VirtualTam's bookmarks

1. Crowdsec - Curated Threat Intelligence Powered by the Crowd 2024-05-29

   tags: bsd, linux/iptables, network/firewall, observability/logging, programming/go

   [ permalink ]

   • crowdsecurity/crowdsec
   • Documentation
     • Docker / Podman Deployment
     • Data Sources
     • Parsers
     • Configuration
     • Observability / Prometheus
     • OpenAPI Specification
   • Blog
     • Building a Network for Small Businesses Part 1: Hardware
     • Building a Network for Small Businesses Part 2: Running Configurations
     • Building a Network for Small Businesses Part 3: Attack Scenarios
   • Discussion on HN (2020)
2. OpenGFW - A flexible, easy-to-use, open source implementation of GFW (Great Firewall of China) on Linux 2024-03-31

   tags: linux, network/firewall, network/ipv4, network/ipv6, programming/go, reverse-engineering, wireshark

   [ permalink ]

   • USENIX Security Symposium 2023 - How the Great Firewall of China Detects and Blocks Fully Encrypted Traffic
3. Firezone - WireGuard-based VPN server and firewall 2023-08-30

   tags: network/udp, network/vpn/wireguard, security

   [ permalink ]

   • https://www.firezone.dev/
4. How NAT traversal works · Tailscale Blog 2020-09-19

   tags: network, network/address-translation, network/firewall, network/router, network/tcp, network/udp, network/webrtc

   [ permalink ]
5. What is "AWS Security Scanner" in my server logs? 2020-07-31

   tags: cloud/aws, network, security

   [ permalink ]

   • https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.html
   • https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html
   • https://docs.aws.amazon.com/cli/latest/reference/ec2/modify-instance-metadata-options.html
   • https://aws.amazon.com/blogs/security/defense-in-depth-open-firewalls-reverse-proxies-ssrf-vulnerabilities-ec2-instance-metadata-service/
   • https://aws.amazon.com/blogs/aws/new-host-based-routing-support-for-aws-application-load-balancers/
   • https://aws.amazon.com/about-aws/whats-new/2018/07/elastic-load-balancing-announces-support-for-redirects-and-fixed-responses-for-application-load-balancer/
   • https://www.reddit.com/r/aws/comments/e18e5n/botexploit_what_is_this_trying_to_do_and_how
   • https://www.reddit.com/r/aws/comments/e18e5n/botexploit_what_is_this_trying_to_do_and_how/f8qympp/
   • https://forums.aws.amazon.com/thread.jspa?threadID=316889
   • https://owasp.org/www-community/attacks/Server_Side_Request_Forgery
   • https://www.wired.com/story/capital-one-paige-thompson-case-hacking-spree/
   • https://krebsonsecurity.com/2019/08/what-we-can-learn-from-the-capital-one-hack/
   • https://krebsonsecurity.com/2019/07/capital-one-data-theft-impacts-106m-people/
   • http://www.thecloudavenue.com/2019/08/how-capital-one-hack-was-achieved-in-aws.html
   • http://www.thecloudavenue.com/2019/11/changes-to-aws-ec2-instance-metadata-service.html
6. ModSecurity: Open Source Web Application Firewall 2019-09-17

   tags: apache, network, network/http-server/apache-httpd, network/proxy, security, web

   [ permalink ]

   • https://github.com/SpiderLabs/ModSecurity
   • https://www.digitalocean.com/community/tutorials/how-to-set-up-mod_security-with-apache-on-debian-ubuntu
7. Amazon Web Services | Auto-scale bind to an elastic IP? 2019-09-09

   tags: cloud, cloud/aws, network, network/firewall, network/ip

   [ permalink ]

   Use case:

   • Set up an AutoScaling Group with exactly 1 min/max/desired instance
   • Attach an Elastic IP to the active instance

   Usually for interoperability reasons and/or IP-based network rules (80's firewall anyone?).

   • https://stackoverflow.com/questions/34849360/how-to-assign-eip-to-autoscaling-group-of-vpc-in-cloudformation-template
   • https://www.reddit.com/r/aws/comments/6k3gb2/auto_assign_eip/
8. Kubernetes the Not So Hard Way With Ansible - Ingress with Traefik 2019-04-19

   tags: configuration-management/ansible, distributed-system/cluster, linux/container/kubernetes, network, network/firewall, network/http, network/http-server/traefik, network/transport-layer-security

   [ permalink ]

   • https://www.tauceti.blog/post/kubernetes-the-not-so-hard-way-with-ansible-network-policies/
   • https://www.tauceti.blog/post/kubernetes-the-not-so-hard-way-with-ansible-the-basics/
9. opensnitch: OpenSnitch is a GNU/Linux port of the Little Snitch application firewall. 2018-12-26

   tags: application, linux, network, network/firewall, programming/go, security

   [ permalink ]
10. ferm and docker playing together 2018-12-21

    tags: ferm, linux, linux/container/docker, linux/iptables, linux/kernel, network, network/firewall, security

    [ permalink ]

    • https://github.com/diefans/ferment
    • https://blog.urth.org/2018/06/01/making-docker-play-nice-with-ferm-firewalls-on-linux/
    • https://unrouted.io/2017/08/15/docker-firewall/
    • https://github.com/wikimedia/puppet/commit/74050c6233c8b5ae291d3d7f5131a587941c50ac
    • https://github.com/moby/moby/issues/12294#issuecomment-432921518
    • https://github.com/Jamesits/systemd-named-netns
11. iptables 2018-07-04

    tags: linux, linux/iptables, network, network/firewall, network/router, sysadmin

    [ permalink ]

    Documentation:

