After posting previously about dipping my toe in the Infrastructure as Code waters with Terraform, a kind individual (who requested staying nameless) asked if I’d encountered AWS’ native Cloud Deployment Toolkit (CDK). I vaguely remember seeing a Beta announcement sometime back when the toolkit was first announcement, but had discounted at the time as it […]
Author archives: infosanity
AWS CLI – Forcing MFA
If you’re planning on using AWS efficiently, you’re going to want to automate with the CLI, various SDKs and/or the relatively newly released Cloud Development Kit (AWS-CDK). This typically requires an access key pair, providing access to your account, and in need of being secured against abuse. Adding MFA capabilities to the account reduces a […]
Cowrie SSH Honeypot – AWS EC2 build script
Happy New Year all! Whilst eating FAR too much turkey and chocolates over the festive break, I’ve managed to progress a couple of personal projects on (between stints on the kids’ Scalectrix track, thanks Santa). Still tasks to do(*), but a working EC2 User-Data script to build to automate deployment Cowrie honeypot has reached MVP […]
[Project] AWS-Card-Spotter – Terraform deployment
tl;dr – this project can now be deployed automatically with a Terraform script Last project update, I introduced my project to leverage AWS resource to identify if pictures uploaded to an S3 bucket might contain images of credit cards, and in turn need special handling under an organisation’s PCI DSS processes. And it worked! But […]
A Northern Geeks trip, well, home(ish)
Back in the annals of time (2011) I wrote about my first experiences at a security conference; the first UK BSides in London. To say that that con had a big impact on my career is an understatement, but that’s a story for another day. That experience was exactly why; when catching up with an […]
[Project] AWS-Card-Spotter
I’ve been (very) quite recently for a number of reasons which I’ll not bore everyone with; but I have recently started to get my hands dirty in the new (to me) world of AWS. As an ex-physical datacentre hosting monkey, this takes a bit of getting used to as I’m still seeing things through the […]
A Northern Geek's trip South West
June has been a busy month, hot on the heels from BSides London (review here), I again found myself on a train BSides-bound, this time heading for Liverpool. Before getting to the tech, I’ll point out that this was my first time in Liverpool. After a very brief visit I found the city to be […]
A Northern Geek's Trip South – 2019 edition
How time flies; and with it, another BSides London is a long distant memory. My itinerary for the pilgrimage South was familiar, mostly following a well worn pattern InfoSec Europe Tuesday BSides itself Wednesday Thursday? Recovery time in the capital, before heading for the train back to (my) civilised society. And throughout: a generous smattering […]
Sanitising WSA export dates
Released today, sanitiseWebroot.py simply reads the standard Webroot Secure Anywhere (WAS) “export to CSV” output, modifies the date fields to a more manageable formate and creates a new version of the dataset.
Google Glass: New threat or business as usual?
Woke this morning to find several articles covering the release of a short script designed to locate and ultimately block wearers of Google Glass from accessing a wireless network. This was apparently released in response to someone else’s discomfort from knowing there was a wearer of Google Glass in an audience, mostly due to the recording/stream capabilities. […]