Docker Overlay Network is a good way to create isolate layer two networks where the containers are distributed on different physical hosts. It’s possible to define two equal subnets without any overlap because the network interfaces of containers are in different namespaces. The frame between hosts are tunneled by vxlan protocol that manages until to 16777216 vlan: much ..
Network segmentation is vital in order to limit the risks for business data after a network intrusion. The goal is to make very difficult the movement of threat inside the network and to give to intruders not authorized the minimun privilege possible for avoiding the exploit of critical services for the business. By phishing campaign it’s very ..
Docker is a software layer that permits to run linux application inside isolated containers on an only shared system operating. This type of virtualization is lighter, portable, scalable and easy to manage: it is an good alternative to classical virtualization approach, like xen, kvm, vmware, where every virtual machine run with its own kernel and ..
Nginx is a robust and fast reverse proxy. Haproxy is a fast application load balancer. Together can be used for publishing to internet web services in security way. For this reason this article has the objective to explain how to secure web services using nginx and haproxy. The haproxy, in addition to application load balancer functionality, has a ..
Kerberos is the protocol most used in modern authentication system. Active Directory and other Identity management (like freeipa) use it for offer a single sign-on authentication method. Of course a good kerberos understanding is necessary by system administrator. Give an answer to this need is the scope of this article. All the examples have been implemented in ..
Test online your network services by ping, dig, nmap, sslscan and curl. ..
In this article I show three different reverse proxy architectures based on nginx for implementing a high availability reverse proxy environment. As load balancer two different solutions are proposed: one with haproxy, an application load balancer; another with keepalived, a layer 3 load balancer. Before starting, let me explain what is a reverse proxy. Reverse proxy is a proxy ..
TCP protocol is the heart of internet. Good tcp understanding is basic requirement for system and network administrators for resolving fastly network problems. Why do we receive RST? Why is the connection in time out? The server is down or the traffic is blocked by firewall? Is there some routing asymmetric? We can fastly answer with ..