Categories in Simplicity is a form of art...

Diagrams are no communication channel
by Sven Vermeulen, post on Thu 05 September 2024
Sustainability in IT
by Sven Vermeulen, post on Sun 25 September 2022
Getting lost in the frameworks
by Sven Vermeulen, post on Fri 26 August 2022
Containers are the new IaaS
by Sven Vermeulen, post on Sat 21 May 2022
Defining what an IT asset is
by Sven Vermeulen, post on Sun 13 February 2022
An IT conceptual data model
by Sven Vermeulen, post on Mon 17 January 2022
Ownership and responsibilities for infrastructure services
by Sven Vermeulen, post on Thu 13 January 2022
The pleasures of having DTAP
by Sven Vermeulen, post on Thu 30 December 2021
Creating an enterprise open source policy
by Sven Vermeulen, post on Sat 20 November 2021
Hybrid cloud can be very complex
by Sven Vermeulen, post on Mon 08 November 2021
Transparent encryption is not a silver bullet
by Sven Vermeulen, post on Tue 19 October 2021
Evaluating the zero trust hype
by Sven Vermeulen, post on Tue 05 October 2021
Scale is a cloud threat
by Sven Vermeulen, post on Tue 28 September 2021
Naming conventions
by Sven Vermeulen, post on Wed 15 September 2021
Location view of infrastructure
by Sven Vermeulen, post on Tue 07 September 2021
Process view of infrastructure
by Sven Vermeulen, post on Wed 01 September 2021
Component view of infrastructure
by Sven Vermeulen, post on Fri 27 August 2021
Disaster recovery in the public cloud
by Sven Vermeulen, post on Fri 30 July 2021
What is the infrastructure domain?
by Sven Vermeulen, post on Mon 19 July 2021
Organizing service documentation
by Sven Vermeulen, post on Thu 08 July 2021
Not sure if TOSCA will grow further
by Sven Vermeulen, post on Wed 30 June 2021
Integrating or customizing SaaS within your own cloud environment
by Sven Vermeulen, post on Wed 23 June 2021
An IT services overview
by Sven Vermeulen, post on Mon 14 June 2021
Virtualization vs abstraction
by Sven Vermeulen, post on Thu 03 June 2021
Abstracting infrastructure complexity
by Sven Vermeulen, post on Fri 25 December 2020
Working on infra strategy
by Sven Vermeulen, post on Sun 04 October 2020
Project prioritization
by Sven Vermeulen, post on Tue 18 July 2017
Structuring infrastructural deployments
by Sven Vermeulen, post on Wed 07 June 2017
Switching focus at work
by Sven Vermeulen, post on Sun 20 September 2015
Making the case for multi-instance support
by Sven Vermeulen, post on Sat 22 August 2015

SAI and N-O-SQL
by Sven Vermeulen, post on Thu 22 April 2010
Switching to database architecture
by Sven Vermeulen, post on Fri 11 December 2009

Gentoo Wiki is growing
by Sven Vermeulen, post on Sat 03 January 2015
Added UEFI instructions to AMD64/x86 handbooks
by Sven Vermeulen, post on Tue 23 December 2014
Handbooks moved
by Sven Vermeulen, post on Sun 14 December 2014
Updated Linux Sea, now with viewport thingie
by Sven Vermeulen, post on Mon 16 December 2013
Majority of GDP documents moved to Gentoo wiki
by Sven Vermeulen, post on Tue 10 December 2013
Moving Gentoo docs to the wiki
by Sven Vermeulen, post on Sun 28 July 2013
My application base: draw.io
by Sven Vermeulen, post on Mon 03 June 2013
A simple IPv6 setup
by Sven Vermeulen, post on Mon 20 May 2013
Added "predictable network interface" info into the handbook
by Sven Vermeulen, post on Tue 07 May 2013
Simple drawing for I/O positioning
by Sven Vermeulen, post on Thu 18 April 2013
Integrity checking with AIDE
by Sven Vermeulen, post on Thu 11 April 2013
Linux Sea and ePub update
by Sven Vermeulen, post on Tue 02 April 2013
git patch apply
by Sven Vermeulen, post on Thu 27 September 2012
Linux Sea now in ePub
by Sven Vermeulen, post on Fri 20 April 2012
File System Labels in Linux Sea
by Sven Vermeulen, post on Sat 12 February 2011
Linux Sea last content chapter
by Sven Vermeulen, post on Sat 04 September 2010
Linux Sea: log file management and backups
by Sven Vermeulen, post on Thu 02 September 2010
Added "iw" support to Linux Sea
by Sven Vermeulen, post on Thu 26 August 2010
I remain impressed by the free software community
by Sven Vermeulen, post on Wed 25 August 2010
Question yourself v3
by Sven Vermeulen, post on Wed 19 May 2010
Question yourself v2
by Sven Vermeulen, post on Tue 11 May 2010
Question yourself
by Sven Vermeulen, post on Sun 02 May 2010
A dozen pages added
by Sven Vermeulen, post on Thu 22 April 2010
Translations to "Linux Sea"
by Sven Vermeulen, post on Wed 02 December 2009
Small updates on Linux Sea
by Sven Vermeulen, post on Mon 19 October 2009
Darwin Information Typing Architecture
by Sven Vermeulen, post on Sat 18 April 2009

cvechecker 3.9 released
by Sven Vermeulen, post on Sun 09 September 2018
cvechecker 3.8 released
by Sven Vermeulen, post on Mon 27 March 2017
cvechecker 3.7 released
by Sven Vermeulen, post on Thu 02 March 2017
GnuPG: private key suddenly missing?
