Note: This was originally written for Red Hat’s Enable Sysadmin Blog, https://www.redhat.com/sysadmin The job title “System Administrator” is sometimes vague within the industry. Some sysadmins are responsible for a wide swath of devices, from desktops, to servers, to printers, to air conditioning units. So, sometimes when you tell another IT professional that you’re a sysadmin,…
How to Validate Security by Scanning All The Things
Note: This article was originally published on Red Hat’s Enable Sysadmin blog, https://www.redhat.com/sysadmin In parts one and two of this series, I walked you through hardening your system by identifying unneeded services, then segmenting and firewalling. Now that you’re all locked down, let’s talk about how we might validate that all of that hard work…
Defense in Depth
Note: This was originally posted on Red Hat’s Enable Sysadmin blog. https://www.redhat.com/sysadmin This is the next step in my series on hardening and network security. Please check out the previous article on Lowering your Attack Surface by Disabling Unnecessary Services. Flat Networks There was a time when all networks were flat. A flat network is…
A week with the Lenovo Legion y740
I’ve got a few laptops. A Dell Inspiron from around 2015, and a Macbook Pro from around 2014. I’ve been dual-booting the Dell for gaming on Windows, and everything else on Fedora. The Macbook I run as Apple intended, with MacOS, and I use it mainly for video/content editing. Both machines are fine, but starting…
How to Lower Your Attack Surface
Note: This was originally posted on Red Hat’s Enable Sysadmin blog. https://www.redhat.com/sysadmin Linux systems are complicated things. Out of the box, every distribution includes a number of services meant to help you get things up and running. Some distributions enable less services by default, some enable more. The difference is in convenience. Some distributions are…