Securing Your Data: Using LUKS to Encrypt a Partition

2024-02-092026-01-15 ~ Tom's IT Cafe ~ Leave a comment

Data security is paramount in today’s digital age. Whether you’re concerned about personal privacy or safeguarding sensitive work-related information, encrypting your data is an effective way to protect it from unauthorized access. In this blog post, we’ll explore how to use LUKS (Linux Unified Key Setup) to encrypt a partition, /dev/nvme0n1p3, on a Debian Bookworm desktop. LUKS is a widely-used disk encryption specification for Linux systems that provides robust security for your data.

Continue reading →

Podman Secrets for Secure Service Config

2024-02-062026-01-15 ~ Tom's IT Cafe ~ Leave a comment

In the world of the containerization, security and efficient service configuration are serious concerns. Podman, a container management tool, provides a solution for orchestrating containers and includes a feature known as “secrets” to enhance the security of sensitive information within containerized applications. This article explores the use of Podman secrets for configuring services securely, ensuring that sensitive data such as passwords and API keys remain confidential.

Continue reading →

How To Become a Master Hacker in 2024

2024-02-022026-01-15 ~ Tom's IT Cafe ~ Leave a comment

As technology breaks in to more fields and professions, as the age of the AI is in our doorstep and the information technology (IT) is unquestionable part of our everyday life the attack surface for malicious actors is exponentially growing. With the age of home office and remote work the importance of cyber security just accelerated. More and more people want to get their share from this now popular cyber world. They are from different experience levels and age. Here are my suggestions and ideas for 2024 to learn cyber security and dip a pinky into ethical hacking.

Continue reading →

Setting Up a Root Certificate Authority with OpenSSL

2024-01-302026-01-15 ~ Tom's IT Cafe ~ Leave a comment

In secure communication establishing a secure channel is very important. One way to achieve this is by setting up a Root Certificate Authority (CA) to sign and manage digital certificates. In this article, we’ll guide you through the process of creating your own Root CA and signing service certificates using OpenSSL, a versatile open-source tool for cryptography.

Continue reading →

How To Set Up 2FA With TOTP For OpenSSH Servers

2024-01-262026-01-15 ~ Tom's IT Cafe ~ Leave a comment

Implementing robust authentication mechanisms is crucial to safeguard sensitive information. One such method gaining popularity for its effectiveness is Time-based One-Time Passwords (TOTP). In this article, we set up TOTP with OpenSSH, a widely used and versatile protocol for secure remote access. By integrating TOTP into your OpenSSH configuration, you enhance the security of your system by adding an additional layer of authentication, strengthening defenses against unauthorized access and potential cyber threats. Follow along as we guide you through the steps to fortify your OpenSSH environment with TOTP, ensuring a resilient defense against security breaches.

Continue reading →

Protect Your Linux Server and Desktop with ClamAV

2024-01-232026-01-15 ~ Tom's IT Cafe ~ Leave a comment

In today’s connected world cyber security is a huge concern. As the threat landscape continues to evolve, safeguarding your Linux system has never been more critical. One powerful tool in your security tool set is ClamAV, an open-source antivirus software designed to detect and defend against a wide range of malware threats.

Continue reading →

Installing and Automating Let’s Encrypt Certificates with Certbot

2024-01-192026-01-15 ~ Tom's IT Cafe ~ Leave a comment

In today’s connected world, ensuring the security of web communications is very important. Encrypting data exchanged between users and websites is a mandatory step in protecting sensitive information and privacy. Let’s Encrypt, a free, automated, and open certificate authority, coupled with Certbot, a robust tool for automatically managing SSL/TLS certificates, provides a powerful solution for making the web a safer place. In this post, we will explore the process of implementing Let’s Encrypt and Certbot on Debian Linux to enhance web security.

Continue reading →

Deploying Mailcow: A Self-Hosted Mail Server In Docker

2024-01-162026-01-15 ~ Tom's IT Cafe ~ Leave a comment

Setting up an efficient mail server is crucial for individuals and organizations. Mailcow, a comprehensive mail server solution, offers a user-friendly interface and a wide range of features. In this guide, I’ll walk you through the process of installing Mailcow on Debian Bookworm and Docker, ensuring a smooth and hassle-free experience.

