security

Mikrotik router + Nexus switch lockdown

by

Scenario: You’re handing over a server to someone else to administer, but you retain control of the network. You want to prevent them from changing the server’s IP address, adding extra IPs, or bypassing your network rules — also give management without giving them VPN access to your management subnet. Stack used: RouterOS 7.x (CCR2004), … Read more

I Built a ClamAV Scanner Bridge. A “Hacker” Was Kind Enough to Test It.

by

Every piece of security infrastructure needs a real-world test. Unit tests are fine. Staging environments are fine. But nothing validates your upload scanning pipeline quite like an actual threat actor uploading a PHP webshell to your server while you’re mid-development. Allow us to introduce our tester: ~XBumbbleB33~. The Setup For context: CFM is our homegrown … Read more