In this tutorial we gonna deploy a dns add-blocker with pihole using a recursive dns as upstream server accessible in LAN network and internet through wireguard vpn. We utilized K3S as kubernetes provider.

Assumptions

To follow this tutorial you need to have:

• A computer running any linux distribution (in this tutorial I’m using debian buster)
• This computer needs to have at least 1 Gb of ram and 2 cores.
• This computer needs to have an static ip address (in my case 192.168.10.10, LAN: 192.168.10.1/24)
• Configure the firewall to accept inbound connections in the following ports:

53/tcp, 53/udp, 80/tcp, 443/tcp, 51820/udp

• In…

When you are testing your deployments in a kubernetes cluster on the cloud you have a few options to expose your services outside world, for example you can use a NodePort service, but also you need to configure the firewall rules for each NodePort service, the other type of service that you can use is LoadBalancer however each of them is billed by cloud provider. To solve this problem you can use a vpn running within your k8s cluster, this vpn can be exposed outside the cluster with a NodePort or LoadBalancer service. …

In this tutorial we will configure a raspberry pi to connect with hc-05 bluetooth module and arduino using a python script.

The hardware

• Raspberry pi 3b+ (it has inbuilt Bluetooth)
• Arduino micro
• HC-05 Bluetooth module

System requirements

• arduino-cli
• picocom
• python 3

Configurations for Bluetooth module HC-05

• Configure the module as master
• Set PIN

Configurations for Raspberry Pi

• Install and configure raspbian
• Configure python3 as default python interpreter
• Install Bluetooth packages
• Pair with HC-05 module
• Copy Bluetooth code

Configurations for arduino

• Install avr boards
• Make physical connections
• Copy arduino code and upload to arduino board

HC-05 Setup

First connect Bluetooth module to USB serial and press EN button, then send AT commands.

In this tutorial, we will configure a raspberry pi as an access point to connect to the esp8266 WiFi board using the arduino SDK and a python script.

The Hardware is

• Esp8266 with arduino sdk
• Raspberry pi 3b+

System requirements

• arduino-cli
• picocom
• python3

Configurations for Raspberry Pi

• Install raspbian
• Enable ssh server
• Upgrade system
• Configure keys for ssh server
• Configure the raspberry pi as hotspot
• Install python3 and set as default python interpreter
• Copy server code

Configurations for ESP8266

• Install esp8266 for arduino
• Copy the code and upload to esp8266 board

Raspberry Pi Setup

Download raspberry os lite from official repository

$ curl -LO https://downloads.raspberrypi.org/raspios_lite_armhf/images/raspios_lite_armhf-2020-08-24/2020-08-20-raspios-buster-armhf-lite.zip

Write to sd card, in linux with dd command

$…

When you browse at school or work you probably have experienced some problems browsing in certain websites or using certain applications. Is a common practice to block some kind of pages on internet at work or school environment also they block another kind of traffic such as torrents, adult-content or they just permit web traffic, you school or work don’t want you to browse sites they haven’t approved.

Types of firewall blocking

There are certain levels of firewall blocking, the most simple is based on blocking certain kind of web-pages. The other type of firewall blocking is based on protocols, they just allow certain…

Many users need to secure their laptop, workstation or regular PC, this users want to protect their information. In Linux exist many cryptographic techniques to protect a hard disk, directory and partition, one of this techniques is Linux Unified Key Setup (LUKS) which uses the kernel device mapper subsystem via the dm-crypt module which make the encrypted device transparent to the user.

Assumptions

This tutorial only encrypt an existing LVM installation, the EFI and boot partitions are in a non-encrypted partition. …

Security is one of the most important things now days specifically in enterprise environments, a vpn helps to encrypt traffic from client to internet. Wireguard is a vpn protocol than works on the kernel side and acts like a network interface, is one of the most modern vpn protocols it’s based in public and private key exchange just like ssh does. …

SSH tunneling is a method of transporting arbitrary networking data over an encrypted SSH connection. It can be used to add encryption to legacy applications. It can also be used to implement VPNs (Virtual Private Networks) and access intranet services across firewalls.

SSH has 3 types of tunneling: local, remote and dynamic. Each of than can be use for different purpose.

Local port forwarding

With local port forwarding we can forward remote port to local environment:

ssh -nNT -L 8000:remotehost:80 user@remotehost

In above example we forward remotehost:80 to local environment through 8000 port, then we can access to remotehost:80 typing localhost:8000 in our…