Falco: Catch Container Attacks at Runtime
Falco watches every syscall your containers make and screams when something sketchy happens. Like someone exec'ing a shell inside your nginx container at 3am.
Tag: linux
All the articles with the tag "linux".
Cockpit vs Webmin: Web Admin Panels That Don't Make You Cry
Cockpit is the modern systemd-native Linux admin panel. Webmin is the veteran that configures everything. Here's which one should be on your servers — and which shouldn't.
Fail2ban vs CrowdSec: Blocking the Bots Actually Smartly
Fail2ban bans IPs that attack you. CrowdSec bans them before they attack you, using community threat intelligence. Here's how to set up both and why you might want both.
2FA for SSH and sudo via PAM
Adding TOTP to SSH and sudo takes 10 minutes and makes password spray attacks useless. Here's the setup that won't lock you out of your own server.
Systemd Timers vs Cron: Scheduling That Doesn't Suck
Cron has been scheduling your jobs since before you were born. Systemd timers do everything cron does, plus logging, dependencies, and missed-run recovery.
SSH CA: Finally Ditch authorized_keys
Managing authorized_keys across 10 servers is how you lose track of who has access to what. An SSH CA lets you sign keys and revoke access without touching every server.
Wazuh: Open Source SIEM for Your Home Lab
Wazuh gives you SIEM, HIDS, FIM, and threat detection in one stack. Here's how to deploy it in your home lab with Docker and actually use it.
ZFS vs Btrfs: Which Modern Filesystem Wins?
ZFS is the paranoid fortress of filesystems. Btrfs is the scrappy upstart built into your kernel. Here's which one belongs in your home lab.
SBCs in 2026: Homelab on a Budget
DRAM prices are killing the hobbyist SBC market, but there are still great options. Here's what's worth buying in 2026 for a sub-$200 homelab setup.
Podman Quadlets: Systemd-Native Containers
Podman Quadlets turn containers into real systemd services using .container unit files — no daemon, no hacks, just clean native integration.
LUKS Full Disk Encryption on Linux
LUKS encrypts your drives so a stolen server is just expensive recycling. Here's how to set it up, manage keys, and unlock headless boxes remotely.
Rootless Docker: Run Without Root
Run Docker containers without root privileges — here's the security difference, the install steps, and the gotchas nobody tells you about.