Linux Distribution Support for TPM 2.0 Modules

 Posted on May 4, 2026  |  3 minutes  |  521 words  |  Robert Nilsson

Leveraging TPM 2.0 for Enhanced Linux Security The Trusted Platform Module (TPM) 2.0 has become a cornerstone in modern computing, providing a secure environment for key storage, platform authentication, and cryptographic operations. As a Senior Linux Security Architect, I’ll delve into the support for TPM 2.0 modules in various Linux distributions, exploring the technical implementation, security benefits, and potential vulnerabilities. Introduction to TPM 2.0 TPM 2.0 is a specification defined by the Trusted Computing Group (TCG), aiming to provide a standardized, vendor-agnostic interface for trusted computing. [Read More]
linux  tpm2  security 

Post-Quantum Cryptography Implementation in the Linux Kernel

 Posted on May 4, 2026  |  3 minutes  |  527 words  |  Robert Nilsson

Linux Kernel Post-Quantum Cryptography Implementation: A Deep Dive The recent advancements in quantum computing have sparked a sense of urgency among cryptographers and security professionals. As quantum computers become more powerful, they pose a significant threat to our current asymmetric encryption algorithms, such as RSA and elliptic curve cryptography. To future-proof our systems, we must adopt post-quantum cryptography (PQC) solutions. In this blog post, we’ll delve into the implementation of PQC in the Linux kernel, exploring the technical details and security implications. [Read More]
linux-security  post-quantum-cryptography  mitigation-techniques 

Securing SSH with FIDO2 and Physical Security Keys on Fedora

 Posted on May 4, 2026  |  3 minutes  |  483 words  |  Robert Nilsson

Introduction to Securing SSH with FIDO2 and Physical Security Keys Securing SSH connections is crucial for preventing unauthorized access to Linux systems. Recently, there has been an increase in attacks targeting SSH, including CVE-2022-42010, which allows attackers to bypass authentication using a malicious SSH server. To mitigate such risks, using FIDO2 and physical security keys can significantly enhance the security of SSH connections. In this blog post, we will explore how to secure SSH with FIDO2 and physical security keys on Fedora. [Read More]
linux  security  fido2 

Penetration Testing Tools

A Comprehensive Overview of Essential Tools for Web App Pentesting

 Posted on January 28, 2025  |  8 minutes  |  1626 words  |  Robert Nilsson

Penetration testing (pentesting) is an essential process for identifying and addressing vulnerabilities within web applications. It involves simulating cyberattacks to assess the security of systems, networks, and applications, ultimately revealing areas of weakness that could be exploited by malicious actors. Web applications, being a major point of interaction for many businesses, are a prime target for cyberattacks. Therefore, ensuring that these applications are robust against common threats is critical. There are a variety of tools available to pentesters to help automate and streamline the process of identifying vulnerabilities in web applications. [Read More]
security  pentesting  web-application 

Kali Linux

The Ultimate Linux Distribution for Security Enthusiasts

 Posted on January 23, 2025  |  3 minutes  |  595 words  |  Robert Nilsson

Kali Linux is a specialized Linux distribution designed for penetration testing, security research, computer forensics, and reverse engineering. Developed and maintained by Offensive Security, Kali Linux has become a go-to platform for ethical hackers and security professionals worldwide. It comes preloaded with a vast array of tools tailored to meet the diverse needs of the cybersecurity domain. Features and Highlights Kali Linux stands out from other distributions due to its unique features: [Read More]
linux  security  penetration-testing 

Wireshark

 Posted on January 23, 2025  |  3 minutes  |  610 words  |  Robert Nilsson

Wireshark is a powerful open-source network protocol analyzer widely used for network troubleshooting, analysis, software development, and education. As one of the most trusted tools in the networking world, Wireshark provides unparalleled visibility into live and recorded network traffic, making it a cornerstone for IT professionals and cybersecurity experts. Key Features of Wireshark Deep Packet Inspection Wireshark captures and inspects packets in real time, offering detailed insights into network traffic. With support for hundreds of protocols, it decodes and displays protocol-specific data in an easy-to-read format. [Read More]
network-analysis  security  wireshark 

Application-Level Firewalls

 Posted on January 22, 2025  |  7 minutes  |  1286 words  |  Robert Nilsson

In the world of network security, firewalls play a critical role in protecting systems from unauthorized access and malicious traffic. They are a fundamental component of any secure network infrastructure. However, not all firewalls are created equal, and understanding the differences between application-level firewalls and IP-level firewalls is crucial for building an effective defense strategy. In this post, we’ll explore the key distinctions between these two types of firewalls, with a particular focus on the advantages of application-level firewalls. [Read More]
firewall  security  linux  bsd  application-layer 

AppArmor

A Practical Linux Security Module for Access Control

 Posted on January 18, 2025  |  3 minutes  |  433 words  |  Robert Nilsson

AppArmor (Application Armor) is a Linux Security Module (LSM) that provides a practical, easy-to-use Mandatory Access Control (MAC) framework for restricting the capabilities of applications. Unlike SELinux, which relies on complex policies, AppArmor simplifies security by using profile-based access control. Key Features Profile-Based Access Control: AppArmor restricts application behavior based on predefined profiles. Path-Based Security Policies: Unlike SELinux, which uses labels, AppArmor policies are based on file paths. Learning Mode: Allows administrators to create security profiles by observing application behavior. [Read More]
linux  security  lsm  apparmor  access-control 

Landlock

A Flexible Security Sandbox for Linux Applications

 Posted on January 14, 2025  |  4 minutes  |  715 words  |  Robert Nilsson

Landlock is a Linux Security Module (LSM) that provides a flexible, unprivileged sandboxing mechanism for applications. Unlike traditional LSMs such as SELinux and AppArmor, which enforce mandatory access control policies set by system administrators, Landlock allows applications to define their own security restrictions. This makes it a powerful tool for developers seeking to add additional security layers without requiring elevated privileges. Key Features Unprivileged Sandboxing: Landlock enables applications to apply security restrictions without requiring root access or administrative intervention. [Read More]
linux  security  lsm  landlock  sandbox 

WPScan

A Comprehensive WordPress Security Scanner

 Posted on January 12, 2025  |  2 minutes  |  318 words  |  Robert Nilsson

WordPress is the backbone of nearly half the websites on the internet, making it a high-value target for attackers. WPScan is a specialized tool designed to help secure WordPress installations by identifying vulnerabilities, misconfigurations, and weak points in their setup. Developed for ethical hackers, administrators, and security professionals, WPScan is an essential tool for maintaining a secure WordPress environment. Learn more about WPScan on its official website, including its latest features and comprehensive documentation. [Read More]
security  pentesting  wordpress  wpscan