by Sven Vermeulen, post on Wed 12 October 2016
Mounting QEMU images
by Sven Vermeulen, post on Mon 26 September 2016
Template was specified incorrectly
by Sven Vermeulen, post on Sun 27 March 2016
Using salt-ssh with agent forwarding
by Sven Vermeulen, post on Sat 26 March 2016
Trying out imapsync
by Sven Vermeulen, post on Sun 13 March 2016
New cvechecker release
by Sven Vermeulen, post on Sat 07 November 2015
Using multiple OpenSSH daemons
by Sven Vermeulen, post on Sun 06 September 2015
Switching OpenSSH to ed25519 keys
by Sven Vermeulen, post on Wed 19 August 2015
Updates on my Pelican adventure
by Sven Vermeulen, post on Sun 16 August 2015
My application base: Obnam
by Sven Vermeulen, post on Wed 05 August 2015
Switching to Pelican
by Sven Vermeulen, post on Sun 02 August 2015
PostgreSQL with central authentication and authorization
by Sven Vermeulen, post on Mon 25 May 2015
Audit buffering and rate limiting
by Sven Vermeulen, post on Sun 10 May 2015
D-Bus, quick recap
by Sven Vermeulen, post on Sun 29 June 2014
What is that net-pf-## thingie?
by Sven Vermeulen, post on Tue 01 April 2014
Managing Inter-Process Communication (IPC)
by Sven Vermeulen, post on Sun 30 March 2014
Linux protip: environment for a process
by Sven Vermeulen, post on Tue 07 January 2014
Creating a poor man central SCAP system
by Sven Vermeulen, post on Tue 24 September 2013
My application base: graphviz
by Sven Vermeulen, post on Sun 09 June 2013
My application base: LibreOffice
by Sven Vermeulen, post on Sat 08 June 2013
My application base: firefox
by Sven Vermeulen, post on Fri 07 June 2013
My application base: bash and kiss tools
by Sven Vermeulen, post on Thu 06 June 2013
My application base: geekie
by Sven Vermeulen, post on Wed 05 June 2013
My application base: freemind
by Sven Vermeulen, post on Tue 04 June 2013
Using extended attributes for custom information
by Sven Vermeulen, post on Sun 02 June 2013
Public support channels: irc
by Sven Vermeulen, post on Thu 16 May 2013
Enabling Kernel Samepage Merging (KSM)
by Sven Vermeulen, post on Thu 09 May 2013
The Linux ".d" approach
by Sven Vermeulen, post on Wed 08 May 2013
Qemu-KVM monitor tips and tricks
by Sven Vermeulen, post on Tue 30 April 2013
photorec to the rescue
by Sven Vermeulen, post on Mon 29 April 2013
Comparing performance with sysbench: performance analysis
by Sven Vermeulen, post on Fri 19 April 2013
Comparing performance with sysbench: memory, threads and mutexes
by Sven Vermeulen, post on Fri 19 April 2013
Comparing performance with sysbench: cpu and fileio
by Sven Vermeulen, post on Thu 18 April 2013
Why would paid-for support be better?
