BIND9 DNS
How to install, maintain, and run a BIND9 DNS server (named
). Covers building from source, configuring, hardening, and DNS over TLS as well as DNSSEC.
Updated on 2024/07/23.
How to install, maintain, and run a BIND9 DNS server (named
). Covers building from source, configuring, hardening, and DNS over TLS as well as DNSSEC.
Updated on 2024/07/23.
Use PowerSTIG to automate STIG compliance across a number of items like WindowsServer, IIS, Adobe, Chrome, RHEL, Ubuntu, Vsphere, SqlServer, and more, while maintaining documentation of the state as a PowerShell configuration file. This is similar to my approach of using Ansible tags to maintain and combine machine states.
Updated on 2024/07/15.
An overview of spinning up a test environment, and extracting evidence from any unix-like endpoint. This is mostly for personal reference, as it's just pointing to all the existing (and vast) documentation in a sequence that's useful for me -- and hopefully for you as well.
Updated on 2024/07/12.
Install OpenSCAP, pull compliance profiles from GitHub/ComplianceAsCode, debug policies with Ansible's -C
and -D
options, apply, test, and maintain policies with Ansible tags.
Updated on 2024/07/10.
How to set up aide
for filesystem integrity monitoring and do basic tuning of the configuration.
Recently updated to mirror and support ausearch
arguments. This post showcases those changes and how the tool works.
Various configuration settings and notes for Microsoft Windows operating systems.
Updated on 2024/07/23.