you know about the tool ssh-audit? [updated]

OpenSSH usually comes with a default configuration which provides high compatibility. So even old clients can still connect. However, this compatibility comes at a price because some of the ciphers / algorithms used may be open to vulnerabilities. If you want to strengthen the encryption and get an overview about known vulnarabilities with your OpenSSH Server or Client configuration, ssh-audit is for you.

Continue reading Hardening your OpenSSH Configuration – Do you know about the tool ssh-audit? [updated]