    • https://www.netfilter.org/documentation/index.html
    • https://www.netfilter.org/documentation/HOWTO//netfilter-hacking-HOWTO.html
    • https://www.netfilter.org/documentation/HOWTO//networking-concepts-HOWTO.html
    • https://www.netfilter.org/documentation/HOWTO//NAT-HOWTO.html
    • https://www.netfilter.org/documentation/HOWTO//packet-filtering-HOWTO.html
      • https://www.netfilter.org/documentation/HOWTO//packet-filtering-HOWTO-6.html
      • https://www.netfilter.org/documentation/HOWTO//packet-filtering-HOWTO-7.html

    Articles:

    • https://www.digitalocean.com/community/tutorials/how-the-iptables-firewall-works
    • https://www.digitalocean.com/community/tutorials/how-to-list-and-delete-iptables-firewall-rules
    • https://www.digitalocean.com/community/tutorials/iptables-essentials-common-firewall-rules-and-commands
    • https://www.digitalocean.com/community/tutorials/a-deep-dive-into-iptables-and-netfilter-architecture
    • https://www.digitalocean.com/community/tutorials/how-to-choose-an-effective-firewall-policy-to-secure-your-servers

    How-tos:

    • https://wiki.centos.org/HowTos/Network/IPTables
    • https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-using-iptables-on-ubuntu-14-04

    Routing:

    • https://www.frozentux.net/iptables-tutorial/iptables-tutorial.html
    • https://www.frozentux.net/iptables-tutorial/images/tables_traverse.jpg
    • https://www.frozentux.net/iptables-tutorial/images/table_subtraverse.jpg
    • https://upload.wikimedia.org/wikipedia/commons/3/37/Netfilter-packet-flow.svg

    RHEL Documentation:

    • https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/security_guide/sect-security_guide-firewalls-common_iptables_filtering
    • https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/security_guide/sect-security_guide-firewalls-forward_and_nat_rules
    • https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/security_guide/sect-security_guide-firewalls-malicious_software_and_spoofed_ip_addresses
    • https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/security_guide/sect-security_guide-firewalls-iptables_and_connection_tracking
    • https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/security_guide/sect-security_guide-iptables
    • https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/security_guide/sec-setting_and_controlling_ip_sets_using_iptables
12. How To Choose an Effective Firewall Policy to Secure your Servers | DigitalOcean 2018-05-15

    tags: linux, network, network/firewall, policy, security, server

    [ permalink ]

    • http://www.chiark.greenend.org.uk/%7Epeterb/network/drop-vs-reject
    • https://security.stackexchange.com/questions/22686/is-it-good-practice-to-manually-lock-down-ports-on-each-host
    • https://security.stackexchange.com/questions/22711/is-it-a-bad-idea-for-a-firewall-to-block-icmp/22713
    • https://serverfault.com/questions/84963/why-not-block-icmp/84981
13. Proxmox: Networking, Firewall, Security 2018-05-15

    tags: linux, linux/debian, network, network/firewall, network/router, security, virtualization/proxmox

    [ permalink ]

    • https://pve.proxmox.com/wiki/Network_Configuration
    • https://pve.proxmox.com/wiki/Firewall
    • https://pve.proxmox.com/wiki/Fail2ban
    • https://forum.proxmox.com/threads/how-to-implement-fail2ban-on-host.3583/
    • https://forum.proxmox.com/forums/proxmox-ve-networking-and-firewall.17/
    • https://myatus.com/p/guide-firewall-and-router-with-proxmox-extending-its-us/
    • https://www.kiloroot.com/secure-proxmox-install-sudo-firewall-with-ipv6-and-more-how-to-configure-from-start-to-finish/
    • https://blog.waccabac.com/gestion-du-pare-feu-de-proxmox-ve-4/
14. Déploiement de Proxmox VE 5 sur un serveur dédié - part 1 - Zwindler's Reflection 2018-05-14

    tags: bsd, linux, linux/debian, network, network/firewall, virtualization/proxmox

    [ permalink ]

    • https://blog.zwindler.fr/2017/07/18/deploiement-de-proxmox-ve-5-sur-un-serveur-dedie-part-2/
    • https://blog.zwindler.fr/2017/07/25/deploiement-de-proxmox-ve-5-sur-un-serveur-dedie-part-3/
15. LWN - Berkeley Packet Filter comes to firewalls 2018-02-20

    tags: linux, linux/kernel, network, network/firewall, network/packet, network/router

    [ permalink ]

    • https://lwn.net/Articles/747504/
    • https://lwn.net/Articles/747557/
    • https://en.wikipedia.org/wiki/Berkeley_Packet_Filter
16. pfSense® - World's Most Trusted Open Source Firewall 2018-01-19

    tags: bsd/freebsd, network, network/firewall, network/router, unix

    [ permalink ]

    • https://github.com/pfsense
    • https://www.reddit.com/r/PFSENSE/
17. ferm - for Easy Rule Making 2017-09-05

    tags: linux, network/firewall, route

    [ permalink ]
18. Shoreline Firewall 2016-12-01

    tags: linux, network, network/firewall, network/ip, route, security

    [ permalink ]

    • http://www.shorewall.net/two-interface.htm
    • http://www.shorewall.net/manpages/shorewall-snat.html
    • https://wiki.debian.org/HowTo/shorewall
19. OPNsense® - Open Source Firewall - High-end Security Made Easy™ 2016-10-28

    tags: bsd/freebsd, linux, network, network/firewall, programming/c, programming/php

    [ permalink ]

    • opnsense
    • opnsense/core
    • opnsense/plugins
    • Architecture
    • About the Fork