Author: Ryan Parker

I'm a former captain of the Cyber Defense team, Current Infrastructure Security Specialist. I also have a side job helping small to medium business with anything technology doing everything imaginable. One of my hobbies is building out infrastructures for myself, friends, and clients. I current maintain a homelab with about 2TB of RAM, 180+ TB of storage, tons of CPU cores, and 100gbit networking backbone.

Step-CA: Run as a systemd service

Create /etc/systemd/system/step-ca.service Fill it with this, make sure your directories are correct in the ExecStart line: [Unit] Description=step-ca After=syslog.target network.target [Service] User=step Group=step ExecStart=/bin/sh -c '/bin/step-ca /home/step/.step/config/ca.json --password-file=/home/step/.step/pwd >> /var/log/step-ca/output.log 2>&1' Type=simple Restart=on-failure RestartSec=10 [Install] WantedBy=multi-user.target Next, populate the pwd file with the plaintext intermediate CA password. I put mine in /home/step/.step/pwd Next, configure the
Read More »

OpenSSL CA: make a certificate signing request work on Arch Linux

#edit /etc/ssl/openssl.cnf Find [ ca ] and make sure this matches: #################################################################### [ ca ] default_ca      = CA_default #default ca section #################################################################### [ CA_default ] dir             = /etc/ssl              # Where everything is kept certs           = $dir/certs            # Where the issued certs are kept crl_dir         = $dir/crl              # Where the issued crl are kept database        =
Read More »

PFsense 2.6.0: Fix pf-att bypass mode

As of Writing this (2/17/22), there is a bug in the latest version of pfSense with the Intel if_em.ko driver. This is causing the pf-att script to not work. Thanks to the work of neydah700 on github, the fix was found by replacing the kernel driver with a newly compiled binary that has the issue
Read More »

How to install ElasticSearch and Logstash (and Kibana for ELK) in a TrueNAS Core Jail

Before we begin, lets see what a ELK stack is made of. ELK stacks are comprised of ElasticSearch, Logstash, and Kabina with each of these services preforming different jobs. This diagram from Logz.io explains its the best Beats are installed to each host to collect the various metrics used by these services. Logstash is responsible
Read More »