LINUX

How to expand VM memory, CPU and disks

In this article we’ll cover three practical cases for expanding resources in a VM managed with libvirt/KVM: Increase the number of vCPUs (cores) Increase RAM memory Expand disk and filesystem inside the guest We’ll use virsh commands, libguestfs tools where applicable, and standard utilities inside the guest (growpart, resize2fs, xfs_growfs, LVM). I’ll include “hot” methods when the system supports them and safe cold alternatives. Note: To run without sudo, your user must belong to the libvirt and kvm groups.

Thursday, October 16, 2025 | 4 minutes Read

How to create a Debian 13 virtual machine template

A virtual machine template is a preconfigured OS image that we use to quickly deploy new VMs, avoiding repetitions and errors. Here we’ll see how to create a Debian 13 master template ready for cloning. 1 Create and install the base VM Create a clean Debian 13 VM, apply all updates and add the common software you want on all clones (guest agent, utilities, etc.). Minimal example: # Create the base VM (adjust CPU, RAM, disk, ISO and network to your environment) virt-install \ --name debian13-base \ --memory 4096 \ --vcpus 2 \ --disk path=/var/lib/libvirt/images/debian13-base.qcow2,size=20,format=qcow2 \ --cdrom /var/lib/libvirt/images/debian-13.1.0-amd64-netinst.iso \ --os-variant debian12 \ --network network=default,model=virtio \ --noautoconsole Once the VM is created, install all the components you want this template to have: users, packages, etc.

Saturday, October 18, 2025 | 6 minutes Read

How to create and manage snapshots in KVM

Snapshots let you capture a VM’s state at a specific moment so you can roll back if something goes wrong (updates, risky changes, tests). In KVM with libvirt there are two main families: Internal snapshots: the snapshot content is stored inside the qcow2 file itself. They usually require the VM to be powered off and only work with qcow2 storage (not raw, LVM, etc.). External snapshots: they create separate overlay files (qcow2); these are the most used for hot snapshots (running VM). They allow more flexible flows and can be consolidated later (blockcommit). Additionally, a snapshot can be:

Friday, October 17, 2025 | 5 minutes Read

Installing NVIDIA Drivers on Debian 13

The installation of NVIDIA drivers in the Linux universe has traditionally been a challenge, especially in distributions like Debian, where free software policies often complicate the process. In this post, I will explain a simple way to install NVIDIA drivers using the official Debian 13 (Trixie) repositories. In addition, at the end of the article, you will learn how to install a key tool called Nvidia Optimus, which gives you the ability to choose which graphics card your system will use.

Sunday, August 24, 2025 | 4 minutes Read

How to Choose Which GPU to Use on My Laptop with Linux

If you have a Linux laptop with an NVIDIA GPU, you may have noticed that the video ports are not working properly after installing the graphics drivers. If this sounds familiar, don’t worry I’ve got you covered. I’ve been investigating and found a tool that can save you several headaches. It’s called EnvyControl, a command-line utility (CLI) that allows you to easily choose which graphics card you want to use on your computer. This is especially useful if your laptop has a hybrid graphics configuration, such as Intel + NVIDIA or AMD + NVIDIA.

Sunday, September 1, 2024 | 3 minutes Read

Installation of NVIDIA Controllers in Debian 12

The installation of NVIDIA drivers in the Linux universe has traditionally been a challenge, especially in distributions such as Debian, where free software policies often complicate the process. In this post I will explain a simple way to install NVIDIA drivers using the official Debian repositories. In addition, at the end of the article, you will learn to install a key tool called Nvidia Optimus, which will provide you with the ability to select which graphics card you will use.

Sunday, September 1, 2024 | 5 minutes Read

Comparative between OpenVPN and Wireguard

The goal of this post is to compare the different VPNs software most used by seeing which is faster, for which we will support in speed test using iperf3. [NOTE] The comparative part of the posts in this section in which we mount each type of VPN. Speed without VPN I’m gonna start by comparing the speeds of these 2 systems, using iperf3. For this I have removed the cisco router as I had it configured with FastEthernet interfaces and changed it to a Linux router with GigabitEthernet interfaces.

Thursday, March 28, 2024 | 9 minutes Read

Create certification authority (CA) and self-signed certificates in Linux

At first a student will establish a Certified Authority and sign a certificate for the other student’s page. We will then test it on the Apache and Nginx web servers. Create the certifying authority Step 1: Creating directories and files The first step will be to generate a directory in which you will locate your certification authority, in order to maintain an organization at all times. The directory name will be CA /. In turn, you have to generate several subdirectories within it:

Thursday, March 28, 2024 | 15 minutes Read

Forensic computer

Forensics is the set of techniques that allows us to obtain as much information as possible after a computer incident or crime. In this practice, you will perform the evidence-taking and analysis phase on one Linux machine and another Windows. We’ll assume we caught the criminal ‘in fraganti’ and the machines were on. Optionally, you can perform an Android device analysis. On each of the machines you must do a memory and a hard drive, taking the necessary measures to certify the chain of custody.

Thursday, March 28, 2024 | 23 minutes Read

Implementation of a perimeter firewall with Fortinet I

Before you start the practice, the scenario you see in the practice is as similar as I can ride to the original practice. I have used version 7.0.9-1 of FortiGate, as the higher versions bring some restrictions. You can download the image from this [link](https://drive.google.com/drive/folders/ 1VGmeLN5inkWNNNUsIvq9ewGUzJLTLkiM). Firewall start-up FortiGate devices are made with the IP 192.168.1.99 / 24, as I am from GNS3 do not need to connect to this interface with a device and change the configuration. Since I can do it from the console.

Thursday, March 28, 2024 | 10 minutes Read

Implementation of a perimeter firewall with Fortinet II

Now let’s emulate firewall practice II, but on GNS3. To this end, I have transformed client 1 into Odin, and added Thor and Loki as virtual machines instead of containers on the LAN network. I have also created a new network called DMZ, in which will be the Hela machine. Since I have transformed the previous scenario into this new one, we have some rules created earlier. Therefore, I will remove from the statement those that are already created, such as making SSH to Odin from port 2222, but with the service listening in the 22.

Thursday, March 28, 2024 | 16 minutes Read

Implementation of a perimeter firewall with Nftables I

In this post on a Debian machine scenario, we will apply rules with Nfables to match the traffic that goes into and out of our network, trying to imitate a scenario. [NOTE] To deploy the stage to perform these exercises you will need to deploy the .yaml file you will find in the link to the next paragraph. This will be in charge of deploying 2 machines one that will make firewall and one that will simulate a client that will be connected to the first machine to simulate a local network.

Thursday, March 28, 2024 | 27 minutes Read