I wrote this report for internal consumption shortly after the conference. As Monitorama 2018 approaches, I thought these notes could be useful for a wider audience to revisit the common themes and interesting questions from the previous year and to see what has been done to address them. ... Read more

This was my second ShmooCon. It was just as fun as the first time, and this time I did various other activities (solving a few of Raytheon’s CTFs, practicing lockpicking, looking at all the codes in the conference program) in between interesting talks. For more details about the conference itself, see the last year’s report. ... Read more

This is a quick survey of available tools to monitor a cloud-based (AWS or multi-cloud) infrastructure network. My conclusions and recommendations are at the bottom. ... Read more

The Tel-Aviv instance of DevOps Days was interesting to me for two reasons. The first one is there’s a ton of innovation happening in Israel, so there’s a chance of hearing new things; yet Israel is far enough from Silicon Valley that its thinking and opinions are distinct from the San Francisco area monoculture. ... Read more

ShmooCon is a security conference held yearly in Washington, DC. With around 2000 participants, it has an audience large enough to fill 3 tracks and provide a range of extra-curricular activities, yet it is much less crazy than events like DefCon (which is ten times the size). ... Read more

As usual, Linux needs a bit of under-the-hood wrenching to get things working. HP is actually doing Linux support commendably compared to its peers (see hplip). However, in this case a bit of extra grease was needed. ... Read more

Currently, there is an explosion of tools that aim to manage secrets for automated, cloud native infrastructure management. Daniel Somerfield did some work classifying the various approaches, but (as far as I know) no one has made a recent effort to summarize the various tools. This is an attempt to give a quick overview of what can be found out there. The list is alphabetical. There will be tools that are missing, and some of the facts might be wrong–I welcome your corrections. For the purpose, I can be reached via @maxvt on Twitter. ... Read more

Today I noticed that my Linode does not restore its iptables configuration after reboot. This is how the investigation progressed. I have opened a ticket with Linode to update the relevant documentation. ... Read more

This is a short collection of links I used to keep myself entertained while living in Boston. Hopefully they will help you find something interesting to do in your free time there. The order is roughly the frequency I visited those sites to find something good. ... Read more

This is a warmup-level challenge written in Python. The service opens a TCP socket on port 56098 and listens for commands to store or read a temperature reading based on time and location. The data is stored into a single flat file. Simply interacting with the service over telnet would not work, as the service only attempts to read once. The protocol is very easy to reconstruct by reading the source, though, and writing a small client to store and load data takes all of two minutes. ... Read more