September 18, 2025
Netplan: advanced network configuration (tunnels, VLAN, bridges, bonding)
Introduction
Netplan is a utility for declarative network configuration in Linux (Ubuntu, Debian, and derivatives).
It is usually used for simple cases like Ethernet or Wi-Fi, but it can do much more:
- tunnel interfaces (IPIP, GRE, VXLAN, WireGuard),
- VLAN,
- bridges,
- bonding (interface aggregation).
These features allow building complex network topologies — from home VPNs to data centers and cloud environments.
Tunnel interfaces
Tunnels encapsulate packets of one protocol into another. They are used for VPNs, inter-server connections, or network isolation.
September 8, 2025
curl for beginners: your first step into the world of HTTP requests
Hello! If you’re even a little interested in the web, you’ve probably heard of curl.
It’s a powerful and versatile command-line tool for interacting with web servers. It is used to send and receive data over various protocols: HTTP, FTP, SFTP, as well as mail protocols.
This guide is your first step. We’ll focus on the basics to help you understand how curl works and how to use it for everyday tasks.
September 3, 2025
Swap is virtual memory on disk that saves your VPS from crashing when RAM runs out. On low-cost servers, it’s an indispensable tool to avoid failures during short-term memory usage spikes. Setup is simple: create a file, enable it, and add it to autoload. But remember — it’s insurance, not a replacement for RAM.
Introduction
Modern VPSs are usually provisioned with enough RAM but often without swap (swap file or partition). This is a deliberate choice by providers who want you to quickly upgrade to a more expensive plan.
August 30, 2025
FreeIPA: The Untamed Titan of Enterprise Identity
Introduction
While Keycloak and FusionAuth focus on the web, FreeIPA operates on a different level. It’s not just an authentication server. It’s an integrated solution for identity management and security policies in UNIX/Linux environments. It’s not designed for quick web app integration but for building centralized access control at an enterprise scale. If your infrastructure consists of many Linux servers, this tool is your ally.
August 15, 2025
Introduction: From Reactive Defense to Proactive Security
In 2025, attacks on servers are becoming increasingly sophisticated, and reactive measures (firewall, Fail2Ban, CrowdSec) are no longer enough. The modern DevSecOps approach requires proactive hardening—strengthening the system—to minimize the attack surface before public exploits appear.
Lynis remains one of the key open-source security auditing tools for Unix systems, but today it is crucial to complement it with integration into security standards frameworks (CIS, SCAP) and automation in CI/CD pipelines.
August 14, 2025
Introduction: The First Line of Defense for Your Server
Before thinking about complex intrusion detection systems such as Fail2ban or CrowdSec, you need to build the first and most reliable line of defense—a firewall. A firewall controls all network traffic entering and leaving your server and blocks unauthorized connection attempts.
Traditionally, Linux servers have used iptables to manage firewalls, but its syntax can be complicated and confusing. Fortunately, there is a simpler and more intuitive tool — UFW (Uncomplicated Firewall).
August 10, 2025
What is Xen?
Xen is a powerful and flexible Type 1 open-source hypervisor that runs directly on server hardware, delivering high performance. Its unique architecture, based on the concept of paravirtualization, became the foundation for many major cloud platforms, including the early versions of Amazon Web Services (AWS). Xen is known for its performance, security, and ability to flexibly manage resources, making it a popular choice for building scalable and fault-tolerant environments.
August 9, 2025
What is QEMU?
QEMU (Quick Emulator) is a multifunctional open-source project that acts both as an emulator and a virtualizer, making it a unique tool in the virtualization world. Unlike other hypervisors, QEMU not only runs virtual machines but can also emulate a processor and other hardware components. This dual nature allows it to run operating systems and applications designed for one architecture on a machine with another (for example, running an ARM system on an x86 server).
August 8, 2025
What is KVM?
KVM (Kernel-based Virtual Machine) is a virtualization technology built directly into the Linux kernel. KVM transforms the Linux kernel into a Type 1 hypervisor (bare-metal), allowing multiple virtual machines to run while leveraging hardware virtualization features of the CPU (Intel VT-x and AMD-V). KVM serves as a core component for many modern cloud platforms, including OpenStack and Red Hat OpenShift.
As part of Linux, KVM is a fully open-source solution, giving developers and system administrators enormous freedom and control over their infrastructure with zero licensing fees.
July 15, 2025
In the world of Linux and networking technologies, there are many subtle but critically important kernel settings. One such setting is rp_filter. This parameter, often overlooked, plays a key role in network security and correct packet routing. Let’s explore what it is, how it works, and why understanding it is essential for every system administrator.
What is rp_filter?
rp_filter stands for Reverse Path Filtering. It’s a Linux kernel mechanism that checks incoming network packets to verify whether they arrived on the interface through which a reply to the sender’s IP address would be routed.
June 16, 2025
There’s often a need to host a website, be it a personal blog, a test project, or a small service, directly on a home computer. This is convenient, economical, and provides full control. However, many face the problem of not having a “white” (public) IP address from their internet provider, making direct external access virtually impossible. And even if they do, it’s often dynamic, requiring constant updates via DDNS.
Don’t worry! Today, we’ll dive into the world of network technologies and show you how to overcome this limitation and publish your website online using a powerful and free tool from Cloudflare – Cloudflare Tunnel (formerly known as Argo Tunnel). You won’t need a white IP, port forwarding on your router, or other complex configurations!
