On Thursday I released an article detailing how to get Proxmox setup and also how to configure networking with IPv6. However that article got long and I just said I would address the firewall in the future. Well, that’s today because I need to get the configuration stuff written down before I forget. In addition to the firewall there are some other security house keeping items for a new proxmox install, that includes disabling the root account and using sudo and changing the default SSH port. So let’s go.

The base OS under Proxmox is Debian. Debian is great and it is lighter-weight than Ubuntu so I am all for using it.

If you are already somewhat comfortable with Proxmox and Debian configuration and just prefer I get to the point then (more…)

Last year Google proposed marking any and all sites not using SSL in a negative fashion in its Chrome browser. This year they are indicating they plan on moving forward with this:

Google Chrome gets ready to mark all HTTP sites as ‘bad’

To clarify what this means for small content creators… an extra ~$100+ a year for hosting a website, not to mention SSL adds a layer of complexity to the hosting. (more…)

Source: 14 Best Open Source Web Application Vulnerability Scanners – InfoSec Resources

Regular vulnerability scanning and remediation is a key part of strong security in your enterprise. Particularly scanning publicly available services like Websites and Applications. Thankfully it doesn’t have to be a horribly expensive affair! This is a handy list with some short write-ups on some of the most popular open source Web Application vulnerability scanners.