How to Validate Security by Scanning All The Things

Note: This article was originally published on Red Hat’s Enable Sysadmin blog, https://www.redhat.com/sysadmin In parts one and two of this series, I walked you through hardening your system by identifying unneeded services, then segmenting and firewalling.  Now that you’re all locked down, let’s talk about how we might validate that all of that hard work…


Defense in Depth

Note: This was originally posted on Red Hat’s Enable Sysadmin blog. https://www.redhat.com/sysadmin This is the next step in my series on hardening and network security.  Please check out the previous article on Lowering your Attack Surface by Disabling Unnecessary Services. Flat Networks There was a time when all networks were flat.  A flat network is…


A week with the Lenovo Legion y740

I’ve got a few laptops. A Dell Inspiron from around 2015, and a Macbook Pro from around 2014. I’ve been dual-booting the Dell for gaming on Windows, and everything else on Fedora. The Macbook I run as Apple intended, with MacOS, and I use it mainly for video/content editing. Both machines are fine, but starting…


How to Lower Your Attack Surface

Note: This was originally posted on Red Hat’s Enable Sysadmin blog. https://www.redhat.com/sysadmin Linux systems are complicated things.  Out of the box, every distribution includes a number of services meant to help you get things up and running.  Some distributions enable less services by default, some enable more. The difference is in convenience. Some distributions are…


Big changes in my world.

Hi folks, sorry I haven’t been posting much. My work with Enable Sysadmin continues, and I have some new content headed that way, which will eventually trickle down to Undrblog. But, in the meantime, I thought I’d share a little update. For those of you who listen to Iron Sysadmin, or follow me on Twitter,…


Geeking Outside The Office

This was originally written for Red Hat’s Enable Sysadmin. Enjoy!Nate Sysadmins have plush easy desk jobs, right?  We get to sit in a nice climate controlled office, and type away in our terminals, never really forced to exert ourselves.  It might look that way, and as I write this during a heat wave here in…


The Day The RHV Manager Went Away…

This is an article I originally wrote for Red Hat’s Enable Sysadmin. Nate Late on a tuesday afternoon, I had somewhere to be after work, that made driving all the way home and then back again a waste of time.  So I was in my office late, killing some time, getting a little work done,…


Sysadmin Appreciation Day

This is an article I wrote for Red Hat’s Enable Sysadmin for Sysadmin Appreciation Day 2019. Enhoy!Nate Sysadmin appreciation day is coming, on July 26th you’ll have a chance to thank one of the least thanked people in your life, your local Sysadmin.  In today’s connected world, it’s likely that you rely on a sysadmin…


Locking down sshd

SSH, or Secure SHell, is the way in which a modern linux system is managed. Most experienced sysadmins love the direct access and power they get from being able to securely connect to a shell on their systems with relative ease. SSH replaced Telnet somewhere in the 90’s as the remote access protocol of choice,…


So You Wanna Start A Podcast – BSides Delaware 2018

This is a presentation I made at BSides DE 2018 about my experience starting The Iron Sysadmin Podcast, and my YouTube channel SWBCrawler. Enjoy!