dn42 stands for Decentralized Network 42. It is an interconnected network that employs the same technology (DNS, BGP, etc) as the internet. This provides a great opportunity to replicate the processes used by real ISPs peering on the internet.…
read more...A comprehensive list of examples of configuring the Caddy webserver. Includes TLS, Proxy, Oauth2, and more!…
read more...Systemd includes a feature to restrict which IP addresses can communicate with a service. As an example, let's use this to SSH to the 192.168.1.0/24 subnet…
read more...This post will look at how to define network namespaces and connect to and between them using veth pairs…
read more...In this tutorial, we will look at how the cURL utility can be used to send out emails. This is useful for things like automated alerts…
read more...I've always loved the RandomArt feature in SSH that is used to display a visual representation of a peer's public key. I thought it would be great to extend this to TLS.…
read more...Did you know that on a Linux system running the ping command requires root privileges? Normal users are able to run the command through a special permission known as setuid…
read more...This tutorial will look at how network namespaces can be defined in systemd service unit definitions. This example will at running the Nginx service inside a separate network namespace that has its own physical interface. Like most of my tutorials, this will be done on a Fedora system.…
read more...This is a simple Bash script I wrote to generate memorable names for an IP address space. The names are camelCase word pairs obtained by shuffling a list of the thousand most common English words. This produces readable and memorable hostnames, e.g. FormerAbility.…
read more...This tutorial will show how I used a Python script, Systemd timers, and the XMPP protocol to send myself an instant message when my website goes offline.…
read more...How to log into your Caddy webserver using your Github account (Oauth2). Requires http.jwt and http.login plugins.…
read more...Comprehensive and example rich reference on Firewalld, the default firewall for RHEL/CentOS/Fedora…
read more...This post shows you how to use SSH jump hosts to access internal SSH servers. It also shows how to create limited accounts that can only be used for jumphost access…
read more...In this post, I'll discuss how I migrated this Ghost blog to a new server, and its configuration using docker-compose and Cloudflare.…
read more...This is a python script I made for dynamic dns with Amazon Route53. I also made a Python REST API.…
read more...This posts looks at how to encrypt files with RSA using the OpenSSL command. It also shows how RSA public keys can be retrieved from SSH and TLS servers…
read more...How to obtain Let's Encrypt certificates via an S3 bucket with optional Cloudflare origin-host configuration…
read more...I had wondered for a while how SSH reverse port forwarding works. RPF allows you to publish any reachable port upstream to a server. This allows you to act as a server without having to open any external ports.…
read more...I often use S3 for ad-hoc storage. This post will look at configuring auto-deletion of objects, as well as generating temporary public URLs…
read more...Comprehensive documentation of all of the options for the dnsmasq DNS/DHCP server, with practical examples…
read more...In this tutorial, I'll be setting up a pair of authoritative DNS servers using the NSD DNS server daemon.…
read more...This script will detect if SSH has inadvertently been exposed to the outside world.…
read more...It would be neat if my wireless access point could bridge directly to my cable modem so that clients would have proper public IP addresses. Being directly connected to the internet significantly increases vulnerability so the aim is to address this with a bridge firewall.…
read more...This is an experimental script I made to store encrypted TFA credentials in the cloud. It uses GPG to protect the the uploaded data. The tokens can be accessed anywhere on anything that has access to the GPG key.…
read more...The script, using only Bash, will scan common ports, and if an open port is found, it will display a base64 encoded output of the servers response.…
read more...