Amazon SSO with MFA Using Duo

Amazon SSO is their suggested platform instead of SAML federation / ADFS. This works because you can very quickly deploy AD instances in two availability zones and then hook up their AD Connector so you can leverage SSO with on-prem AD (technically synced up to your Amazon, but I digress) and then can do MFA/2FA with a […]

Read more

vSRX Cluster on oVirt/RHEV

My most recent tinkering endeavor has been trying to get Juniper vSRX running on something more than just a flat KVM host which is what their documentation outlines Along the way during this I hit a lot of odd little things that either were not documented at Junipers site or took a fair bit of engineering to figure […]

Read more

Hybrid cloud from home using DigitalOcean

This is something I had been wanting to do for awhile and the concepts were always floating around in my head. At a high level, I wanted to join a network at my home to a cloud provider. Why? Mostly just because I wanted to see if I could do it and how it could […]

Read more

Using DNS TXT Record Abuse for Exploiting Servers

With everything thats been in the news lately with malware and WannaCry, I figured it’d be fun to proof this out for myself and post about it. The below, of course, assumes that your environment has already been compromised or has someone on it that wants to do something nefarious (disgruntled employee?). I am going to show you, […]

Read more

iomonitor – wrapper script for ioping

Link to it on my github because formatting is screwed up here This is a wrapper script for ioping. Can be implemented in to a cronjob (ex: with https://healthchecks.io ) or as an NRPE command for nagios. Use –nagios-perfdata to generate perfdata for Nagios to consume I needed a way to track I/O latency on […]

Read more

Moving CentOS 7 to LVM on Raspberry Pi 3 / ARMv7L

I will formalize this later when I can This is purely assuming you’re using CentOS 7 on RPI3 and have DD’ed the image per their installation instructions. This assumption will lead the below Confirm your version has support via CONFIG_BLK_DEV_INITRD kernel compile option. You can check /proc/config.gz for this..if you dont have it then modprobe configs Generate an […]

Read more

Test Post

Please ignore   /** * Insert your code here */ #!/usr/bin/env bash for i in $(echo “${LIST}”); do IP=$(nslookup $i | grep -iv 10.1.10.11 | grep -i address | cut -d “:” -f2 | tr -d ‘\r’ | xargs echo) if [ -z ${IP} ]; then IP=COULD_NOT_FIND_IP_FIND_MANUALLY fi echo “$i,${IP}” done  

Read more