Secure Docker with iptables firewall and Ansible

Out of the box, security with Docker (and Docker Swarm) over the network is bad. Okay, that’s not entirely true. Out of the box when you have no containers started, it’s fine. But after you start a container, and if you publish a port, they are exposed to the outside world by default. And it’s not easy to fix. You need to create a custom Docker firewall with iptables.
 

Docker and the iptables INPUT chain

When testing Docker and iptables I stumbled upon something interesting. It appears Docker uses the iptables INPUT chain in an undocumented way. Well that’s interesting..

Manage firewalld with Ansible

Ansible manage firewalld Managing firewalld can be a tricky. Especially if you have many servers to manage. Ansible can help manage firewalld rules for you!

5 Reasons Why You Should Upgrade Windows to Linux

Tux

It’s time. Windows users, Upgrade to Linux. Windows 7 is reaching the end. You must upgrade. Do not replace Windows 7 with Windows 10. That is not an upgrade! Upgrade Windows to Linux Mint. It’s so much better!
 
 

Malicious code and abandoned websites

Malicious code and abandoned websites are increasingly becoming more of a problem. It’s a serious issue in terms of privacy and security.
TL;DR: Website owners: Be careful when using third-party code that you don’t control.
Users: Hope for the best! Use a content blocker browser add-on like uBlock Origin. On your mobile device use Firefox with uBlock Origin.

User Management with Ansible

Ansible is a great tool to automate all the things. Another task it can help to automate is user management. This guide will be talking specifically about user management on Linux servers like Red Hat Enterprise Linux (RHEL), CentOS, or Ubuntu. Ansible can handle this task!

Ansible Vault with Jenkins

Ansible can use encrypted files, using a feature called Ansible Vault. This is great for sensitive information that you don’t want to store as a normal text file since you are able to encrypt this data in your souce control.

Upgrade SSH keys and use gpg-agent with Ed25519 keys

SSH keys are convenient and more secure than using a password to authenticate. If you created your SSH key a while ago, it’s probably time to generate new RSA 4096 and Ed25519 keys. SSH keys like DSA and RSA 1024 are very old and now insecure. You should even upgrade ssh keys that are RSA 2048.

How to setup OpenVPN with ad blocking on Raspberry Pi or a VPS

Ad Overload happens.. Is Ad Blocking possible in NYC? Using a VPN can help to protect your privacy. You can use a VPN to appear like you are in another country to reach a website that was previously blocked, to stop your ISP from restricting you to certain websites, and when travelling to protect your data while using insecure WiFi. There’s another: ad blocking.

Firefox privacy and custom settings made easy

Change Firefox privacy settings with user.js Firefox is a fast and customizable web browser. And with the latest version called Firefox Quantum it is faster than ever! It is great to load websites fast, but there’s another amazing feature. Changing the Firefox privacy settings to be more effective at making user tracking more difficult. And you can make all these changes in a single configuration file.