Русский flag Русский

IT support for business, startups and developers

All Posts

093 | OpenVPN Setup: Explaining the Basics

2025-08-26

#OpenVPN #VPN #Setup #PKI #Server #Client

VPN: Not Just an “On” Button

For many users, a VPN is simply an “On” button. However, when it comes to building your own secure tunnel, it’s important to understand its architecture. OpenVPN is based on two key ideas: the client-server model and Public Key Infrastructure (PKI).

The Client-Server Model

The concept is simple:

  • Server — the entry point into your secure network. It constantly “listens” for incoming requests and is ready to accept connections.
  • Client — your device (laptop, phone) that initiates the connection to the server.

Once the server and client “agree,” a secure tunnel is created between them, and all traffic passes through it.

We needed to find out why the site periodically goes down. Mikhail conducted an audit and found the problem. He's a competent specialist — a pleasure to work with. He approaches tasks responsibly, doesn't disappear or forget )))

2025-08-25

#vps #server #devops

Needed to find out why the site was periodically crashing. Mikhail conducted an audit and found the problem. A knowledgeable specialist, I really enjoy working with him. He approaches tasks responsibly, doesn’t disappear, doesn’t forget )))

Reply: Thank you for the feedback! Glad to help!

081 | The Modern Approach: CrowdSec — Crowdsourced Threat Protection

2025-08-13

#CrowdSec #security #server #Fail2ban #crowdsourcing #IPS #plugins #Asterisk #Nginx #Apache

Introduction: From Local Defense to Global Protection

In the previous article, we explored Fail2ban — a reliable and time-tested tool for defending against brute-force attacks. However, Fail2ban only works with local logs and has no awareness of what’s happening on other servers. In today’s environment, where cyberattacks are increasingly distributed and sophisticated, we need a smarter and more collaborative solution.

Enter CrowdSec — a modern, open-source Intrusion Prevention System (IPS) that leverages a crowdsourced approach to build a global threat intelligence network.

080 | Classic Brute-Force Protection: Fail2ban

2025-08-12

#fail2ban #security #server #iptables #nftables #protection #brute-force #SSH #logs

Introduction: Server Security — The First Line of Defense

Once you deploy any server or virtual machine, one of the first and most important tasks is ensuring its security. Even if your server doesn’t contain critical data, it can still be targeted by automated bots constantly scanning the internet for vulnerabilities. The most common type of attack against any server is brute-force password guessing, typically aimed at SSH access, FTP services, or web control panels.

076 | KVM: Powerful Virtualization for Linux

2025-08-08

#KVM #virtualization #Linux #open-source #hypervisor #performance #server #cloud #QEMU #libvirt

What is KVM?

KVM (Kernel-based Virtual Machine) is a virtualization technology built directly into the Linux kernel. KVM transforms the Linux kernel into a Type 1 hypervisor (bare-metal), allowing multiple virtual machines to run while leveraging hardware virtualization features of the CPU (Intel VT-x and AMD-V). KVM serves as a core component for many modern cloud platforms, including OpenStack and Red Hat OpenShift.

As part of Linux, KVM is a fully open-source solution, giving developers and system administrators enormous freedom and control over their infrastructure with zero licensing fees.