How to implement an internet facing FreeBSD IPFW firewall
I am a FreeBSD user since version 2.2. And I've never used the FreeBSD native packet filtering firewall IPFW before.
But that changed a little while ago, so I've decided to write about it and share my insights and gained knowledge about this subject. So this blog post is about implementing an internet facing firewall using FreeBSD IPFW!
Vulnerability management for FreeBSD
If you run a FreeBSD system, you want to run it healthy you want to keep it up to date. A system in this case can be a physical system, a virtual machine or even a jail. And keeping it up to date means not only implementing newer versions of the Operating System and or packages, because of i.e. increased functionality, but also keep track of vulnerabilities of both and patch them when necessary. This is vulnerability management!
But this is not as easy as it sounds! It involves identifying, classifying, prioritizing and mitigating the vulnerabilities, which can be a complex and difficult process!
Software inventory with Salt on FreeBSD
Software inventory is one of the 20 CIS Controls.
Up to recently I was not doing software inventory (and control) for the SoCruel.NU platform. The platform is (almost) completely based on FreeBSD and all hosts (physical, virtual, laptop) are managed with SaltStack, so it would be nice if these can be used for this purpose. And it can!
See the archive page or category pages on the right for more (older) blog posts.