Security   Security – List available cipher suite using nmap

If you are in process of securing your web server or site, there are some tools and online resources that can help us a lot (in one of the following posts will show you some of them).

But simply using the command the fantastic nmap tool, another interesting feature is listing the available cipher suite certain site offers using the … Read more

Security   Security – View HTTP headers using tcpdump

If you need to trace the HTTP request and response headers by capturing the related packets, you can use tcpdump in this way:

 tcpdump -i ens192 -A -s 10240 'tcp port 80' | grep -v IP | egrep --line-buffered "..(GET |\.HTTP\/|POST |HEAD )|^[A-Za-z0-9-]+: " |sed -r 's/..(GET |HTTP\/|POST |HEAD )/\n\n\1/g'

For example, filtering tcp port 80 and IP address:… Read more

Home Server icon   Home Server (7) – Install Linux Debian virtual machine in ESX

In this 7th post of the Home Server series, after having configured a SSD drive, a working ESX environment and the RAID disks, let’s create our first virtual machine based on Debian Linux.

For the goal we want to achieve (hosting a web server, our personal files, personal streaming server, …) we do not even need the graphic … Read more

Icinga icon   Icinga – How to configure passive checks made easy (2)

In the previous post I explained what is the difference between Icinga active and passive checks, why can be interesting to use passive checks, what is the result format Icinga is expecting when processing those checks and the way I use to send those results (instead of using snmp traps).

Now it is time to show how to configure it … Read more

Icinga icon   Icinga – How to configure passive checks made easy (1)

As I posted long time ago for Nagios (Nagios – Using passive checks without agent), it is time to show an easy way to configure Icinga to perform passive checks (without using SNMP traps).

This is the first of two posts. In this I only want to make some theoretical explanations and then in the second I will … Read more

Security   Security – Create self signed SAN certificate with OpenSSL

This post explains how to generate self signed certificates with SAN – Subject Alternative Names using openssl. It is a common but not very funny task, only a minute is needed when using this method.

The example below generates a certificate with two SubAltNames: and

Create openssl configuration file

Create configuration file for openssh (In a Linux … Read more

Icinga icon   Icinga – Cannot login to Grafana. Forgot admin password

It is not the first time my Icinga suddenlty, stops showing the grafana graphs.
Icinga when cannot show Grafana graphs


If trying to log to Grafana, admin password is not accepted. I am pretty sure i have not changed the password but I am unable to login to Grafana.
Invalid username or password when login to Grafana
And even worse, given that I still have not configured Grafana SMTP section / admin … Read more

Icinga icon   Icinga2 – Understanding checks and notification types

Here I am trying to present (I hope in an easy way to understand) some Icinga concepts (maybe also applicable in Nagios) like active and passive checks, enabling and disabling freshness checks, soft and hard states,… and the related parameters to configure them.

ACTIVE and PASSIVE services

There are two types of services:

  • ACTIVE: Check initiated by the Icinga
Read more

Linux   Linux – Exim: Authenticated and TLS mail through smarthost

Exim is a very flexible and common MTA (mail transfer agent) in Unix systems.
This posts shows the way to configure Exim as client to send authenticated and encrypted (TLS) emails through a smarthost.

Lets suppose the smarthost email server is listening on port 587 for secure outgoing SMTP…

Configure exim to use the smarthost

To configure exim In … Read more

Linux   Linux – TCP listener daemon with tcpserver

To configure passive checks in Nagios/icinga I use a tcp listener daemon that launches a script (See Nagios – Using passive checks without agent)
Tried to use inetd superserver daemon, but in the last versions, i have not been able to make it work correctly (See last update in my post: Linux – cannot found / missing inetd.conf)Read more