secrets in docker secret secret I’ve got a secret. It looks like hter is some stuff that is in docker 1.13.1 that allows you to do native secret storage…. swarm-secrets-in-action/ vortex keyboards I have two different vortex keyboards, the pok3r and the core 40%. I really like vortex keyboards. the only annoything thing is that their firmwares are only released as exe files and since I dont actually have anything that runs windows anymore, this presents a problem....

new month Lets hope that I can get back in the swing of things with what I learned. The past month has been pretty chaos filled and I have not been very good at updating this. Here we go.

Headless chrome headless Chrome this allows you to run chrome headless style. This can allow you to script chrome. This could lead to some interesting things. kali virtual becuase I dont like to run around with extra laptops I got kali up and running virutally. Yea I know I miss a few things with it this way but I don’t mind. Kali virtualbox Networking is turning out to be a PITA, which means that the best way to do networking with Virtualbox and kali is to just use a usb wifi dongle....

bullet journal conversion I have been using bullet journal for a time now and finding that the paper notebook is difficult for my lifestyle and for at work where I spend my life on the computer and I just don’t want to have to carry the notebook and my laptop with me every time. I understand that part of the concept of the bujo is to physically write things. However this is a difficult task when I carry my laptop around with me everywhere I go....

Git all the things Git is fantastic and I try to use it wherever I can. However outside of git, source control is a must. If a system does not support source control or version-ing then you need to make something that does. F5 does not do an elegant source control. So, I wrote an interface for the rest API that run every hour in Jenkins. It downloads the irule data then adds it to git....

akamai user segmentation cloudlet Akamai is a massive CDN. When someone needs to do an A-B test or a phased rollout a cdn makes things a bit tricky. There are these things called cloudlets that the cdn can leverage to do other magic tasks. One of those tasks is an AB test. Where when you have a cached paged the cloudlet can be configured to tunnel through the cache and send the traffic for a various experiment back to the origin....

SSH Sometimes you jsut need to ssh in to a specific port on a host, becuase well running ssh on a standard port is often a bad idea. ssh asdfasdf -p 80` (lowercase p) scp Again if ssh is then running on a different port you are going to need to use scp on a different port. A similar syntax is needed for that. scp -P 80 … # Use port 80 to bypass the firewall, instead of the scp default (uppercase P)...

sublime from the terminal I live in a terminal but I am not great at vim yet so lets embed sublime instead of vim… ln -s /Applications/Sublime\ Text.app/Contents/SharedSupport/bin/subl /usr/local/bin/sublime this creates a symlink for the sublime cli command so you can run sublime filename (replace “filename” by an actual file name) or sublime foldername (replace “foldername” by an actual folder name) or even sublime . (to open the entire current directory)...

BitBar Bitbar is a handy extension that you can use with Macos that allows things in the notification bar at the top of the screen. The excellent part about it, is that it uses python to render the data. Python rocks which means it is super simple to get any and all data in there. linke to find bitbar is here: bitbar

Node profiling There is a handy dandy performance profileer that I made use of today. nodejs-dashboard nodejs-dashboard It is easily configured to be added at runtime with: nodejs-dashboard -- node -r nodejs-dashboard index.js if you check the git repo you can see all the magic that can be done with the dashboards. I find it useful for heap usage and cpu. docker gotcha There is a feature in docker called autorestart....

changing root username to groot First things first, if you are going to do this you should have a root shell already open. If you do any of these commands as sudo, odds are good it won’t work. Honestly who doesn’t want to see all of the old files owned by root suddenly become owned by groot?!?! This has got to be the best worst idea I have had in a while....

SSH I use ssh all day all the time. But usually it is pretty standard login, shared keys and move into my tmux session. Other times its used a saved command to open a tunnel and doing some port forwards. Today and the last couple days I have tarted to fill in some of the bits and pieces to really configure ssh. That and I want to use ansible more to make my life easier, which of course leverages ssh quite a bit to get the job done....

#SSH Key rotation! In some circles ssh key rotation is terrifying and considered a massive headache. In security circles the lack of key rotation is a ripe target to compromise ALL the things. How do we solve this? Well you can write a bash script that is going to go through a list of hosts and then do an ssh-copy-id to each host, but this is not going to invaliadate the old keys it is just going to dd the new ones....

Local macos docker file system filled up Docker for macos has a bit of a bug that over time this file grows and chews up the availaable storage space that the daemon and containers are allowed to use. Even if you remove all containers, volumes and images, space usage will persist. The fix is to simply remove this one file. rm ~/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/Docker.qcow2 and then restart docker I found it on docker fourms here: no-space-left-on-device-error...

filespace and inodes Reminder - you can run out of inodes on a system and still have plenty of space on it. We were seeing this error with jenkins Aug 25, 2017 3:14:33 PM net.bull.javamelody.JavaLogger warn WARNING: exception while collecting data: java.io.FileNotFoundException: /apps/jenkins/monitoring/xxx/http66ee24a2ec3f919f7da7c6a424e9dba4d059e1de.rrd (No space left on device) java.io.FileNotFoundException: /apps/jenkins/monitoring/xxx/http66ee24a2ec3f919f7da7c6a424e9dba4d059e1de.rrd (No space left on device) when I ran a df -h i saw $ df -h Filesystem Size Used Avail Use% Mounted on … /dev/mapper/jenkinsvg-jenkinslv 20G 6....

Whats a reverse shell? It’s that turtle that you jump on and it bounces off a wall and comes back at you right? Not quite but, you aren’t alone in ignorance. It is surprising that the number of folks that don’t actually know what a reverse shell is. Long story short, it is when one computer connects to another computer but the initiating computer forwards their shell to the destination. It is commonplace that a reverse shell happens during an attack or as part of a pentest....

Furl Furl is a python package that enables the manipulation and use of urls. I think it is fantastic and much more readable than the string concat methods employed by many. github - furl How does it work? from furl import furl f = furl('https://someapi/v2/checks/data') query_string={"range":"last_hour", "metrics": ["server_time", "dom_load_time","start_render", "onload_time","visually_complete","fully_loaded_time","speed_index"],"api_key":"xxxxxx"} f.args = query_string print f.url What it does is abstract the elements of the url. This allow it to start with a base url and then very easily add query string params to it....

Python functions, *args, **kwargs Why use args and kwargs with python? A little while ago I did not understand kwargs, I find that to write about something helps build an understanding of a topic and it allows the information to be digested, much like rubber ducking. Also, because learning is fun and filling in knowledge gaps is better, here we go. rubberduckdebugging I am going to borrow a number of examples from the digital ocean tutorial about this because the way that they explained it really helped me to understand it....

VIM Evil, evil, vim or is that zim because vim isn’t evil but neither was zim? Nope definitely vim, that’s whatI want to talk about today. That and ripgrep. I find myself bouncing between vim and sublime depending on what I am doing. Either way I went back into vim today and found a nice plugin that leverages ripgrep. The repo for ripgrep can be found here: ripgrep . Although it is a simple install on mac with abrew install ripgrep,you will need to install the rg binary in order to get the vim plugin to work right....

git branching How about a git refresher moment to remember how to use git. Different people and places have different ideas behind how source control should be handled. I have started a new job so I thought that it would be a good idea to refresh my knowledge on git branching strategies. Alright we have done a clone of a repo, next step is to do a branch. Part of that step is doing a checkout of the master...