Information Security

Eliminate Your SSH Attack Surface with Cloudflare Tunnel

1187 words · 6 min

I got tired of it.
Genuinely tired.
Every time I’d tail the auth log on my server, it was just wall-to-wall garbage — bots hammering SSH from all over the world, all day, every day.
I’d done the usual stuff: changed the port, set up fail2ban, whitelisted IPs.
And honestly? It still felt like playing whack-a-mole.
So I finally just said forget it and closed the port entirely.
No port, no problem.

The approach is simple: route all SSH access through Cloudflare Tunnel and don’t expose port 22 (or any other port) to the internet at all.
This covers both macOS Terminal and Windows PuTTY, since I use both depending on where I’m working.
Server is Rocky Linux 9.7, for reference.

macOS SSH/VNC Remote Access: Custom Ports and IP-Based ACL

1604 words · 8 min

I recently reinstalled macOS, so I’m writing down the port changes and ACL setup.

Of course, you’ll want to change the default port to a different number,
and to further enhance security, I’ll configure an ACL (Access Control List) to allow access only from specific IP addresses.

macOS security keeps evolving, so these methods change with each OS update.
Tested and working on macOS Sequoia 15.7.3 (January 2026).

This article explains step by step why changing the port is important
and how ACL configuration can further enhance security.

How to Leak Chrome Stored Passwords – When You Don’t Know the PC Account Password

796 words · 4 min

This is Part 3 of the Chrome Password Hacking Series.

In the previous article, we looked at how stored passwords can be leaked
when the attacker knows the PC account password.

In this post, we will look at a different scenario —
even without knowing the PC account password,
Chrome passwords can still be extracted if the computer is left unlocked for a moment.

This is not remote hacking.
It’s another form of local attack, carried out by someone with brief physical access to your machine.

How to Leak Chrome Saved Passwords - When You Know the PC Account Password

758 words · 4 min

This is Part 2 of the Chrome Password Hacking Series.

Chrome’s password autofill feature is convenient, but that convenience can hide a critical weakness.
If someone knows your PC account password, it effectively means your entire set of Chrome-stored passwords is exposed.

This is not a remote hack.
It’s a local attack, carried out by someone who can briefly sit in front of your unlocked PC.

Is Chrome's Password Auto-Fill Really Safe? The Actual Risks of Stored Passwords

596 words · 3 min

This is Part 1 of the Chrome Password Hacking Series.

Chrome’s password autofill feature is convenient and makes everyday browsing easier.
However, convenience often comes with security trade-offs, and autofill is no exception.

In this post, we’ll take a closer look at how the passwords stored in Chrome can be exposed.
This is not about remote hacking—it’s a type of local attack, where someone with brief access to your PC can retrieve your saved passwords.

KeePassXC Password Management: The Optimal Program Recommended by IT Professionals

1993 words · 10 min

This is the password management program I use for work.
It’s been so valuable to me that I wanted to share it with you.
Stop storing your work passwords in Excel files.

Important passwords should be stored in personal files that no one else can access.
This is especially true for IT administrators—KeePassXC is incredibly useful.

KeePassXC is a leading open-source password management tool that’s completely free and works seamlessly across any operating system or mobile environment.

This article covers the essentials of using KeePassXC.