by Sven Vermeulen, post on Mon 31 December 2012
nginx as reverse SMTP proxy
by Sven Vermeulen, post on Thu 06 December 2012
devops - how hard can it/it can be
by Sven Vermeulen, post on Sat 04 September 2010
qemu monitor cd change
by Sven Vermeulen, post on Mon 30 August 2010
HP webcam on Linux
by Sven Vermeulen, post on Fri 13 August 2010
New laptop, time to play
by Sven Vermeulen, post on Fri 13 August 2010
Executing, but only when you're home
by Sven Vermeulen, post on Mon 18 January 2010
Online image gallery
by Sven Vermeulen, post on Mon 05 October 2009
hex2passwd, a password generator
by Sven Vermeulen, post on Thu 25 September 2008
Playing with gqview
by Sven Vermeulen, post on Mon 18 August 2008

Switch to Gentoo sources
by Sven Vermeulen, post on Tue 22 August 2017
Handling certificates in Gentoo Linux
by Sven Vermeulen, post on Mon 06 March 2017
Custom CIL SELinux policies in Gentoo
by Sven Vermeulen, post on Thu 10 September 2015
Maintaining packages and backporting
by Sven Vermeulen, post on Wed 02 September 2015
Slowly converting from GuideXML to HTML
by Sven Vermeulen, post on Tue 25 August 2015
Finding a good compression utility
by Sven Vermeulen, post on Thu 13 August 2015
Live SELinux userspace ebuilds
by Sven Vermeulen, post on Wed 10 June 2015
Moving closer to 2.4 stabilization
by Sven Vermeulen, post on Mon 27 April 2015
Trying out Pelican, part one
by Sven Vermeulen, post on Fri 06 March 2015
Have dhcpcd wait before backgrounding
by Sven Vermeulen, post on Sun 08 February 2015
Old Gentoo system? Not a problem...
by Sven Vermeulen, post on Wed 21 January 2015
Gentoo Handbooks almost moved to wiki
by Sven Vermeulen, post on Fri 12 December 2014
Sometimes I forget how important communication is
by Sven Vermeulen, post on Wed 10 December 2014
No more DEPENDs for SELinux policy package dependencies
by Sven Vermeulen, post on Sun 02 November 2014
Migrating to SELinux userspace 2.4 (small warning for users)
by Sven Vermeulen, post on Thu 30 October 2014
Showing return code in PS1
by Sven Vermeulen, post on Sun 31 August 2014
Gentoo Hardened august meeting
by Sven Vermeulen, post on Fri 29 August 2014
Switching to new laptop
by Sven Vermeulen, post on Tue 19 August 2014
Some changes under the hood
by Sven Vermeulen, post on Sat 09 August 2014
Gentoo Hardened July meeting
by Sven Vermeulen, post on Fri 01 August 2014
Multilib in Gentoo
by Sven Vermeulen, post on Wed 02 July 2014
Gentoo Hardened, June 2014
by Sven Vermeulen, post on Sun 15 June 2014
Revamped our SELinux documentation
by Sven Vermeulen, post on Mon 12 May 2014
Dropping sesandbox support
by Sven Vermeulen, post on Fri 09 May 2014
Stepping through the build process with ebuild
by Sven Vermeulen, post on Sun 20 April 2014
Proof of concept for USE enabled policies
by Sven Vermeulen, post on Mon 31 March 2014
Online hardened meeting of March
by Sven Vermeulen, post on Thu 27 March 2014
Fixing the busybox build failure
by Sven Vermeulen, post on Wed 26 March 2014
Create your own SELinux Gentoo profile
by Sven Vermeulen, post on Mon 24 March 2014
Hidden symbols and dynamic linking
by Sven Vermeulen, post on Mon 24 March 2014
Closing week? No, starting week...
by Sven Vermeulen, post on Sun 16 March 2014
Can Gentoo play a role in a RHEL-only environment?
by Sven Vermeulen, post on Thu 09 January 2014
Upgrading old Gentoo installations
by Sven Vermeulen, post on Sun 29 December 2013
December hardened meeting
by Sven Vermeulen, post on Fri 20 December 2013
GPT or MBR in the Gentoo Handbook
by Sven Vermeulen, post on Wed 18 December 2013
Gentoo SELinux policy release script
by Sven Vermeulen, post on Wed 11 December 2013
November online hardened meeting
by Sven Vermeulen, post on Wed 11 December 2013
New SELinux userspace release
by Sven Vermeulen, post on Tue 05 November 2013
Gentoo Hardened meeting 201310
by Sven Vermeulen, post on Thu 24 October 2013
A bug please...
by Sven Vermeulen, post on Mon 30 September 2013
Aaaand we're back - hardened monthly meeting
by Sven Vermeulen, post on Thu 26 September 2013
Underestimated or underused: Portage (e)logging
by Sven Vermeulen, post on Wed 25 September 2013
Gentoo Hardened progress report
by Sven Vermeulen, post on Thu 29 August 2013
Why our policies don't like emerge --config
by Sven Vermeulen, post on Fri 23 August 2013
Using CUSTOM_BUILDOPT in refpolicy for USE flag-alike functionality?
