Experiments
5 entries
Nginx Security Hardening
Configuring secure headers, disabling unused modules, rate limiting on this very server.
active
TLS 1.3 Handshake Analysis
Capturing and dissecting TLS 1.3 handshakes with Wireshark. Observing key exchange and cipher negotiation.
active
OpenVPN Server Setup
Self-hosted VPN on Oracle VM. Testing split tunneling and kill-switch configurations.
in progress
DNS over HTTPS (DoH)
Evaluating DoH vs DoT privacy tradeoffs. Inspecting DNS leakage in browser traffic.
in progress
QUIC Protocol Capture
Analysing QUIC handshakes and comparing latency against TCP+TLS equivalents.
planned
Live Packet Feed
simulated
Quick Notes
4 entries
// TLS cipher check
nmap --script ssl-enum-ciphers -p 443 <host>Lists supported cipher suites and grades them A–F.
// Nginx rate limit
limit_req_zone $binary_remote_addr zone=one:10m rate=10r/s;Limits requests per IP to prevent brute force.
// Check open ports
ss -tulnpShows all listening TCP/UDP sockets with process info.
// Certbot renewal
certbot renew --dry-runTests auto-renewal without modifying certificates.
Toolbox
Wireshark
Packet analysis
Nmap
Network scanning
OpenSSL
Cert & TLS ops
Nginx
Web server
Certbot
SSL/TLS certs
GNS3
Network sim
Ubuntu
Server OS
Oracle Cloud
Infra host
Lab Infrastructure
// Host
Oracle Cloud Free TierARM64 · Ubuntu 22.04
Always-Free instance
Mumbai region
// Network
Nginx reverse proxyLet's Encrypt TLS
Spaceship DNS
UFW + iptables firewall
// Purpose
Personal test environmentCybersec experiments
No PII stored
Continuously evolving