Cloud. Security. Dogs.
Not necessarily in that order.
PGP: 0xC0EE29073A219F19

View My GitHub Profile

My Shmoocon Retrospective

Back to reality after Shmoocon 2018, which was easily the best con that I’ve been to so far. I got more out of Day 1 of Shmoocon than I did out of entire week of some certain other large cloud-y conferences. Granted, this was my very first con in the InfoSec space, so that may have had something to do with it, but overall, I loved the format, the talks, the people, and the extracurricular activities (CTF, Lockpick Village, etc). I loved it so much that I wanted to do an incredibly disjointed write-up on my experience. Enjoy!

read more

The Great Home Lab Rebuild -- Part 1: Storage

I returned from AWS re:Invent 2017, opened closet door that houses my home lab gear and heard that sound. You know the sound. Time to take action. So, do I buy another drive to keep the PC or NAS (I wasn’t sure which at this point), or do I rebuild the whole thing?

Well, since all of my lab gear was pushing 10 years, and a blog post about a drive swap would be boring AF, you can guess where we’re going…

The Great Home Lab Rebuild!

read more

Configuring AWS CLI access with MFA

When protecting important resources online these days, MFA is a must. Bank accounts, utilities, e-mail accounts, etc.

Protecting your account on your infrastructure provider should be no different. Especially considering not doing so can cause you great financial pain if someone deletes your critical resources, exfiltrates your data or spins up their own Bitcoin mining operation, at your expense.

AWS’ IAM, thankfully, has supported MFA for user accounts for quite some time now. Users can log into their accounts, register their virtual MFA token (Google Authenticator or what have you) and you’re off and running.

read more

Building your own DNS proxy, part 2: Writing the code

In my first post about building your own DNS “smart” proxy, I touched on the basics of how a smart DNS proxy works, how to build a basic version on a cloud provider and the paid alternatives that are out there. In this post, we’ll take that knowledge and productionalize, operationalize or whatever buzzword you want to use to refer to it as “not sucking”.

read more

Building your own DNS proxy, part 1: The basics

Over the past year, I have explored various DNS “smart” proxy services to use in a couple of my environments. The experience with some of these paid services, like and Unlocator, left a lot to be desired, so I decided to set out and build my own.

read more