Continue reading →

Import Passwords From KDBX Or CSV Files Into Passbolt

2024-01-122026-01-15 ~ Tom's IT Cafe ~ Leave a comment

In today’s dynamic business environment, effective password management is crucial to ensure the security of sensitive information. Passbolt, an open-source password manager, provides a robust solution for organizations looking to enhance their credential management practices. We’ll explore the process of importing KDBX and CSV files into Passbolt, helping the transition to a more secure and efficient password management system.

Continue reading →

How To Set Up Vhosts In The Nginx Webserver?

2024-01-052026-01-15 ~ Tom's IT Cafe ~ Leave a comment

NGINX, pronounced “engine-ex,” is an open-source web server software used for various purposes, including web serving, reverse proxying, caching, load balancing, and media streaming. It was initially designed to handle large numbers of concurrent connections, making it suitable for high-performance web applications.

Continue reading →

Installing and Using Chkrootkit on Debian Linux

2023-12-292026-01-15 ~ Tom's IT Cafe ~ Leave a comment

In an era where cyber security threats are evolving rapidly, safeguarding your Debian system against potential risks is very important. Rootkits, a type of malicious software designed to gain unauthorized access to a computer system, pose a significant threat to the integrity of your Debian Linux installation. To fortify your defenses, one effective tool to consider is Chkrootkit, a simple yet powerful rootkit detector.

Continue reading →

Installing and Using RKHunter on Debian Linux

2023-12-262026-01-15 ~ Tom's IT Cafe ~ Leave a comment

In the evolving landscape of cyber security threats, safeguarding your Debian Linux server is a must. Rootkit Hunter, commonly known as RKHunter, is a powerful tool designed to detect and remove rootkits, malware, and suspicious system behavior. In this guide, we’ll walk you through the process of installing and using RKHunter on Debian Linux to fortify your server’s security.

Continue reading →

Install Passbolt Self-Hosted With Podman

2023-12-222026-01-15 ~ Tom's IT Cafe ~ Leave a comment

Passbolt is an open-source password manager designed for teams and organizations that prioritize security and privacy. It offers the following features:

Security-First Approach: Passbolt puts security first, with a security model that supports user-owned secret keys and end-to-end encryption, regularly assessed by top penetration testers.
Built for Collaboration: It allows secure sharing of credentials with powerful auditing tools and unparalleled granularity for access controls and encrypted data.
Privacy Focus: Headquartered in the EU, Passbolt prioritizes privacy and is designed to comply with European privacy laws.
Versatility and Control: Passbolt is designed to put users in control of their data and protect them from a wide range of potential threats, making it suitable for security-conscious organizations.

Passbolt is trusted by a wide range of organizations, including Fortune 500 companies, the defense industry, universities, and startups, and has received 4,000 stars on GitHub as a seal of approval for its reliable and secure password management. It is also available as a free and open-source solution, with an extensible API for developers.

Continue reading →

How To Configure An Apache SSL Reverse Proxy on Linux?

2023-12-192026-01-15 ~ Tom's IT Cafe ~ Leave a comment

What is Apache?

Apache is a free and open-source cross-platform web server software that allows users to deploy their websites on the internet. It was launched in 1995 and has been the most popular web server on the Internet since April 1996.

What is a reverse proxy?

A reverse proxy is a server that sits in front of web servers and forwards client requests to those web servers. It acts as an intermediary, intercepting and inspecting incoming client requests before forwarding them to the web server. Reverse proxies can provide additional levels of abstraction, control, security, and performance optimization. They are commonly used for load balancing, web acceleration, and to hide implementation details about the web servers.

What is SSL?

SSL, or Secure Sockets Layer, is a protocol for establishing authenticated and encrypted links between networked computers. Its current iteration is called TLS (Transport Layer Security).

Continue reading →

How To Install Vaultwarden Password Manager In Podman?

2023-12-082026-01-15 ~ Tom's IT Cafe ~ Leave a comment

Vaultwarden is an open-source password manager that is a fork of Bitwarden. It is written in Rust and is designed to be lightweight, easy to set up, and run on various platforms. Vaultwarden is an alternative backend for the password manager Bitwarden, and while it does not implement the same feature set as the Bitwarden server, its setup is much simpler. Vaultwarden is a great option for small businesses because it is lightweight and runs well on devices with limited resources, such as Raspberry Pi and Synology NAS. It is also easy to set up and use, making it a great choice for businesses that do not have dedicated IT staff. Additionally, Vaultwarden is open-source, which means that businesses can customize it to meet their specific needs.

Continue reading →