devops - Nom. Tech. Bytes.

devops

A collection of 13 posts

AWS EKS ASAP

EKS is a powerful CaaS solution for hosting k8s in AWS. Though setting up a cluster can be a convoluted task, this quick point of reference will help you strap on those elastic pants and get deploying. We'll first dive into what deploying EKS looks like and what additional resources

Sailing the AWS IaC Seas

devops Featured

Sailing the AWS IaC Seas

Infrastructure as Code is an incredibly valuable solution with a ton of applicable use cases in modern cloud practices. Often times I'm approached to build out solutions from scratch or from existing cloud environments using either CloudFormation (AWS IaC) or Terraform. Both these solutions present benefits in multiple ways and

Kubernetes Self Hosted Home Lab

Kubernetes Self Hosted Home Lab

This post covers how to install Docker & Kubernetes on Windows 10 Pro/Ent using Hyper-V/PowerShell/Chocolatey. Ensure Hyper-V features are enabled before proceeding. All commands are run via PS. — Docker Setup — Install Chocolatey: Set-ExecutionPolicy Bypass -Scope Process -Force; iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1')

CDN Features w/ Cloudflare

CDN Features w/ Cloudflare

The following content is a summary of the security features Cloudflare offers to help mediate web hosting risk. Cloudflare is a Content Delivery Network that focuses on simplicity and ease of use. In order to setup, you create DNS records and follow a few incredibly easy steps. But what's this

SysOps AWS Certification Preparation

SysOps AWS Certification Preparation

This post covers how I prepared for the test, and the resources I used. After using AWS for 5 years I decided achieving and attaining this would be something beneficial. I enjoy using AWS and think in terms of evolving the space they're still the go-to in 2019. I'll share

DUO MFA for RADIUS VPN Connections

DUO MFA for RADIUS VPN Connections

This post covers implementation for MFA via firewall VPN connections using RADIUS authorization. 1.) Log into your DUO admin panel and create an application for RADIUS. 2.) Install the DUO Auth Proxy client on the server you wish to use to submit the RADIUS requests from. You'll specify the Integration

AWS Tools

A collection of 3rd party AWS tools. Defensive: Scout2: https://github.com/nccgroup/ScoutSuite Prowler: https://github.com/toniblyx/prowler CloudMapper: https://github.com/duo-labs/cloudmapper CloudTracker: https://github.com/duo-labs/cloudtracker PMapper: https://github.com/nccgroup/PMapper AWS Inventory: https://github.com/nccgroup/aws-inventory Offensive: Pacu: https://github.com/

Windows 2016 Domain Controller Setup

Windows 2016 Domain Controller Setup

This guide assumes you have a hypervisor and VMs and/or physical boxes to support setup. This guide uses a fresh install of Server 2016. Install the following roles by opening up server manager and enabling the following: Active Directory Domain Services DHCP Server DNS Server File and Storage Services

MSSQL .BAK Encryption

MSSQL .BAK Encryption

This post goes over TSQL commands to setup and test encrypted backups for MSSQL. Commands provided are intended to be ran on both a Source and Target instance. These should be ran using an SA account to avoid permission issues. If storage paths don't work, just use c:\temp\ and

Drupal/WordPress Environment w/ Docker

Drupal/WordPress Environment w/ Docker

This Tutorial assumes your have Docker Toolbox installed and fully operational. Within Docker Quickstart Terminal get a copy of the latest MySQL image: $docker pull mysql Start your MySQL container running: $docker run --name mysql -e MYSQLROOTPASSWORD=example -d mysql Get a WordPress image: $docker pull wordpress Get your WordPress

Selenium Setup in Visual Studio

Selenium Setup in Visual Studio

This is a generalized guide for configuring Selenium on Windows. 1. Create a directory named Selenium under C:\ 2. Copy the directory downloaded from http://docs.seleniumhq.org/download/ in this example I'm setting up the Java specific package. 3. Within IE set all Security Zones to the same protection

Chocolatey w/ PsExec for Patch Management

Chocolatey w/ PsExec for Patch Management

This post covers deploying Chocolatey [https://chocolatey.org/] to enterprise devices. The idea is to provide a solution for 3rd party product patching that's both free, and automated. To start you'll need domain admin privileges and just a couple minutes. First, we'll need psexec installed on one machine within the

FrankenClam for Windows (ClamWin/ClamAV and Yara)

FrankenClam for Windows (ClamWin/ClamAV and Yara)

This guide is for piecing together an opensource solution to trigger AV + macro detection upon files upload within web applications. Installed Software: http://www.clamwin.com/content/view/249/1/ https://www.python.org/downloads/release/python-371/ https://github.com/VirusTotal/yara/archive/v3.8.1.zip https://github.com/