All the articles with the tag "security".
Proxychains-ng, Tor, and VPN+Tor combos tested honestly: which setups actually anonymize traffic and which are security theater you should stop trusting.
Generate SSH keys, set up passwordless auth, configure SSH, and transfer files securely with SCP — the foundation of headless Linux work.
TLS tunneling for legacy plaintext services — stunnel's X.509 cert model vs spiped's pre-shared key simplicity, and when each one actually wins.
Suricata beats Snort on multi-threading and EVE JSON logging. Side-by-side IDS/IPS breakdown with Suricata install, suricata.yaml config, and OPNsense setup for home labs.
AV vs EDR — traditional antivirus signatures vs behavioral endpoint detection. What each catches, what it misses, and what you actually need.
Apply zero-trust principles to your home lab — network segmentation, VLANs, identity-aware proxies, and Tailscale as the glue.
UFW makes iptables manageable — allow and deny rules, app profiles, default policies, and the 5-minute setup for any new Linux server.
Run a WireGuard VPN server inside Docker — wg-easy setup, peer config generation, and getting road warrior access to your home network.
Containers are not VMs. Here are the real escape vectors — privileged mode, mounted sockets, kernel CVEs — and the runtime hardening that actually helps.
Cosign keyless signing uses GitHub OIDC + Fulcio + Rekor to sign container images without managing private keys. Here's how it actually works and why you want it.
age replaces GPG for file encryption with a sane CLI, SSH key reuse, and zero key management drama. Here's how they compare and exactly when each one wins.
Containers aren't security boundaries — Sysbox, gVisor, and Kata fix that. Here's which isolation runtime fits your actual threat model.
