• Home
  • Networking
  • Security
  • Scripting
  • Cloud

Etherarp

Networking, Security, Linux

Caddy Cheatsheat

12 May 2020 on caddy, web server, cloud, https, reverse proxy

A comprehensive list of examples of configuring the Caddy webserver. Includes TLS, Proxy, Oauth2, and more!…

read more...

Built-in Firewall for Systemd Services

28 Dec 2019 on systemd, linux, security

Systemd includes a feature to restrict which IP addresses can communicate with a service. As an example, let's use this to SSH to the 192.168.1.0/24 subnet…

read more...

Connecting Network Namespaces with veth

14 Sep 2019 on linux, systemd, container, networking, iproute2, namespaces

This post will look at how to define network namespaces and connect to and between them using veth pairs…

read more...

Sending Emails with cURL

08 Sep 2019 on automation, cloud, scripting

In this tutorial, we will look at how the cURL utility can be used to send out emails. This is useful for things like automated alerts…

read more...

Verify TLS Servers with Random Art

08 Sep 2019 on security, web security, tls, ssh, bash

I've always loved the RandomArt feature in SSH that is used to display a visual representation of a peer's public key. I thought it would be great to extend this to TLS.…

read more...

Process Privilege Escalation with SUID

29 Aug 2019 on linux, linux security, security

Did you know that on a Linux system running the ping command requires root privileges? Normal users are able to run the command through a special permission known as setuid…

read more...

Network Isolation of Services with Systemd

18 Aug 2019 on linux, fedora, container, systemd

This tutorial will look at how network namespaces can be defined in systemd service unit definitions. This example will at running the Nginx service inside a separate network namespace that has its own physical interface. Like most of my tutorials, this will be done on a Fedora system.…

read more...

Generating Memorable Hostnames for a Subnet

14 Aug 2019 on bash, networking, scripting

This is a simple Bash script I wrote to generate memorable names for an IP address space. The names are camelCase word pairs obtained by shuffling a list of the thousand most common English words. This produces readable and memorable hostnames, e.g. FormerAbility.…

read more...

Send IM when site goes offline

13 Aug 2019 on scripting, automation, python

This tutorial will show how I used a Python script, Systemd timers, and the XMPP protocol to send myself an instant message when my website goes offline.…

read more...

Github Login on Caddy

14 Jul 2019 on caddy, api, web server, web security, cloud

How to log into your Caddy webserver using your Github account (Oauth2). Requires http.jwt and http.login plugins.…

read more...

Firewalld Tutorial

06 Jul 2019 on firewall, linux, sysadmin, security, fedora

Comprehensive and example rich reference on Firewalld, the default firewall for RHEL/CentOS/Fedora…

read more...

Protect your infrastructure with SSH Jump Hosts

26 Jun 2019 on ssh, security, cloud, linux, proxy

This post shows you how to use SSH jump hosts to access internal SSH servers. It also shows how to create limited accounts that can only be used for jumphost access…

read more...

Migrating the Blog (Ghost+Caddy+Docker)

26 Jun 2019 on cloud, ghost, sysadmin, docker, fedora, web server, caddy

In this post, I'll discuss how I migrated this Ghost blog to a new server, and its configuration using docker-compose and Cloudflare.…

read more...

Dynamic DNS with Route53

21 Jun 2019 on aws, cloud, dns

This is a python script I made for dynamic dns with Amazon Route53. I also made a Python REST API.…

read more...

Encrypting Files using an RSA Public Key

01 Jun 2019 on security, cryptography, docker, ssh, tls

This posts looks at how to encrypt files with RSA using the OpenSSL command. It also shows how RSA public keys can be retrieved from SSH and TLS servers…

read more...

Lets Encrypt HTTP-01 using Amazon S3

28 May 2019 on aws, cloud, https, security, s3, scripting

How to obtain Let's Encrypt certificates via an S3 bucket with optional Cloudflare origin-host configuration…

read more...

Reverse Port Forwarding with Bash

02 May 2019 on linux security, bash, firewall

I had wondered for a while how SSH reverse port forwarding works. RPF allows you to publish any reachable port upstream to a server. This allows you to act as a server without having to open any external ports.…

read more...

Using S3 for temporary storage

27 Mar 2019 on cloud, s3, aws

I often use S3 for ad-hoc storage. This post will look at configuring auto-deletion of objects, as well as generating temporary public URLs…

read more...

Dnsmasq Cheat Sheet

26 Jan 2019 on dns, dhcp, sysadmin, networking

Comprehensive documentation of all of the options for the dnsmasq DNS/DHCP server, with practical examples…

read more...

Self Hosted DNS using NSD

18 Jan 2019 on networking, linux, sysadmin, dns

In this tutorial, I'll be setting up a pair of authoritative DNS servers using the NSD DNS server daemon.…

read more...

Script to detect firewall misconfiguration

09 Jan 2019 on security, firewall, linux

This script will detect if SSH has inadvertently been exposed to the outside world.…

read more...

OpenWRT/LEDE Bridging Firewall

02 Jan 2019 on networking, iptables, firewall, linux, security

It would be neat if my wireless access point could bridge directly to my cable modem so that clients would have proper public IP addresses. Being directly connected to the internet significantly increases vulnerability so the aim is to address this with a bridge firewall.…

read more...

Cloud based Two Factor Authentication with gpg+s3

27 Dec 2018 on scripting, security, sysadmin, cloud

This is an experimental script I made to store encrypted TFA credentials in the cloud. It uses GPG to protect the the uploaded data. The tokens can be accessed anywhere on anything that has access to the GPG key.…

read more...

Bash port scanner

27 Dec 2018 on scripting, security, firewall

The script, using only Bash, will scan common ports, and if an open port is found, it will display a base64 encoded output of the servers response.…

read more...

Reactive malware blocking with ipset

19 Dec 2018 on iptables, linux, security, firewall, ipset

This tutorial will demonstrate how to create reactive firewall rules. If a device attempts to communicate with known malware command-and-control servers, the potentially compromised device will be added to a blacklist, and its internet access will be immediately disabled.…

read more...
Page 1 of 3 Older Posts →

Etherarp © 2016-2019 •