Setup DNSCrypt with Dnsmasq

Typically DNS requests are not encrypted or signed at all. This means an attacker which is in a man-in-the-middle position could spy on you to check out with websites you are visiting or to redirect you to a malicious website. Hence DNSCrypt got developed to improve security and protect privacy. This blog post is about how to setup DNSCrypt with the Linux tool Dnsmasq.

Run a Flask application via uWSGI and Nginx

uWSGI can be used to serve a web application developed with the Python framework Flask. This technology is also in use for my own blog. There are several ways how to setup uWSGI, but this blog post will cover how to manage it via systemd.

How to setup Mutillidae

OWASP provides a great project so called Mutillidae, which is a deliberately vulnerable web-application providing a target for web-security enthusiast. It comes preinstalled with SamuraiWTF, Rapid7 Metasploitable-2 and OWASP BWA, but it's also very easy to setup it by your own. This tutorial describes how to install all the required packages and the necessary configuration steps to get Mutillidae up and running on your system or a Virtual Machine (VM).

Map script to shortcut including examples

For Linux distributions it's very easy to assign a script to a keyboard shortcut, which can be very helpful in several cases. This tutorial should explain how to create a new bash script and assign this script to a new shortcut. For the explanation a Debian operating system with the desktop environment Mate was used. This tutorial also includes two very valuable bash scripts, to search or translate the currently selected word with your favorite browser.

Headless Git Server

This short tutorial explains how to configure a small git server, which can maybe run on a Raspberry Pi. To use this git server, no webserver or other fancy stuff is required. Access is only performed via ssh. The tutorial also includes how to specify a different port for the ssh service, if you don't use the default port. So it's possible to use the existing ssh service on a server and it's only required to install the git service.

Encrypted mail notification for SSH login

In many cases, it's nice to know if a valid SSH login was performed on your server. To get an information if someone accessed your server via SSH, it's possible to configure a notification per mail. To keep the information about the login process private, you can use PGP to encrypt the content of the notification. Therefore, this tutorial should show how to setup an encrypted notification for valid SSH logins. The setup was tested with the operating system Debian 8 (Jessie).