Fail2banPythonbrute-force protection

Scans log files and bans IPs that show the malicious signs – too many password failures, seeking for exploits, etc


Administration tool for packet filtering and classification

OpenSSHCsecure services

Free SSH protocol suite providing encryption for network services like remote login or remote file transfers

WireGuardCsecure tunnel

Extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography



SUID sandbox program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces, seccomp-bpf and Linux capabilities

DockerGoapplication container

Run applications securely isolated in a container, packaged with all its dependencies and libraries

LXCCsystem container

Offers an environment as close as possible to the one you’d get from a VM but without the overhead that comes with running a separate kernel and simulating all the hardware


HTTP headers#

Content Security Policy (CSP)

Mechanism by which web developers can control the resources which a particular page can fetch or execute, as well as a number of security-relevant policy decisions


Require checking of a response’s Content-Type header against the destination of a request

Further reading#

  • OWASP - Free and open software security community