All

Packet filter & gateways

Application-layer gateways

Communication server

Network-attached storage

All

Infographics / videos

White papers

Blog posts

Light

Dark

Deutsch

Resources

Blog posts

Running you own mail server II: Cyrus IMAP

Running you own mail server II: Cyrus IMAP

Blog post ⋮ December 2024

Securely running your own mail server isn't hard with the right software. Cyrus IMAP is a straightforward mail box server and the perfect companion to OpenSMTPD.
Running you own mail server I: OpenSMTPD

Running you own mail server I: OpenSMTPD

Blog post ⋮ December 2024

Securely running your own mail server isn't hard with the right software. OpenSMTPD offers all you need without complexity. Set up within minutes, it hardly leaves room for any mistakes.
How to merge: the overlooked key to a good git strategy

How to merge: the overlooked key to a good git strategy

Blog post ⋮ January 2023

Amid debates on the optimal git strategy, an important aspect is often overlooked. It is not the strategy that determines the maintainability of your repository, but the way you handle your merges.
Axing the leap second is not science — it is a defeat against it

Axing the leap second is not science — it is a defeat against it

Blog post ⋮ November 2022

After years of debate, leap seconds will be abandoned as of 2035. The decision calls for science to come up with a solution, where in fact, it is a total defeat - in order to protect an obsolete Unix design.
Insecurity by transparency

Insecurity by transparency

Blog post ⋮ February 2022

Publishing security fixes on open-source platforms creates an opportunity for attackers to exploit the underlying vulnerabilities, which exceeds the usual case of not-yet-patched systems.
Configuring StrongSwan through swanctl.conf

Configuring StrongSwan through swanctl.conf

Blog post ⋮ November 2021

StrongSwan's new configuration file, swanctl.conf, introduces clearer terminology and thus simplifies setting up remote access.
Sending and processing ARP requests/responses using BPF (updated)

Sending and processing ARP requests/responses using BPF (updated)

Blog post ⋮ November 2020

Being between layers 2 and 3, ARP is handled by the operating system; but it can be useful to control ARP for checking ARP cache validity or finding hosts. BPF allows you to do so on BSD systems.
Prevent your OpenBSD shared-memory objects from being axed by daily(8)

Prevent your OpenBSD shared-memory objects from being axed by daily(8)

Blog post ⋮ June 2020

The temporary files that underly shared-memory objects will be destroyed by system maintenance after a week, unless you update file times to prevent this.
Building an OpenBSD VPN server with iked and OpenSSL

Building an OpenBSD VPN server with iked and OpenSSL

Blog post ⋮ April 2020

OpenBSD comes with a great IKEv2 server: iked. But the front-end ikectl has its limitations. It is easy to run iked with the underlying OpenSSL directly.