by Sven Vermeulen, post on Fri 16 August 2013
And now, 31 days later...
by Sven Vermeulen, post on Thu 01 August 2013
Adding mcstrans to Gentoo
by Sven Vermeulen, post on Sun 07 July 2013
Hardening is our business... new monthly report ;-)
by Sven Vermeulen, post on Thu 27 June 2013
Gentoo Hardened spring notes
by Sven Vermeulen, post on Thu 16 May 2013
Overriding the default SELinux policies
by Sven Vermeulen, post on Wed 15 May 2013
Gentoo metadata support for CPE
by Sven Vermeulen, post on Fri 10 May 2013
New SELinux userspace release
by Sven Vermeulen, post on Fri 26 April 2013
Gentoo protip: using buildpkgonly
by Sven Vermeulen, post on Thu 25 April 2013
SLOT'ing the old swig-1
by Sven Vermeulen, post on Tue 23 April 2013
Introducing selocal for small SELinux policy enhancements
by Sven Vermeulen, post on Sun 21 April 2013
Transforming GuideXML to DocBook
by Sven Vermeulen, post on Sat 20 April 2013
Another Gentoo Hardened month has passed
by Sven Vermeulen, post on Thu 18 April 2013
Not needing run_init for password-less service management
by Sven Vermeulen, post on Tue 09 April 2013
Separate puppet provider for Gentoo/SELinux?
by Sven Vermeulen, post on Sun 07 April 2013
Matching packages with CVEs
by Sven Vermeulen, post on Thu 04 April 2013
Fiddling with puppet apply
by Sven Vermeulen, post on Wed 20 March 2013
Gentoo Hardened progress meeting of march 2013
by Sven Vermeulen, post on Thu 07 March 2013
Uploading selinuxnode test VM
by Sven Vermeulen, post on Mon 25 February 2013
Working on a new selinuxnode VM
by Sven Vermeulen, post on Sat 23 February 2013
Transforming GuideXML to wiki
by Sven Vermeulen, post on Tue 12 February 2013
Gentoo Hardened goes onward (aka project meeting)
by Sven Vermeulen, post on Thu 07 February 2013
IMA and EVM on Gentoo, part 2
by Sven Vermeulen, post on Sat 29 December 2012
Gentoo Hardened IMA support
by Sven Vermeulen, post on Thu 27 December 2012
Switching policy types in Gentoo/SELinux
by Sven Vermeulen, post on Thu 20 December 2012
Another hardened month has passed...
by Sven Vermeulen, post on Thu 13 December 2012
Why you need the real_* thing with genkernel
by Sven Vermeulen, post on Sun 25 November 2012
The hardened project continues going forward...
by Sven Vermeulen, post on Sat 17 November 2012
Gentoo Hardened progress meeting
by Sven Vermeulen, post on Sun 14 October 2012
Gentoo Hardened in August
by Sven Vermeulen, post on Sat 25 August 2012
Adding roles to the Gentoo Hardened SELinux policy
by Sven Vermeulen, post on Tue 14 August 2012
Kickstarting the Integrity subproject
by Sven Vermeulen, post on Mon 30 July 2012
Gentoo Hardened on the move
by Sven Vermeulen, post on Thu 26 July 2012
Updated Gentoo Hardened/SELinux VM image
by Sven Vermeulen, post on Mon 16 July 2012
Gentoo Hardened/SELinux VM image
by Sven Vermeulen, post on Tue 10 July 2012
Gentoo Summer of Documentation - Let's do it!
by Sven Vermeulen, post on Fri 29 June 2012
Had to edit /etc/init.d/root
by Sven Vermeulen, post on Sun 24 June 2012
Overview of SELinux changes
by Sven Vermeulen, post on Sun 24 June 2012
Python 3 support for SELinux userland, tests and policy rev 10
by Sven Vermeulen, post on Sat 26 May 2012
Catching up, but stuff is piling...
by Sven Vermeulen, post on Thu 24 May 2012
Keeping /selinux
by Sven Vermeulen, post on Fri 04 May 2012
20120215 policies now stable
by Sven Vermeulen, post on Sun 29 April 2012
Chrooted BIND for IPv6 with SELinux
by Sven Vermeulen, post on Sat 14 April 2012
Documentation updates for initramfs needed?
