The latest articles on DEV Community by Faruk Ahmed (@bornaly). https://dev.to/bornaly https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F2539780%2F0081c5e5-62ab-48bc-bdb1-bad39d05e21b.jpg https://dev.to/bornaly en Faruk Ahmed Thu, 01 Jan 2026 02:31:40 +0000 https://dev.to/bornaly/i-got-tired-of-guessing-about-linux-security-so-i-built-a-one-command-snapshot-51m0 https://dev.to/bornaly/i-got-tired-of-guessing-about-linux-security-so-i-built-a-one-command-snapshot-51m0 <p>Most Linux servers don’t fail loudly when something goes wrong.<br> They drift.</p> <p>A new cron job.<br> A modified binary.<br> A quiet outbound connection.</p> <p>Nothing obvious — until it matters.</p> <p>I noticed that when I wanted to “check a server,” I kept running the same commands manually, hoping I didn’t forget anything. That doesn’t scale, and it’s easy to miss context.</p> <p>So I built a small, read-only tool for myself:</p> <p>Linux Blindspot Report<br> It runs once and generates:<br> A risk score + severity summary<br> A clean HTML report<br> A TXT report for SSH-only systems</p> <p>A local evidence pack you can review or escalate</p> <p>No agents.<br> No installs.<br> Nothing sent off the box.</p> <p>It doesn’t replace full forensics — it gives you fast clarity.</p> <p>If you’re interested, details are here:<br> 👉 [<a href="https://ko-fi.com/s/288adc543e" rel="noopener noreferrer">https://ko-fi.com/s/288adc543e</a>]</p> <p>I also share a free SSH hardening checklist (no email):<br> 👉 [<a href="https://preview.mailerlite.io/preview/1998020/sites/174539599429764363/6lso1l?fresh=1" rel="noopener noreferrer">https://preview.mailerlite.io/preview/1998020/sites/174539599429764363/6lso1l?fresh=1</a>]</p> <p>Happy to hear feedback from other Linux admins.</p> blueteam sysad opensource cybersecurity