Hi,
I'm slowly beginning to look at IPv6 in preparations for my ISP to roll
out IPv6.
Currently I'm running an IPv4 LAN with physically segmented networks.
I'm using dhcpd with fixed IP addresses based upon MAC, and have these
setup in Unbound as well, as I have many clients and don't want to
Is it recommended to run some kind of intrusion detection on an OpenBSD
router/firewall?
I suspect that any kind of system like Snort or Suricata will give a lot of
false positives?
Kind regards,
Erik
With a default block, both in and out, I was wondering what is the best
approach to
whitelist services. To do:
pass in on $internal inet proto tcp to any port $tcp_services
Or:
pass out inet $external proto tcp to any port $tcp_services
I know that with the pass out on the $external then
Hi,
Is a DNS over HTTPS recognizable somehow so that it can be fingerprinted
and redirected or blocked using pf?
I am thinking about the ability of PF to detect when requests are coming from
a windows machine for example.
Kind regards,
Erik
> Now, everyone is telling me I should run Docker and a completely different
> setup.
"devops" are web developers with root, they need stuff like Docker or they
end up breaking everything.
"sysadmin" knows how to handle the bare metal!
> What the fuck?! Why in the world would anyone setup
5 matches
Mail list logo