by Sven Vermeulen, post on Thu 12 April 2012
Get your devtmpfs ready
by Sven Vermeulen, post on Sat 07 April 2012
More on initramfs and SELinux
by Sven Vermeulen, post on Sun 25 March 2012
Hunting fuser
by Sven Vermeulen, post on Mon 12 March 2012
Introducing 2.20120215 policies
by Sven Vermeulen, post on Sun 26 February 2012
This months' stabilization done, more to come
by Sven Vermeulen, post on Sun 29 January 2012
Gentoo WiKi & Knowledge Base
by Sven Vermeulen, post on Mon 26 December 2011
Supporting fix scripts for XCCDF content and maintaining the documents
by Sven Vermeulen, post on Fri 23 December 2011
SELinux Gentoo/Hardened state 2011-12-19
by Sven Vermeulen, post on Mon 19 December 2011
Supporting CC-BY-SA 3.0
by Sven Vermeulen, post on Tue 29 November 2011
SELinux Gentoo/Hardened state 2011-11-17
by Sven Vermeulen, post on Thu 17 November 2011
Gentoo Security Benchmark with OVAL and Open-SCAP
by Sven Vermeulen, post on Wed 16 November 2011
SELinux' 2011/07 releases now stable
by Sven Vermeulen, post on Sun 23 October 2011
Gentoo Hardened SELinux policies, rev 5
by Sven Vermeulen, post on Thu 13 October 2011
Upgrading GCC, revisited
by Sven Vermeulen, post on Thu 13 October 2011
Quickly setup a Gentoo system
by Sven Vermeulen, post on Sat 24 September 2011
Power management guide updated
by Sven Vermeulen, post on Fri 23 September 2011
Catching up
by Sven Vermeulen, post on Sun 18 September 2011
Now using refpolicy 2.20110726
by Sven Vermeulen, post on Sun 04 September 2011
Use parted for large partitions
by Sven Vermeulen, post on Wed 24 August 2011
Easy documentation updates thanks to the many contributions
by Sven Vermeulen, post on Mon 22 August 2011
Ready, set, commit!
by Sven Vermeulen, post on Fri 12 August 2011
emerge-webrsync and gpg verification
by Sven Vermeulen, post on Fri 22 July 2011
Preliminary SELinux MCS support in Gentoo Hardened
by Sven Vermeulen, post on Thu 21 July 2011
On the new SELinux profiles
by Sven Vermeulen, post on Thu 14 July 2011
Gentoo Hardened SELinux state
by Sven Vermeulen, post on Sat 09 July 2011
What's next after stabilization?
by Sven Vermeulen, post on Mon 13 June 2011
SELinux Gentoo profile updates
by Sven Vermeulen, post on Tue 03 May 2011
Restoring configuration files on Gentoo
by Sven Vermeulen, post on Sat 19 March 2011
Updates on the Gentoo Hardened SELinux state
by Sven Vermeulen, post on Wed 02 March 2011
"Gentoo in production?" Oh no, not again...
by Sven Vermeulen, post on Fri 21 January 2011
Why I have backups
by Sven Vermeulen, post on Thu 30 December 2010
Switching to hardened
by Sven Vermeulen, post on Sun 12 September 2010
Listing files of (not) installed software
by Sven Vermeulen, post on Sat 05 June 2010
License support in Gentoo
by Sven Vermeulen, post on Tue 16 February 2010
Added quota information
by Sven Vermeulen, post on Tue 01 September 2009
Draft PDF for Linux Sea
by Sven Vermeulen, post on Mon 10 August 2009
Linux Sea is progressing slowly but surely
by Sven Vermeulen, post on Tue 10 February 2009
Adding exercises and resources
by Sven Vermeulen, post on Mon 15 September 2008
Linux Sea - Updates on graphical environment chapter
by Sven Vermeulen, post on Thu 21 August 2008

Comparing Hadoop with mainframe
by Sven Vermeulen, post on Wed 15 June 2016

The three additional layers in the OSI model
by Sven Vermeulen, post on Wed 09 June 2021
Switched to Lineage OS
by Sven Vermeulen, post on Sun 09 April 2017
I missed FOSDEM
by Sven Vermeulen, post on Tue 07 February 2017
Lots of new challenges ahead
by Sven Vermeulen, post on Sun 19 October 2014
Umounting IPv6 NFS(v4) mounts
by Sven Vermeulen, post on Fri 23 August 2013
Today was a productive day
by Sven Vermeulen, post on Thu 15 August 2013
Hacking java bytecode with dhex
by Sven Vermeulen, post on Sat 01 June 2013
Centers of Excellence
by Sven Vermeulen, post on Tue 25 October 2011
About time...
