Arpwitch - a modern arpwatch replacement
Arpwitch is a modern arpwatch replacement with JSON formatted outputs and easy options to trigger exec commands when network changes are observed.
A place on the internet about things
Arpwitch is a modern arpwatch replacement with JSON formatted outputs and easy options to trigger exec commands when network changes are observed.
If you’re a little cautious around everything from Microsoft then using their Docker container is a decent approach to manage those concerns. Unfortunately, as tends to be the case with a lot of Microsoft documentation, it’s verbose and long but is somehow missing details that make things real-world useful.
ElasticSearch Kibana CLI (eskbcli) is another tool I’ve had in my back-pocket for a while and frequently rely on when working threat-response / threat-management cases where direct access to ElasticSearch is not easily possible.
Outside the usual realm of security-things, last week I published a SolarEdge Interface, a command-line and a Python module interface to interact with the SolarEdge API service that’s a decent improvement over the existing ones out there.
Wrote a digital multimeter CLI tool (and Python module) to read an old Digitech QM1538 multimeter sold by Jaycar, Australia. This was a weekend-project that started with a scratchy old data-sheet that described the serial-protocol used by this thing. I’d not written a serial-protocol decoder before and the tool would make my digital-multimeter usable via Linux and accessible remotely via SSH which is what I really wanted in this case.
Env-Alias is a helper utility to create shell alias commands that easily set collections of environment variables often with secret values from a variety of data-sources and data-formats.
For longest time I’d been meaning to roll a PyPi package for the Python client interface to FauxAPI, and it is now a thing - it also closes the long open issue #22 asking about PyPi from way back.
This Terraform module creates a Digital Ocean Droplet using Terraform with desirable
additional features. The module is essentially a wrapper around the Digital Ocean
provider using a cloudinit
script to provide additional features:-
Recently I became interested in Keybase.io and really wanted to be able explore my network-graph using Gephi, so I wrote a quick tool to collect the data from Keybase; dump it into GraphML file; then loaded it up in Gephi. The results nicely highlight who-knows-who; the strengths and weaknesses in my own Keybase network; and super connector users with many followers.
The Autossh plugin for OPNsense was submitted as a pull-request for consideration to be added as another OPNsense plugin.
Recently a pfSense FauxAPI request came in as an issue on Github that I wrote example code to address because the
use case sounded like a a common enough request - Github user @Jgerardopine spoke of
wanting a programmatic method for creating (and managing) user accounts in pfSense and was looking to pfsense_fauxapi
to address that requirement. The example code can be found in the examples
section of the repo.
Today we submitted a pull-request for our first public OPNsense plugin, Configuration Sync for OPNsense using S3 compatible storage.
A few years ago I ended up with responsibility for a small fleet of pfSense hosts in several different countries with some being 400+ms latency away which made managing them difficult. I was keen to find a solution that would save staff time and provide a way achieve better configuration consistency across them. After taking a good look at the pfSense code the complexities of the code legacy pfSense is dealing with made it clear why there was no existing API for pfSense as the webapp do not have a consistent framework or Model-View-Control arrangement, indeed many operations simply happen inline at page load.
Recently I noticed that the Philippine Statistics Authority (PSA) does an okay job of publishing their datasets openly and freely online. This is notable because not all authorities in the Philippines are able to achieve this level of straight-forward openness. You could even say it’s quite impressive!
A collection of things in the Philippines that are surprising, different, unusual and often remarkable. Everytime you observe oddball things like these, you really have to see them as opportunities to teach, educate and improve.
In December, 2017 I spent time experimenting with a mesh overlay network called Cjdns that has some interesting qualities about it. I’m not a fan of the darkside-crypto-anarchy mentality that pervades some of the Hyperboria network participants as I believe it erodes the legitimacy of the technology in the same way as Torrent and Tor peer-to-peer systems have issues. With an information-security-hat on however it’s a technology to understand because among other things it can very easily bridge networks in ways you probably do not care for in your own environment.
After a ~10 year hiatus I’ve found time return the blog online - happy days. After considering various approaches I’ve settled on using Github Pages which provides a several nice upsides with least one very-notable downside.
An API end point that returns crime data for cities in the United States. This post has been updated using command- line tools rather than PHP code, however the original end-point is still alive and well with up-to-date data.
Complex systems are hard to secure. It's a statement that gets made time and time again and it makes perfect sense. If you have a system where interactions between various components is complex and difficult to describe or monitor then you can be sure that the failure of components within that system will have consequences that are hard to foresee or appreciate. No surprise.
Google recently enhanced such that it is possible to obtain RSS feeds of canned searches. This is enormously useful but there is no API that enables one to programmatically list, add and remove items to their set of Google Alerts. So partly because it's too cold outside to do anything and partly because this seems like useful functionality I spent a few hours today writing a PHP class that implements an API to Google Alerts.
Moto as in motorbike and motorcycle. Riding from New York City to San Francisco and blogging about it on the way has been the underlaying motivation to put this site together in the first-place. I'm planning on doing the ride in June 2009 on a Kawasaki KLR650 over the course of 4 weeks.
Securing an ATM is hard. Consider this, you have a small compact (albeit strong and heavy) item stuffed with cash in a publicly accessible place. Unless you can sufficiently protect it, it's going to become a liability.