My Minimalistic Approach to Mac System Setup
As a long-term user of Macs (since 2008) my core system changed over the years, but the target remains the same to me: keep it simple. I'm not a fan of having many apps, some of them that I barely use, for security reasons. Since I want to keep my system always up-to-date, the …
Query Security Services for IP Reputation
tl;dr: Use this script to query three of the best security services on the internet about security-relevant data on IP addresses. It is common for Information Security Engineers to check if a given IP address is good or malicious and [maybe] that's why there are so many service…
Creating a Hardened Testing Environment
In my job, we needed to perform some networking tests in an unsafe network segment, so I decided to make a machine for that purpose, granting that the risks were mitigated by hardening the operating system. In this post, I describe the steps to create this environment. Installat…
Bits #5: Set static IP address in Arch Linux
In this post, I am going to explain how to set a static IP address in Arch Linux. For the first time, I created a machine with Arch Linux without DHCP support, and although it is not a very difficult process, I took some notes and decided to publish them for further reference. T…
Bits #4: Recovering from a PAM Misconfiguration in Arch Linux
Working with PAM modules cuts both ways: while it helps to improve the system's security, it could be disastrous by making the system inaccessible even for root. Months ago I wrote a tutorial on how to harden Arch Linux and today I used that guide while setting up a new installa…
Bits #2: Real-time Log Forwarding with Python and Syslog
Recently, I had to solve this problem: having a system that generates some log files, to send such logs to our SIEM, considering that this system had no integration with Syslog. I solved this problem some time ago by writing a shell script to read all log files of the day before…
Bits #1: Logging Python messages to Syslog in macOS
It's been a while since I posted for the last time, but today I decided to start a new session in this blog: Bits. Here, I'm going to share short, but good and useful experiences to help other people, including myself [in the future]. To debut the new session, I will describe t…
Installing Nerd Fonts on Arch Linux
I am setting up my graphical environment in Arch Linux, but since the installation is minimal, I noticed I needed to install TTF/OTF fonts. The first font I installed was DejaVu, which is pretty good, but I wanted something more modern, but with good support from different chara…
Arch Linux Workstation Setup
Now that the Arch Linux is installed and hardened, it is time to install a graphical environment to enable this system to be used as a workstation. This text will show how to setup the system, install the basic packages, and apply my personal configurations to build a system ver…
Linux Hardening with CIS Controls
This is a direct sequence of Installing Arch Linux, which already includes some hardening practices. This guide will go one step further because I am applying some CIS controls specific for Linux environments, obviously scoping and tailoring for my personal purposes. Security x …
Arch Linux Hardened Installation Guide
I have decided to install Arch Linux on my next laptop but first had to test it to be sure of my choice. Since I was looking for a hardened installation, which was not covered by the official installation guide, I decided to create this guide for my personal use and I hope it wi…