Skip to content

Tag: security

All the articles with the tag "security".

nftables: Modern Linux Firewalling

nftables: Modern Linux Firewalling

iptables is being phased out. nftables is faster, cleaner, and already the default on modern Linux. Here's how to actually use it without wanting to quit.

SBOMs and Supply Chain Security

SBOMs and Supply Chain Security

A Software Bill of Materials tells you exactly what's in your software. Syft generates one, Grype scans it for CVEs. Together they're your supply chain paper trail.

Falco: Catch Container Attacks at Runtime

Falco: Catch Container Attacks at Runtime

Falco watches every syscall your containers make and screams when something sketchy happens. Like someone exec'ing a shell inside your nginx container at 3am.

Your Server Doesn't Know What Random Means (And That's a Problem)

Your Server Doesn't Know What Random Means (And That's a Problem)

Your freshly booted VM is generating SSH keys with barely any entropy, and that should make you nervous. Linux needs randomness to do cryptography, and headless servers are terrible at collecting it. Here's what's actually happening inside /dev/random and how to fix it before you generate a weak key.