Being Attacked by Bots

18 Feb, 2020 - 6 minutes
On the 19th of January 2020, a malicious actor launched an attack against my home infrastructure. At 42 minutes after midnight a device located in Buenos Aires, Argentina began attacking my proxy server. For the next six minutes, approximately 150 malicious HTTP requests were made. Fortunately, every single one of these requests was met with a HTTP/400 response, that’s because I don’t use Apache Struts 2 which this bot was attempting to exploit.

Linux Firewall and IDS Appliance

14 Feb, 2020 - 10 minutes
Over the years, I’ve chewed through quite a few different routers, firewalls, even virtual appliances to connect my home network to the internet. Though most of these provided positive experiences, all of them had at least one point of friction, sometimes to the point of being a dealbreaker. PFSense is a great platform, but has terrible ethics. Sophos is proprietary and has an awful CLI. Untangle feels more like an ad than a product.

You Probably Don't Need a VPN

15 Jan, 2020 - 4 minutes
Do you live in North Korea or Iran? Is your totalitarian government cracking down on dissidents? These are serious concerns for some, but for the rest of us it might be time to re-think the modern threat model. Why to people use VPN services? I think at the very core of the VPN subscription market is the belief that as a consumer it’s possible to buy privacy. That’s simply wrong. Privacy is a process, not a product.

Build a Linux Router from an Old Laptop

13 Nov, 2019 - 7 minutes
Recently, I found myself in a situation where I needed to quickly replace a broken router. In times like these, you must improvise and think on your feet… The device in question was an old, rusty but trusty IBM ThinkPad T60. This particular machine has a special history for me. I salvaged it from a pile of e-waste at my old job as a PC tech many years ago, and that summer it was my playground for learning Linux ultimately starting the career which I currently enjoy.

Fix an Oversharded Elasticsearch Cluster

TL;DR The default settings for Logstash index rotation are bad and will break your cluster after a few months unless you change the rotation strategy. If you’re anything like me, you probably read somebody’s cool blog about how awesome ELK stack is and just had to have a piece of it. So you went through the quick start guide, googled your way through getting it up and running, then BAM you had an awesome logging system with all the bells and whistles!