Cloudflare Tunnel

Cloudflare Tunneling to Internal Resources with Cloudflared

Introduction This post will cover how to set up a Docker container of Cloudflared on your internal network to provide a private tunnel from Cloudflare to your internal resources. After setting up the Cloudflared tunnels, you will no longer need to expose ports 80 and 443. This post assumes you currently have a vibrant and functioning internal network with a reverse proxy (in my case, Nginx Proxy Manager) already configured....

June 27, 2022 · 4 min · Robert D. White
OSSIM Logo

'Split-Brain DNS' for Internal HTTPS with Let's Encrypt

Introduction In this previous post, I showed how to connect to a Unifi router with HTTPS, effectively ridding you of the tedious words, “Your connection is not private.” However, the method shown in that post directs your connection to an external DNS server (e.g., CloudFlare) in order to resolve your Unifi router. This adds some latency by requiring your traffic to flow out and in rather than staying local. Additionally, it requires opening some ports externally....

May 13, 2022 · 10 min · Robert D. White
OSSIM Logo

Manage Linux Logs on AlienVault OSSIM

Introduction OSSIM is a powerful open source security information and event management (SIEM) operating system. AlienVault OSSIM is the open source version of AlienVault, which is sold by AT&T. I have used OSSIM in professional deployments in the past, and I currently use OSSIM for vulnerability scanning, asset management, and security alerts. OSSIM can often be overly complicated to set up and install, and the documentation available for troubleshooting is sparse....

April 19, 2022 · 7 min · Robert D. White
Graylog & Unraid Logo

Run Graylog with Docker Compose on Unraid

Introduction Logging and traffic monitoring are of utmost importance in information security. Having searchable stored logs can allow visibility into a variety of critical activities related to a data breach. For example, individual computer event logs can provide insight into an attacker’s lateral movement within an environment. Active Directory authentication logs can provide more detail into this lateral movement and even help to establish a timeline of this movement. Firewall logs can provide insight into an attacker’s first contact or the first time an attacker utilized a particular command or control domain....

March 27, 2022 · 7 min · Robert D. White
Twitter Icon

How to Access Twitter Without an Account, Anonymously

Interestingly, after my previous post describing how to route Docker containers through VPN on Unraid, I received a substantial lot of questions via email about my hints at accessing Twitter anonymously. This post is my response to those questions, and I will describe my workflow to access Twitter feeds anonymously, without an account. This post will assume you have read my post on how to route Docker containers through VPN on Unraid or that you already know how to accomplish this....

November 19, 2021 · 4 min · Robert D. White