by Sven Vermeulen, post on Thu 24 February 2011
prezi presentations
by Sven Vermeulen, post on Fri 10 September 2010
GSE TWS BeLux 2010
by Sven Vermeulen, post on Thu 03 June 2010
Extremely simple task manager
by Sven Vermeulen, post on Thu 18 December 2008

Automating compliance checks
by Sven Vermeulen, post on Sat 03 March 2018
Documenting a rule
by Sven Vermeulen, post on Wed 24 January 2018
Structuring a configuration baseline
by Sven Vermeulen, post on Wed 17 January 2018
Documenting configuration changes
by Sven Vermeulen, post on Sun 07 January 2018
Authenticating with U2F
by Sven Vermeulen, post on Mon 11 September 2017
Matching MD5 SSH fingerprint
by Sven Vermeulen, post on Thu 18 May 2017
Talk about SELinux on GSE Linux/Security
by Sven Vermeulen, post on Tue 25 March 2014
Giving weights to compliance rules
by Sven Vermeulen, post on Thu 26 December 2013
Doing a content check with OVAL
by Sven Vermeulen, post on Tue 24 December 2013
What is OVAL?
by Sven Vermeulen, post on Sun 22 December 2013
Remediation through SCAP
by Sven Vermeulen, post on Fri 20 December 2013
Running a bit with the XCCDF document
by Sven Vermeulen, post on Wed 18 December 2013
XCCDF - Documenting a bit more than just descriptions
by Sven Vermeulen, post on Mon 16 December 2013
An XCCDF skeleton for PostgreSQL
by Sven Vermeulen, post on Sat 14 December 2013
Documenting security best practices - XCCDF introduction
by Sven Vermeulen, post on Thu 12 December 2013
The mix of libffi with other changes
by Sven Vermeulen, post on Sun 03 November 2013
In-browser encryption for online password management
by Sven Vermeulen, post on Sun 20 October 2013
Switching gpg key to 0x2EDD52403B68AF47
by Sven Vermeulen, post on Thu 19 September 2013
cvechecker 3.3 released
by Sven Vermeulen, post on Mon 16 September 2013
Putting OVAL at work
by Sven Vermeulen, post on Thu 01 August 2013
Looking at the local Linux kernel privilege escalation
by Sven Vermeulen, post on Fri 17 May 2013
Highlevel assessment of Cdorked and Gentoo Hardened/SELinux
by Sven Vermeulen, post on Tue 14 May 2013
Overview of Linux capabilities, part 3
by Sven Vermeulen, post on Mon 06 May 2013
Overview of Linux capabilities, part 2
by Sven Vermeulen, post on Sun 05 May 2013
Overview of Linux capabilities, part 1
by Sven Vermeulen, post on Sat 04 May 2013
Restricting and granting capabilities
by Sven Vermeulen, post on Fri 03 May 2013
Capabilities, a short intro
by Sven Vermeulen, post on Thu 02 May 2013
Securely handling libffi
by Sven Vermeulen, post on Sun 28 April 2013
Mitigating DDoS attacks
by Sven Vermeulen, post on Mon 22 April 2013
What could SELinux have done to mitigate the postgresql vulnerability?
by Sven Vermeulen, post on Tue 16 April 2013
How far reaching vulnerabilities can go
by Sven Vermeulen, post on Tue 09 April 2013
Using stunnel for mutual authentication
by Sven Vermeulen, post on Sat 08 December 2012
Perimeter security testing
by Sven Vermeulen, post on Tue 28 August 2012
Hardening the Linux kernel updates
by Sven Vermeulen, post on Sat 21 July 2012
Hardening the Linux kernel
by Sven Vermeulen, post on Fri 20 July 2012
Hardening OpenSSH
by Sven Vermeulen, post on Wed 18 July 2012
Why both chroot and SELinux?
