Session Manager For some time I’ve come to rely on AWS’s Session Manager for remote administration of my EC2 instances. The ability to drop into a admin shell with nothing other than a browser is too handy to pass up. Especially when you can begin removing ingress points which can be abused, reducing attack surface […]
Category archives: Uncategorized
Bad workmen – a Terraform Lambda deployment story
You know the old adage of “a bad workman blames their tools”? Well, guilty as charged… When I built my AWS-cardspotter project with Terraform, the main goal was to learn Terraform, which I had no/limited/not-enough experience with at the time. Looking back at that initial deployment (it’s awful, please don’t judge me, or use as […]
AWS CLI – MFA with aws-vault – making it seamless
Oooof! That’s a long title, but I realised after last post (did you miss last episode? catchup here) that whilst the post covered all the technical requirements for getting aws-vault operational, it missed some steps to truly integrate with your current workflows, without introducing additional cycle. So without additional pre-amble, introducing…… credential_process=…. As it’s name […]
A Northern Geeks trip, well, nowhere
It’s hard to judge time given current non-technical ongoings, but it’s (about) a year since the “A Northern Geeks trip…..” series stayed close to home. That was the inaugural BSides Newcastle, and somehow it came time for the 2020 edition. Which brought about some changes; firstly, C-19 forced the organising team to abandon some amazing […]
[Project] AWS-Card-Spotter – Terraform deployment
tl;dr – this project can now be deployed automatically with a Terraform script Last project update, I introduced my project to leverage AWS resource to identify if pictures uploaded to an S3 bucket might contain images of credit cards, and in turn need special handling under an organisation’s PCI DSS processes. And it worked! But […]
A Northern Geeks trip, well, home(ish)
Back in the annals of time (2011) I wrote about my first experiences at a security conference; the first UK BSides in London. To say that that con had a big impact on my career is an understatement, but that’s a story for another day. That experience was exactly why; when catching up with an […]
[Project] AWS-Card-Spotter
I’ve been (very) quite recently for a number of reasons which I’ll not bore everyone with; but I have recently started to get my hands dirty in the new (to me) world of AWS. As an ex-physical datacentre hosting monkey, this takes a bit of getting used to as I’m still seeing things through the […]
Ranting at the youth
Since graduating back in 2006 I’ve been honoured by Northumbria University by being asked to return and speak with their students with the hindsight of having spent time out in industry, I covered my last trip here. So when I got an email at the tail end of last year I didn’t think twice in […]
Online Bank Cards
The reaction most people have when you point out people are naive enough to post pictures of credit and debit cards online is to laugh, surely no one could be that unaware of the risks. But the fact is that the situation has become that common place that a number of Twitter accounts have been […]
echo "fat" | sed s/a/i
I’m a geek (no surprises there), and thanks to too many hours hunched of the keyboard in the dark coding away into the small hours I’ve come to resemble the stereotype; overweight, four-eyed and (preferably) in black. I always assumed that this was me, and was happy with that; but towards the end of last summer there appeared to be an increase in geeks and hacker-types pushing to get fitter: Hackerrun came and went, and a couple of my clients participated in a local 10k run. So I thought I’d see what all the fuss was about and join in.