Inspired on Crowdsec firewall bouncer, and also with the intention of learning some Rust, I’ve created Bulwark, a small program to run in a OpenWrt router (or any Linux machine) to ban IPs of attacks detected by my servers.
[Read More]From Fail2ban to Reaction
Fail2ban has been an important security tool I’ve been using in my servers for many years. However sometimes is difficult to configure, lacks certain features and can consume too many resources.
Recently I’ve switched to Reaction, a new tool with the same philosophy: monitor logs and execute some actions based on log matches. Reaction is written in Rust, so it’s fast and resource efficient.
[Read More]Sandbox Steam running it under a different account
To improve my system’s security, I’ve configured Steam to be run as a different Linux account. This guide is inspired in this thread.
[Read More]Export non-exportable private keys from Windows key store
When I was looking for a utility to export the non-exportable private keys in Windows, I found the mimikatz tool, which enabled me to do that and a lot more.
To export the private keys, run mimikatz as administrator and type:
crypto::capi
crypto::certificates /export
And you’ll get the certicates exported with the password mimikatz. You can also export the machine certificates with /systemstore flag. See the wiki for more info.
This tool is detected as a threat by many antivirus, so you’ll have to probably disable yours before using it.