Blog

Practical homelab security writing. CVE deep-dives, hardening checklists, monthly review routines, and honest thoughts on the tools that actually work.

• The Mac-native homelab vulnerability scanner

  Agentless over SSH. One-time purchase. No Docker, no SaaS. Built for people who run their own boxes.

• 10 homelab security quick wins to knock out in an afternoon

  Ten practical hardening steps you can apply across your homelab in a single Saturday.

• The monthly homelab security checklist

  Ninety minutes, coffee, and a checklist. The monthly routine that keeps a homelab from drifting.

• How often should you scan your homelab for vulnerabilities?

  Daily, weekly, monthly? A practical answer about scan cadence and alert fatigue.

• SSH key hygiene: what's in your authorized_keys?

  Find the keys you forgot, audit the ones you kept, and rotate without locking yourself out.

• TLS certificate expiry on self-hosted services

  Stop your services from going down at 3am because a cert expired.

• Why your Raspberry Pi's OpenSSL is out of date (and how to fix it)

  Find unpatched CVEs on your Pi and fix them in one command.

• CVE-2022-3602 and CVE-2022-3786 in your homelab

  The OpenSSL X.509 email-address buffer overflows. How to find affected hosts across your fleet.

• Pareto Security for your whole fleet

  Pareto audits your Mac. Noxen extends the same idea to every remote box you own — agentless, over SSH.

• Nessus alternative for Mac homelabs

  Tenable Nessus is excellent for enterprises. It's overkill for a home rack. Here's a right-sized alternative.

• Agentless SSH host inventory

  How Noxen reads your host inventory over plain SSH — no agent, no daemon, no new ports.

• Why Noxen flags exposed admin panels but never logs in

  Default-credential testing is explicitly out of scope. Here's why that's a product decision, not a limitation.