Etherarp
Etherarp

Networking, Security, Linux

Rohan Molloy
Author

Rohan Molloy

Secure SSL configuration for Nginx

Here is a handy snippet for configuring a hardened SSL/TLS on Nginx. It receives a A+ rating when tested at Qualys. A later post will discuss the configuration options in detail, what they do, and how SSL works. Just a word of warning, this configuration enables HSTS by default. If enabled, it tell…

Rohan Molloy

Securing services with stunnel

Stunnel is a tool that allows you to seamlessly add TLS to most existing services. Stunnel listens on a port, and can either receive encrypted traffic and pass it to an unencrypted destination, or it can receive unencrypted traffic and forward that to an encrypted destination. TLS is commonly used t…

Rohan Molloy

sshuttle - a VPN for the lazy

sshuttle is a Python based script that allows you to tunnel connections through SSH in a far more efficient way then traditional ssh proxying. By far the greatest perk of sshuttle is that it requires no installation on the server side. As long as you have an SSH server (with python installed) you're…

Rohan Molloy

My IPTables Configuration Script

I've talked quite a lot about iptables but haven't really shown how I actually put it into practice. Today I'll share a shell script I wrote to set up IPTables on my Fedora 25 Desktop. Download Warning: Make sure you check its appropriate for your needs and you understand its functionality before ru…

Rohan Molloy