DevOps. Security. Dogs.
Not necessarily in that order.
PGP: 0xC0EE29073A219F19

About dogsec

The Great Home Lab Rebuild -- Part 1: Storage

I returned from AWS re:Invent 2017, opened closet door that houses my home lab gear and heard that sound. You know the sound. Time to take action. So, do I buy another drive to keep the PC or NAS (I wasn’t sure which at this point), or do I rebuild the whole thing?

Well, since all of my lab gear was pushing 10 years, and a blog post about a drive swap would be boring AF, you can guess where we’re going…

The Great Home Lab Rebuild!

read more

Configuring AWS CLI access with MFA

When protecting important resources online these days, MFA is a must. Bank accounts, utilities, e-mail accounts, etc.

Protecting your account on your infrastructure provider should be no different. Especially considering not doing so can cause you great financial pain if someone deletes your critical resources, exfiltrates your data or spins up their own Bitcoin mining operation, at your expense.

AWS’ IAM, thankfully, has supported MFA for user accounts for quite some time now. Users can log into their accounts, register their virtual MFA token (Google Authenticator or what have you) and you’re off and running.

read more

Building your own DNS proxy, part 2: Writing the code

In my first post about building your own DNS “smart” proxy, I touched on the basics of how a smart DNS proxy works, how to build a basic version on a cloud provider and the paid alternatives that are out there. In this post, we’ll take that knowledge and productionalize, operationalize or whatever buzzword you want to use to refer to it as “not sucking”.

read more

Building your own DNS proxy, part 1: The basics

Over the past year, I have explored various DNS “smart” proxy services to use in a couple of my environments. The experience with some of these paid services, like and Unlocator, left a lot to be desired, so I decided to set out and build my own.

read more