Featured
Installing OpenVAS on CentOS 7

Installing OpenVAS on CentOS 7

This is a walkthough for installing and configuring OpenVAS 9 on CentOS 7. OpenVAS (Open Vulnerability Assessment System) is an opensource vulnerability scanner. Brief History OpenVAS forked from Nessus when Tenable took the previously opensource product to closed source back in 2005. That’s worth mentioning primarily because on a side note, I’ve used Nessus for many years and I remember when it was forked. Since then, Nessus became one of the leaders in the vulnerability scanning space and a fairly…

Read More Read More

Block Ads & Malvertising on pfSense Using pfBlockerNG (DNSBL)

Block Ads & Malvertising on pfSense Using pfBlockerNG (DNSBL)

This walkthrough uses the DNSBL portion of pfBlockerNG to remove ads/advertising and more importantly, malvertising. It essentially creates a functionality similar to the pi-Hole project except it doesn’t require a separate piece of hardware. Instead, you just use your pfSense + pfBlockerNG! Please note this walkthrough is for the new version of pfBlockerNG. Although the new version of pfBlockerNG is still in the development/experimental branch of pfSense firmware, I would suggest configuring it instead of the “stable” version… First, I…

Read More Read More

Monitor For Expiring SSL/TLS Certs with Nagios

Monitor For Expiring SSL/TLS Certs with Nagios

We’ve all been there. Your SSL/TLS certificate on your webserver, mail server, or <insert service name here> has expired and your users are miffed!!! Expiring SSL/TLS certificates have been a problem as long as I can remember and that was at a point when SSL certs could last for several years. Now we have Let’s Encrypt (@letsencrypt) in the fray of SSL/TLS certs and their certs only last a maximum of 90 days. Do you really think expiring certs won’t…

Read More Read More

Block Ads & Malvertising on pfSense Using pfBlockerNG (DNSBL) – Old

Block Ads & Malvertising on pfSense Using pfBlockerNG (DNSBL) – Old

This walkthrough uses the DNSBL portion of pfBlockerNG to remove ads/advertising and more importantly, malvertising. It essentially creates a functionality similar to the pi-Hole project except it doesn’t require a separate piece of hardware. Instead, you just use your pfSense (pfBlockerNG)! I love pfSense and if I could only install one package to enhance its capabilities, it would undoubtedly be pfBlockerNG. pfBlockerNG is a pfSense package maintained by @BBcan177 (on Twitter). It’s worth mentioning that BBCan177 has a Patreon campaign where you…

Read More Read More

Redirect outgoing NTP traffic to an internal NTP server

Redirect outgoing NTP traffic to an internal NTP server

Tired of seeing outbound NTP blocks in your firewall logs because you restrict outgoing traffic? Or maybe you are receiving alerts because some device uses NTP pool resources (such as pool.ntp.org) and one of those IP addresses has ended up on a blacklist, blocklist, threat intelligence feed, etc? Either way, few things in the life of an IT or security professional are as frustrating as false positives. This write-up will help you change that with a little NAT magic, aka…

Read More Read More

Adding HSTS To Your Website

Adding HSTS To Your Website

So you’ve moved your website to use SSL/TLS and that’s it? Not quite! Your next step should to test your site and enable HSTS (HTTP Strict Transport Security). Changelog 19Dec2017 – Originally posted 5Apr2018 – Added speed difference verbiage between server config and functions.php or .htaccess for high volume websites Testing via Qualys SSL Labs I *love* the SSL Labs server test from Qualys. It’s free and it does a fantastic job of testing (and subsequently grading) your website for…

Read More Read More

Monitoring pfSense with Nagios Using SSH – part 3

Monitoring pfSense with Nagios Using SSH – part 3

Configuring the checks on Nagios XI This is the third and final part to monitoring pfSense with Nagios XI using SSH. If you missed either of the previous parts, I’ve included them below. Note: If you’re configuring this on Nagios Core, scroll down to the bottom of this page for the example commands.cfg and services.cfg files. Part 1: Setting up password-less SSH Part 2: Downloading and testing the checks Changelog 15Dec2017 – Originally posted 9May2018 – Added uptime and CPU…

Read More Read More

Monitoring pfSense with Nagios Using SSH – part 2

Monitoring pfSense with Nagios Using SSH – part 2

Downloading and testing the checks In the part 1, we setup password-less SSH. What good does that do? Now that we have a secure connection between the systems, we are quite a bit closer to securely running check commands using the SSH proxy on Nagios XI or the check_by_ssh on Nagios Core. Changelog 15Dec2017 – Originally posted 9May2018 – Added uptime and CPU temperature check as well as a Nagios Core example 11May2018 – Modified the check_pf_mem plugin 1June2018 –…

Read More Read More

Monitoring pfSense with Nagios Using SSH – part 1

Monitoring pfSense with Nagios Using SSH – part 1

Monitoring pfSense with Nagios XI or Core Using SSH Series This walkthrough will guide you through the process of monitoring your pfSense using SSH and Nagios. Though this was originally written with Nagios XI in mind, recent additions to this walkthrough have made the process far easier for those configuring it on Nagios Core. FWIW, the scripts could also be used with NRPE without issue, although I discuss why SSH is my preferred route below. The end of part 3…

Read More Read More

Nagios – ndo2db not running

Nagios – ndo2db not running

Your Nagios server was shutoff unexpectedly and now you see the “database backend” with a red exclamation in the web GUI. The only thing you can do is try to start the process, but it comes back with ndo2db is not running. Fortunately, the fix is pretty simple. Feel free to copy/paste the commands to avoid typos. Just make sure you omit the ‘#’ on each command otherwise the command won’t run. Assuming you have already tried restarting the ndo2db…

Read More Read More