Using stunnel and TinyProxy to obfuscate HTTP traffic

Recently there has been a lot of coverage in both tech and non-tech news outlets about internet privacy and how to prevent snooping both from service providers and governments. In this article I am going to show one method of anonymizing internet traffic; using a TLS enabled HTTP/HTTPS Proxy. In this article we will walk through using stunnel to create a TLS tunnel with an instance of TinyProxy on the other side.

Using salt-ssh to install Salt

In recent articles I covered how I’ve built a Continuous Delivery pipeline for my blog. These articles talk about using Docker to build a container for my blog, using Travis CI to test and build that container, and finally using a Masterless SaltStack configuration to deploy the blog. Once setup, this pipeline enables me to publish new posts by simply managing them within a GitHub repository. The nice thing about this setup is that not only are blog posts managed hands-free.

Creating a swap file for tiny cloud servers

A few months ago while setting up a few cloud servers to host one of my applications. I started running into an interesting issue while building Docker containers. During the docker build execution my servers ran out of memory causing the Docker build to fail. The servers in question only have about 512MB of RAM and the Docker execution was using the majority of the available memory. My solution to this problem was simple, add a swap file.

A Quick and Practical Reference for tcpdump

When it comes to tcpdump most admins fall into two categories; they either know tcpdump and all of its flags like the back of their hand, or they kind of know it but need to use a reference for anything outside of the basic usage. The reason for this is because tcpdump is a pretty advanced command and it is pretty easy to get into the depths of how networking works when using it.

Understanding Exit Codes and how to use them in bash scripts

Lately I’ve been working on a lot of automation and monitoring projects, a big part of these projects are taking existing scripts and modifying them to be useful for automation and monitoring tools. One thing I have noticed is sometimes scripts use exit codes and sometimes they don’t. It seems like exit codes are easy for poeple to forget, but they are an incredibly important part of any script. Especially if that script is used for the command line.

Removing packages and configurations with apt-get

Yesterday while re-purposing a server I was removing packages with apt-get and stumbled upon an interesting problem. After I removed the package and all of it’s configurations, the subsequent installation did not re-deploy the configuration files. After a bit of digging I found out that there are two methods for removing packages with apt-get. One of those method should be used if you want to remove binaries, and the other should be used if you want to remove both binaries and configuration files.

Using sysdig to Troubleshoot like a boss

If you haven’t seen it yet there is a new troubleshooting tool out called sysdig. It’s been touted as strace meets tcpdump and well, it seems like it is living up to the hype. I would actually rather compare sysdig to SystemTap meets tcpdump, as it has the command line syntax of tcpdump but the power of SystemTap. In this article I am going to cover some basic and cool examples for sysdig, for a more complete list you can look over the sysdig wiki.

Understanding the kill command, and how to terminate processes in Linux

One of my biggest pet peeves as a Linux sysadmin is when I see users, or even other sysadmins using kill -9 on the first attempt to terminate a process. The reason this bugs me so much is because it shows either a lack of understanding of the kill command or just plain laziness. Rather than going on a long rant about why this is bad, I wanted to write an article about the kill command and how signal works in Linux.

Sending redis traffic through an SSL tunnel with stunnel

Lately if you have been paying attention to tech or even mainstream media you might have seen a few stories about data breaches. Sometimes these data breaches have allowed attackers to gather unencrypted passwords or credit card numbers. In the past these types of attacks still happened, but there was not as many attacks as today and when they happened they were kept secret. With more and more internet based services becoming part of peoples lives, there is even more targets for attackers who are looking to get sensitive data.

Converting files from Windows format to Unix format with dos2unix

Ever run a shell script and get the following error?

./ : bad interpreter: No such file or directory The error may look like there is a problem with your scripts SHEBANG where you specify the interpreter, so you go look and the line contains #!/bin/bash which is correct. So then you start wondering if there is a problem with the /bin/bash binary, and all sorts of thoughts of what would happen if /bin/bash was missing or broken start racing through your head.