Freorit - Modern Web Development & Digital Solutions

Welcome to Freorit — I'm Andreas. It all started with a Linux laptop and a self-built pfSense router. What began as a hobby turned into years of hands-on projects in my own homelab, diving deeper into the fascinating world of self-hosting and IT security.

Here I document my practical experiences — the things I learned, the mistakes I made along the way, and hopefully a useful tip or two around cloud, self-hosting, networking and security.

My focus is on IT infrastructure with an emphasis on networking, security, and Linux. Certified in LPIC-2, CompTIA Network+, AWS CCP, and BSI IT-Grundschutz — backed by years of homelab experience and initial IT support work. I am looking to start my IT career as a systems integrator, network specialist, or in a DevOps environment.

My Network & Security Focus

Networking & Firewalling

CompTIA Network+ and Cisco Networking Basics certified. I use OpenBSD pf as firewall/router and am increasingly working my way into network security and protocols.

Cloud & Infrastructure as Code

Oracle OCI Foundations Associate and AWS Cloud Practitioner completed. I am learning cloud architectures and Infrastructure-as-Code and continuing to build on this.

Privacy-First Services

DNS resolver with Unbound, hardened mail servers, SearXNG instance – I run self-hosted services with a focus on privacy and minimal attack surface.

Hardened Linux Systems

LPIC-1 & LPIC-2 certified. I work with OpenBSD and hardened Linux systems and keep learning about system configuration and hardening.

Open Source Tooling

OpenBSD pf, WireGuard VPN, Pi-hole DNS and Fail2ban – I use open-source tools to secure my infrastructure and keep learning along the way.

Threat Detection & Monitoring

System logs, basic intrusion detection and security monitoring – through CISA training and practice I am learning to identify and assess security incidents.

Certification-based Core Competencies

Expert Level (5+ Certifications + Practice)

Linux System Administration Network Security Architecture TCP/IP & Network Fundamentals

Advanced Level (3-4 Certifications)

Cloud Infrastructure Firewall & VPN Technologies Virtual Networking & SDN Network Services (DNS/DHCP) Routing & Switching PKI / Certificate Management mTLS & Zero-Trust Networking BSI IT-Grundschutz / ISMS

Intermediate Level (Emerging Expertise)

Cloud Security & Compliance Identity & Access Management Infrastructure as Code Network Monitoring & Troubleshooting Wireless Networking IPv6 Suricata IDS SNMPv3 ZFS DevOps / CI-CD

Familiar Level (Foundation Knowledge)

Container Networking Multi-Cloud Strategies Network Automation

Programming & Automation Expertise

Advanced Level (System Administration)

Bash Scripting Shell Programming System Automation Configuration Management

Intermediate Level (Infrastructure)

YAML/JSON SQL Basics Config File Management Docker Grafana Prometheus Terraform Python

Security-First Networking – Core Competencies

Network Security Architecture: From firewall rules to cloud security – comprehensive security concepts
Hardened Infrastructure: Hardened multi-service environment productively operated for years
Privacy-by-Design: Secure open-source alternatives to proprietary enterprise solutions
Hands-on Security Engineering: Practical implementation of zero-trust architectures and defense-in-depth
Multi-Cloud Security: Cloud-agnostic security strategies for hybrid infrastructures
Open Source Advocacy: Promoting transparent and auditable security solutions