by Sven Vermeulen, post on Sun 15 April 2012
Mitigating risks, part 5 - application firewalls
by Sven Vermeulen, post on Wed 05 October 2011
Mitigating risks, part 4 - Mandatory Access Control
by Sven Vermeulen, post on Fri 23 September 2011
Mitigating risks, part 3 - hardening
by Sven Vermeulen, post on Tue 13 September 2011
Mitigating risks, part 2 - service isolation
by Sven Vermeulen, post on Fri 09 September 2011
Mitigating risks, part 1
by Sven Vermeulen, post on Mon 05 September 2011
checksec kernel security
by Sven Vermeulen, post on Sun 24 July 2011
High level explanation on some binary executable security
by Sven Vermeulen, post on Fri 15 July 2011
cvechecker 3.0
by Sven Vermeulen, post on Tue 12 April 2011
cvechecker updates
by Sven Vermeulen, post on Sun 27 March 2011
cvechecker update
by Sven Vermeulen, post on Sat 19 February 2011
cvechecker 2.0 released
by Sven Vermeulen, post on Wed 01 December 2010
Helping with version detection rules in cvechecker
by Sven Vermeulen, post on Sat 27 November 2010
Delta processing in cvechecker
by Sven Vermeulen, post on Tue 02 November 2010
Risk identification
by Sven Vermeulen, post on Thu 14 October 2010
cvechecker 1.0 released
by Sven Vermeulen, post on Fri 01 October 2010
cvechecker 0.6 released
by Sven Vermeulen, post on Wed 08 September 2010
cvechecker 0.5 released
by Sven Vermeulen, post on Thu 02 September 2010
cvechecker 0.4 released
by Sven Vermeulen, post on Wed 25 August 2010
cvechecker userguide
by Sven Vermeulen, post on Sun 22 August 2010
cvechecker 0.3 released
by Sven Vermeulen, post on Fri 20 August 2010
cvechecker 0.2 released
by Sven Vermeulen, post on Mon 16 August 2010
cvechecker 0.1 released
by Sven Vermeulen, post on Sat 14 August 2010
Linux Sea sources online, cvechecker still in development
by Sven Vermeulen, post on Fri 23 July 2010
cvechecker in development mode
by Sven Vermeulen, post on Mon 12 July 2010
OVAL, SCAP, CVE, CPE, ...
by Sven Vermeulen, post on Sat 05 June 2010

SELinux System Administration 3rd Edition
by Sven Vermeulen, post on Wed 06 January 2021
SELinux and extended permissions
by Sven Vermeulen, post on Mon 20 November 2017
SELinux Userspace 2.7
by Sven Vermeulen, post on Tue 26 September 2017
Using nVidia with SELinux
by Sven Vermeulen, post on Wed 23 August 2017
SELinux System Administration, 2nd Edition
by Sven Vermeulen, post on Thu 22 December 2016
We do not ship SELinux sandbox
by Sven Vermeulen, post on Tue 27 September 2016
Getting su to work in init scripts
by Sven Vermeulen, post on Mon 14 September 2015
Doing away with interfaces
by Sven Vermeulen, post on Sat 29 August 2015
Why we do confine Firefox
by Sven Vermeulen, post on Tue 11 August 2015
Can SELinux substitute DAC?
by Sven Vermeulen, post on Sun 09 August 2015
Filtering network access per application
by Sven Vermeulen, post on Fri 07 August 2015
Don't confuse SELinux with its policy
by Sven Vermeulen, post on Mon 03 August 2015
Loading CIL modules directly
by Sven Vermeulen, post on Wed 15 July 2015
Restricting even root access to a folder
by Sven Vermeulen, post on Sat 11 July 2015
Intermediate policies
by Sven Vermeulen, post on Sun 05 July 2015
Where does CIL play in the SELinux system?
by Sven Vermeulen, post on Sat 13 June 2015
Testing with permissive domains
by Sven Vermeulen, post on Mon 18 May 2015
Use change management when you are using SELinux to its fullest
by Sven Vermeulen, post on Thu 30 April 2015
CIL and attributes
by Sven Vermeulen, post on Sun 15 February 2015
SELinux is great for enterprises (but many don't know it yet)
by Sven Vermeulen, post on Sat 03 January 2015
Why does it access /etc/shadow?
by Sven Vermeulen, post on Tue 30 December 2014
Using multiple priorities with modules
by Sven Vermeulen, post on Fri 31 October 2014
After SELinux System Administration, now the SELinux Cookbook
by Sven Vermeulen, post on Wed 24 September 2014
Segmentation fault when emerging packages after libpcre upgrade?
by Sven Vermeulen, post on Wed 09 July 2014
D-Bus and SELinux
by Sven Vermeulen, post on Mon 30 June 2014
Chroots for SELinux enabled applications
by Sven Vermeulen, post on Sun 22 June 2014
Visualizing constraints
by Sven Vermeulen, post on Sat 31 May 2014
If things are weird, check for policy.29
by Sven Vermeulen, post on Thu 17 April 2014
Decoding the hex-coded path information in AVC denials
by Sven Vermeulen, post on Sun 30 March 2014
Querying SELinux policy for boolean information
by Sven Vermeulen, post on Fri 28 March 2014
Switching context depending on user code-wise
by Sven Vermeulen, post on Sun 12 January 2014
How does foo_t get this privilege?
by Sven Vermeulen, post on Sun 05 January 2014
Oh it is cron again...
