Today I was confronted with a quite annoying problem. I have a server with a 1Gbps network card connected to a 1Gbps switch. I was trying to backup my data as usual but the transfer was slower than usual. Using ethtool I saw that the link speed was only 100Mbps !
Using [OpenSource][opensource-wikipedia] software written by unkown people sometimes can be a little scary. Even more when I deploy them I a production environment in my company. On my case, I have created a brand new [Kubernetes][kubernetes-website] cluster to host some private services on my local network and I wanted to be sure that they don't do anything malicious on my network.
I'm currently hosting some private web services accessible from internet. In order to protect those apps, I needed a very secure way to protect the access to them.
As you may already know, there are tons of bots that continuously scan all public internet IPs for potential vulnerabilities. From open ports, insecure web services or security breach. There are private organizations that allow to discover those vulnerabilities like [Shodan][shodan-website]. In my particular case, this is the only information that they could collect from my IP gateway :