Programming
Syncing RouterOS address-lists
Pull-based RouterOS address-list synchronization using dynamic webserver scripts: generating conditional add/update commands from database backend, fetching and executing scripts on multiple routers, tracking updates with timestamps, and avoiding API version compatibility issues.nginx ISP fence
Implementing geographic fencing for nginx applications by ISP networks: using nginx geo module to whitelist IP subnets, aggregating prefixes by source AS from BGP looking glass, and generating dynamic ACL lists for regional access restrictions.RabbitMQ - PSaaS
Building Port Scan as a Service with RabbitMQ message queuing: nginx/PHP-FPM frontend validates and queues scan requests via php-amqplib, backend workers execute nmap scans immediately, with automatic job retry on failure and SQL result storage.A BGP Slash Command
Building a Slack /bgp slash command using custom API at api.hextet.net: integrating BGP lookups, whois, and looking glass functionality directly into Slack channels via web API POST integration.HTML Email with Nagios
Implementing HTML-formatted Nagios alerts using nagios-html-email: installing via npm, configuring custom notification commands, and replacing mailx with sendmail to properly render HTML email notifications.ipquail-go
Rewriting ipquail.com in Go using pilu/traffic router: replacing SSI/Apache hacks with proper API endpoints for IP/PTR lookups, nginx reverse proxy handling IPv4/IPv6 termination, and JSON response formatting.Monitoring Onions
Monitoring Tor hidden services with Nagios using torsocks: creating check_commands for HTTP/SSH/TCP over Tor, tracking onion availability/performance, and publishing monion repository with sample configs for .onion monitoring.Nagios Logs, Handy One-Liner
Converting Nagios log timestamps to human-readable format using Perl one-liner: piping epoch timestamps through localtime() substitution for on-the-fly date conversion in monitoring logs and BGP data.Does Everything Still Work?
Building test-driven infrastructure with Bash Automated Testing System (BATS): creating 27 pre-change validation tests for websites, redirects, SSL endpoints, and dynamic content to answer "does everything still work?"SaltStack, CouchDB, and Nagios
Building distributed monitoring with SaltStack returners to CouchDB: storing nagios check results globally from multiple VPS locations, visualizing traceroutes/latency, and designing contextual alerts beyond simple up/down states.Service Status via SaltStack 2014.7 with Nagios
Exploring SaltStack 2014.7's nagios module: remote execution of nagios-plugins on minions, pillar-defined check lists with Jinja templating, distributed monitoring ideas, and contributing documentation fixes to SaltStack.New and Removed ASNs
Automating Canadian ASN discovery using Blockfinder: daily diff emails tracking ARIN assignments, patching TTY progress bar issues for cron jobs, and proposing ARIN's arin-issued list for AS numbers (later implemented).Firewall Log Stats
Analyzing OpenBSD PF firewall logs with enhanced Pantz PFlog Stats: added GeoIP support using Maxmind DB, updated whois links for global regions, and automated blocked packet analysis with Perl scripting.IP Quail API
Building a JSON API for ipquail.com using Python/Flask and uWSGI/nginx: RESTful endpoints returning IPv4/IPv6 addresses, inspired by ARIN's Whois-RWS, with CORS support and production SSI implementation.Unshortening with cURL
Using curl to reveal the final destination of shortened URLs before clicking: one-liner command with redirect following and a simple shell script wrapper for safe link verification.ipquail now curl friendly
Adding CLI-friendly IP detection to ipquail.com: returns plain IPv4/IPv6 addresses when accessed via curl, with separate subdomains for protocol-specific queries and script integration.Anycast Administration with SaltStack
Automating git pulls across multiple anycast nodes using SaltStack: replacing manual SSH logins with a single salt master command that updates web directories simultaneously on all anycast instances.SaltStack Automation
Getting started with SaltStack master/minion setup: key management, running commands across Linux/FreeBSD hosts, apt integration for package updates, and Python API for automation scripting.check-soa
check-soa is a CLI tool written in go which lets a DNS name server administrator easily verify that all servers listed as authoritative are in sync and serving the same zone by verifying the SOA record. I use this tool nearly every day at work to verify that changes have propagated to all slave nameservers.Atom.io
First impressions of GitHub's Atom editor as a Sublime Text alternative: markdown-aware UI, git status indicators, built-in CLI launcher, and early macOS-only binaries despite cross-platform plans.subcalc
CLI subnet calculator (subcalc) with ifconfig-style syntax. Supports IPv4/IPv6, reverse DNS generation, and 6to4 conversions; maintained cross-platform on GitHub.1f j00 R R34d1N 7h12 m3m0ry j00 R pWN3D
Heartbleed OpenSSL vulnerability analysis. Memory disclosure vulnerability affecting OpenSSL 1.0.1-1.0.1f, widespread device impact, and scanning/remediation strategies.Learning Python: Part 2
Continued Python learning: using ConfigParser for INI file configuration. Demonstrates Python's simplicity, built-in functionality, and extensibility with practical code examples.Learning Python: Part 1
Starting Python learning journey with Lynda.com tutorials. Building projects with Python/Scapy for network analysis and UBNT Unifi controller APIs.XKCD Passwords
Examining XKCD comic strip #936 on password security and memorable passphrases. Review of xkcd-password implementations on GitHub for generating user-friendly passwords with entropy calculation.goto fail
Analysis of critical goto-related bugs in SSL/TLS signature verification in Apple and GnuTLS. Examines the dangers of goto statements and implications of delayed security patching.IP Quail
Building IP Quail, an IPv4/IPv6 service to display client IP addresses. Deployed on HenchCDN with anycast distribution using SSI and Bootstrap for high performance and availability.Enjoying HTML5 over the Holidays
Web design projects using HTML5 and Bootstrap. Redesigned multiple sites including portfolio and blog, leveraging static site generation instead of PHP-based solutions.2014: IPv6 and HTML5
Blog engine migration to Octopress with Markdown support. Upcoming technical articles on OpenBGPD looking glasses, IPv6 implementation, and infrastructure projects for 2014.Where Old Code Goes....
Where Old Code Goes....