by Sven Vermeulen, post on Fri 03 January 2014
Private key handling and SELinux protection
by Sven Vermeulen, post on Thu 02 January 2014
Limiting file access with SELinux alone?
by Sven Vermeulen, post on Tue 31 December 2013
It has finally arrived: SELinux System Administration
by Sven Vermeulen, post on Fri 27 September 2013
Network routing based on SELinux?
by Sven Vermeulen, post on Wed 21 August 2013
Some things sound more scary than they are
by Sven Vermeulen, post on Thu 15 August 2013
Rebuilding SELinux contexts with sefcontext_compile
by Sven Vermeulen, post on Mon 08 July 2013
A SELinux policy for incron: finishing up
by Sven Vermeulen, post on Fri 31 May 2013
A SELinux policy for incron: using booleans
by Sven Vermeulen, post on Thu 30 May 2013
A SELinux policy for incron: marking types eligible for watching
by Sven Vermeulen, post on Wed 29 May 2013
A SELinux policy for incron: default set
by Sven Vermeulen, post on Tue 28 May 2013
A SELinux policy for incron: the incrond daemon
by Sven Vermeulen, post on Mon 27 May 2013
A SELinux policy for incron: new types and transitions
by Sven Vermeulen, post on Sun 26 May 2013
A SELinux policy for incron: basic set for incrontab
by Sven Vermeulen, post on Sat 25 May 2013
A SELinux policy for incron: our first interface
by Sven Vermeulen, post on Fri 24 May 2013
A SELinux policy for incron: the basic skeleton
by Sven Vermeulen, post on Thu 23 May 2013
A SELinux policy for incron: what does it do?
by Sven Vermeulen, post on Wed 22 May 2013
Why oh why does a process run in unlabeled_t?
by Sven Vermeulen, post on Tue 21 May 2013
The weird "audit_access" permission
by Sven Vermeulen, post on Sun 19 May 2013
Commandline SELinux policy helper functions
by Sven Vermeulen, post on Sat 18 May 2013
SECMARK and SELinux
by Sven Vermeulen, post on Mon 13 May 2013
Peer labeling in SELinux policy
by Sven Vermeulen, post on Sun 12 May 2013
SELinux policy and network controls
by Sven Vermeulen, post on Sat 11 May 2013
SELinux mount options
by Sven Vermeulen, post on Wed 01 May 2013
How logins get their SELinux user context
by Sven Vermeulen, post on Sat 27 April 2013
Using strace to troubleshoot SELinux problems
by Sven Vermeulen, post on Wed 24 April 2013
SELinux tutorial series, update
by Sven Vermeulen, post on Mon 18 March 2013
SELinux tutorial series
by Sven Vermeulen, post on Fri 15 March 2013
Using pam_selinux to switch contexts
by Sven Vermeulen, post on Mon 10 December 2012
Local policy management script
by Sven Vermeulen, post on Sun 11 November 2012
Lots of work on supporting swig-2
by Sven Vermeulen, post on Mon 20 August 2012
Dynamic transitions in SELinux
by Sven Vermeulen, post on Sun 22 July 2012
Transitioning to MCS policies
by Sven Vermeulen, post on Fri 24 February 2012
Trying out initramfs with selinux and grsec
by Sven Vermeulen, post on Sun 15 January 2012
Unix domain sockets are files
by Sven Vermeulen, post on Sat 31 December 2011
Some people on #selinux are ... dolphins
by Sven Vermeulen, post on Thu 14 July 2011
Policy 25, 26
by Sven Vermeulen, post on Wed 01 June 2011
SELinux file contexts
by Sven Vermeulen, post on Sun 15 May 2011
SELinux User-Based Access Control
by Sven Vermeulen, post on Mon 02 May 2011
SELinux and noatsecure, or why portage complains about LD_PRELOAD and libsandbox.so
by Sven Vermeulen, post on Fri 22 April 2011
Updates on SELinux docs, added FAQ
by Sven Vermeulen, post on Wed 09 March 2011
Portage fails to build due to SELinux?
by Sven Vermeulen, post on Thu 03 March 2011
Temporary script for Gentoo Hardened SELinux users
by Sven Vermeulen, post on Sun 27 February 2011
SELinux for Gentoo Hardened
by Sven Vermeulen, post on Sun 06 February 2011
Confining user applications
by Sven Vermeulen, post on Sun 16 January 2011
SELinux enforcing for console activity
by Sven Vermeulen, post on Sat 30 October 2010
SELinux quicky
by Sven Vermeulen, post on Tue 14 September 2010