Meet us 20-22 January at the Omnisecure 2025 in Berlin and attend our presentation on SDN and classified information.

Resources

Blog posts

How to merge: the overlooked key to a good git strategy

How to merge: the overlooked key to a good git strategy

Blog post ⋮ January 2023

New Amid debates on the optimal git strategy, an important aspect is often overlooked. It is not the strategy that determines the maintainability of your repository, but the way you handle your merges.

Axing the leap second is not science — it is a defeat against it

Axing the leap second is not science — it is a defeat against it

Blog post ⋮ November 2022

New After years of debate, leap seconds will be abandoned as of 2035. The decision calls for science to come up with a solution, where in fact, it is a total defeat - in order to protect an obsolete Unix design.

Insecurity by transparency

Insecurity by transparency

Blog post ⋮ February 2022

New Publishing security fixes on open-source platforms creates an opportunity for attackers to exploit the underlying vulnerabilities, which exceeds the usual case of not-yet-patched systems.

Configuring StrongSwan through swanctl.conf

Configuring StrongSwan through swanctl.conf

Blog post ⋮ November 2021

New StrongSwan's new configuration file, swanctl.conf, introduces clearer terminology and thus simplifies setting up remote access.

Sending and processing ARP requests/responses using BPF (updated)

Sending and processing ARP requests/responses using BPF (updated)

Blog post ⋮ November 2020

New Being between layers 2 and 3, ARP is handled by the operating system; but it can be useful to control ARP for checking ARP cache validity or finding hosts. BPF allows you to do so on BSD systems.

Prevent your OpenBSD shared-memory objects from being axed by daily(8)

Prevent your OpenBSD shared-memory objects from being axed by daily(8)

Blog post ⋮ June 2020

New The temporary files that underly shared-memory objects will be destroyed by system maintenance after a week, unless you update file times to prevent this.

Building an OpenBSD VPN server with iked and OpenSSL

Building an OpenBSD VPN server with iked and OpenSSL

Blog post ⋮ April 2020

New OpenBSD comes with a great IKEv2 server: iked. But the front-end ikectl has its limitations. It is easy to run iked with the underlying OpenSSL directly.