Security

If you arrived here, it’s because you are tired of script kiddies attempting to brute force your server with sshd and polluting its logs. The good news is that NetBSD has preinstalled a solution to deal with such situations that is more convenient than the famous fail2ban: the blocklistd. The blocklistd is a deamon that has only one life purpose: monitor the number of failed connection attempt with some system service. After a defined threshold of failures, it will block the connection for a predefined time, for example, 6 hours. ...

Supposing you want to host a static pages site or your blog generated with Hugo on bozotic, but need a certificate for HTTPS, given that HTTP is almost dead and buried, here a tutorial on how to do it on NetBSD. First, install acmesh with pkgin: pkgin install acmesh After that, the command acme.sh will be available. Do all of the following as root (su root). Subscribe to Let’s Encrypt using the client, only a email is necessary: ...