Cybersecurity in the Age of the Machine
As zero-day exploits become increasingly common, keeping the kernel up to date is a top priority.
In CentOS 6.x/7.x and RHEL 6x./7.x, upgrading the Linux Kernel is a painful procedure which requires about a dozen steps. On Fedora, all it takes is a time-saving two-liner. You don’t need to concern yourself with the configuration of the grub boot manager, which is a frequent source of trouble on CentOS and RHEL.
[Updated 2018-06-10] This post explains how to set up robust security headers in NGINX to protect your web application from malicious payloads and other forms of attacks. Choose your HTTP(S) headers wisely.
This is easier than you probably think: AWS will expand the EBS boot volume of an EC2 instance running Linux automatically when you launch a new instance off of it with the desired capacity.
Here is how it works in more detail.
The DNS system is broken. The sorry state of DNS security exposes your server and your end users to a variety of risks. Some of those risks are preventable.
TLS 1.3 and post-quantum cryptography are subjects of much debate. Upgrade or wait—this is the big question facing administrators and users alike.
There are quite a few reasons to jump onto the TLS 1.3 bandwagon immediately, with or without quantum cryptography. Here is why.