🧠 Building a Hybrid Anomaly Detection Engine for Network Flows 1️⃣ Background flowenricher already enriched NetFlow/IPFIX data with ASN, GeoIP, DNS, etc., and had an Isolation Forest (iForest)–based anomaly detector. We wanted to make the anomaly detection more stable, explainable, and sensitive to different attack patterns without constant retuning — so we added two complementary … Read more
When CSF (ConfigServer Firewall) announced it was closing, it left a big hole in the Linux hosting world.CSF had been the de-facto standard for years — a reliable mix of iptables, Perl scripts, and clever wrappers that kept countless servers secure. But for those of us who’ve been running modern systems, one question was already … Read more
It all started, as it often does, with a simple hosting setup on dedicated servers, hosting customers on the usual suspects: Hetzner, OVH, and the like. As things grew, the natural evolution was to dive deeper into infrastructure — first a few racks in a datacenter (Nova), then IPs and circuits from a provider, and … Read more