Connecting to a private Windows EC2 instance without exposing RDP to the internet
Let’s say you have a (Windows or Linux) EC2 instance in a private subnet and want to access it interactively. There are several ways to do this.
Systems
Beware of wilcards paths in sudo commands
Say you want to allow a non-root user on Linux to execute a couple of scripts as root or another user with more privileges. A common way of doing this is to ...
Handling and confirming (interrupt) signals in Python
Learn how to handle interrupts and other signals in Python.
Terraform: Change EC2 user_data without recreating instance
When you have set up your infrastructure with Terraform and then do any change to the user_data of a EC2 instance, Terraform will detect the change and gener...
Database backups via mysqldump: from MariaDB container to S3
For a little side project I wanted an easy way to perform regular backups of a MariaDB database and upload the resultant dump gzipped to S3.
Dockerfile Entrypoint: “file not found”
I was working with a fairly simple Dockerfile, defining an entrypoint and always got a “not found” error when trying to run the container.
Connecting to a host service from within a container using Docker for Mac
Use host.docker.internal to connect to your host machine.
Splitting a binary into chunks on Linux, and re-combining them on Windows
Recently, I needed to transfer a binary over a very limited network connection allowing only small packets to be sent. I ended up splitting the binary into p...
Disabling NX in Linux via Kernel Parameter (using GRUB)
To boot Linux without Data Execution Prevention, so that the OS doesn’t mark certain memory regions as non-executable, we…
Getting started with Terraform and Infrastructure as Code
Introduction on how to write infrastructure resource definitions and execute them using Terraform.
Running commands in a specific user context in PowerShell
Using the Invoke-Command Cmlet, you can execute a script block in the security context of a different user.
Running ESXi on Intel NUC8i7HVK (with 64 GB of RAM)
I recently bought an Intel NUC8i7HVK to work as an ESXi host. In this post I walk you through the process of installation and initial setup.
Pivoting: Setting up a port proxy with netsh on Windows
Pivot by setting up a portproxy between your machine and a machine in another network using “netsh interface portproxy add v4tov4 listenport= connectport= co...
Tunneling network traffic over DNS with Iodine and a SSH SOCKS proxy
Setting up a DNS tunnel and SOCKS proxy to send/receive data via restricted networks.
HTTP requests with PowerShell’s Invoke-WebRequest – by Example
A few examples on how to do http requests via PowerShell’s Invoke-Webrequest cmdlet.
Hidden in plain sight: Alternate Data Streams
Have you ever wondered how a file in a file listing is shown with size 0 bytes but can still contain data? Or maybe wondered where all that meta data is stor...
UnicodeError when running Python script via macOS LaunchAgent
If you are getting UnicodeErrors when reading/manipulating files using a Python script launched by a LaunchAgent or crontab, the problem might lie in the “cu...
Debugging stories: What’s that 404 error?
Here is a little story about resolving an issue with a web site that turned out not to be an issue with a web site :-)
Running a script in the Windows Local System account
Today I needed to debug a scheduled script and test its behavior when run in the Windows Local System account instead of my regular domain user’s (this was o...
Using launchd agents to schedule scripts on macOS
Even though launchd has been around for quite some time now, I was still using crontab for scheduling some of my scripts until recently. Since launchd Launch...
Using vi commands in your bash shell
Entering a long shell command and then moving the cursor around to correct parts of it always felt a bit clunky to me. I remembered some of the <ctrl>/...
Basic understanding of IPv4 addresses
In a recent project I needed to anonymize IP addresses in tracking data. While masking a few bits from an IP address is not so interesting, it’s a good excus...
VPN: Temporarily solve same subnet conflicts
I recently had the problem of needing to establish a connection to a server behind a VPN that was in the same subnet as the network I was connecting from. Ev...
Running Flask on macOS with mod_wsgi/wsgi-express
Tutorial on setting up your Flask application to run on macOS with WSGI
Sharing a VPN connection with another device on macOS Sierra/El Capitan
There are multiple reasons why you would want to share a VPN connection from your Mac with another device. Maybe you have to install a proprietary VPN client...