pfSense 2.1.5 Released

If you’re on the pfSense mailing list, you probably know this already, but pfSense 2.1.5 has been released. It is primarily a security update (including a fix to OpenSSL), but if you want to see a full list of fixes, you can read about it at this blog posting at

VPN Tunneling with tinc

VPN tunneling

tinc is a Virtual Private Network (VPN) daemon that uses VPN tunneling and encryption to create a secure private network between hosts on the Internet. Because the tunnel appears to the IP level network code as a normal network device, there is no … [Continue reading]

Network Traffic Monitoring with vnStat

Network traffic monitoring

vnStat is a console-based program for network traffic monitoring in Linux and BSD. It keeps a log of hourly, daily, and monthly network traffic for the selected interfaces. It uses the network interface statistics provided by the kernel as an … [Continue reading]

Unbound DNS: Additional Settings

In the previous article, we introduced Unbound and covered some of the most common settings. In this article, we will cover some additional settings. Under Services -> Unbound DNS, the "Unbound DNS Settings" tab has a subheading called … [Continue reading]

Unbound DNS

Unbound DNS

Unbound DNS is a validating, recursive and caching DNS server software product. The C implementation of Unbound is developed and maintained by NLnet Labs, and is based on ideas and algorithms taken from a Java prototype developed by Verisign labs, … [Continue reading]

Securing Ports and Services

A computer system that is not connected to a network is a rarity. While this provides some flexibility in terms of remote services, data and information that are available, it also brings considerable risks. It is probably correct to assume that any … [Continue reading]

Software Exploits

A software exploit is a piece of software or sequence of commands that takes advantage of a bug, glitch or vulnerability in order to cause unintended or unanticipated behavior to occur. Software applications and the operating systems on which the run … [Continue reading]

TCP/IP Hijacking

TCP/IP hijacking is a technique that uses spoofed packets to take over a connection between a victim and a host machine. It is similar to a man-in-the-middle attack, except that the rogue agent sends a reset request to the client so that the client … [Continue reading]

Replay Attacks and Possible Countermeasures

Replay attacks are a variation on the man-in-the-middle theme. In a replay attack an agent is once again placed within the client/server line of communication. In the case of a replay attack, however, the transaction data is recorded for the express … [Continue reading]

Man-in-the-Middle Attacks

Man-in-the-middle attacks are perhaps one of the more complex and sophisticated forms of security breaching approaches. As the name implies, such an attack involves the surreptitious placement of a software agent between the client and server ends of … [Continue reading]

© 2013 David Zientara. All rights reserved. Privacy Policy