Blog



2020

Introduction to BGP Routing and Security - Part 2: Preventing Transit

Preventing your autonomous system from becoming a transit AS.

Saturday 31st October 2020

BGP DN42 Guide

Tor is a Great SysAdmin Tool

Using Tor to aid various system administration tasks, including checking firewall rules, bypassing internal network restrictions and connecting to remote systems that are behind NAT/CGNAT.

Sunday 9th August 2020

Security Tor

Introduction to BGP Routing and Security - Part 1: BGP Peering with Quagga

Installing and configuring the Quagga network routing software suite and establishing a BGP peering session to exchange routing information.

Monday 1st June 2020

BGP DN42 Guide

Using SPF Macros to Solve the Operational Challenges of SPF

Improving the maintainability, auditability and effectiveness of your SPF policy using SPF macros.

Monday 11th May 2020

Security RFC Guide

Introduction to BGP Routing and Security - Prelude: Connecting to the DN42 Overlay Network

Registering your own AS (Autonomous System) and IP address ranges in the DN42 registry, and then connecting to a peer with a VPN tunnel.

Tuesday 31st March 2020

BGP DN42 Guide

Restricting Who Can Issue Certificates for Your Domain with CAA

Using Certificate Authority Authorisation (CAA) to restrict the Certificate Authorities that are permitted to issue certificates for your domain.

Thursday 13th February 2020

Security TLS RFC

Testing Your Ability at Spotting Lookalike Domain Names

Creating a JavaScript app to test how good you are at identifying potential lookalike domain names.

Sunday 12th January 2020

Security Domain Names


2019

Securing Inbound Email Transport with MTA-STS and STARTTLS-Everywhere

Implementing the new MTA-STS specification and adding your domain to the STARTTLS-Everywhere list to help secure inbound email transport.

Friday 27th December 2019

Security TLS RFC

A Look at PureDarwin - an OS based on the open source core of macOS

An overview of the PureDarwin project, which is a community effort to produce a more usable version of Darwin OS, the open source base behind modern Mac OS.

Wednesday 27th November 2019

Apple Virtualisation

Understanding PGP/GPG Key Server Output

A reference guide to PGP/GPG key server search output.

Saturday 26th October 2019

Security Guide

Deploying a Tor Onion v3 Hidden Service Using Ansible

Using the Ansible configuration management tool to automatically deploy a Tor Onion v3 Hidden Service to a Linux machine.

Monday 16th September 2019

Security Tor Guide

Serving security.txt Using a Cloudflare Worker

If your Content Management System or hosting provider doesn't allow you to host a proper security.txt file, you can instead use Cloudflare Serverless Workers to serve the file directly from Cloudflare.

Wednesday 31st July 2019

Security Guide

Automating the Integrity Verification Process for Downloaded Software

A script to automatically download and perform integrity verifications for specific pre-programmed software packages.

Wednesday 19th June 2019

Security

My Interview With Giulio D'Agostino

I was recently a guest on the 'Conversations in Cyberspace' podcast.

Saturday 11th May 2019

Security Meta

Managing Your SSH known_hosts Using Git

Using Git to centrally manage, verify, update and distribute your SSH known_hosts.

Tuesday 23rd April 2019

Security

Installing UBports Ubuntu Touch on the Meizu MX4 Ubuntu Edition

Installing UBports Ubuntu Touch on the original Meizu MX4 Ubuntu Edition using ubports-installer.

Thursday 21st March 2019

Ubuntu

Forwarding Tor Hidden Services to Another Server Across the Internet

Using a reverse HTTP proxy to forward Tor Hidden Services across the internet to another server.

Tuesday 26th February 2019

Security Tor Apache

Taking Content Security Policy to the Extreme! - Policies on a Per-page Basis

Implementing a Content Security Policy on your PHP website with fine-grain control over the policy on a per-page basis.

Saturday 19th January 2019

Security Apache

Restricting and Locking Down SSH Users

Restricting SSH users to specific commands, directories and system access.

Sunday 13th January 2019

Security Guide

Introduction to Reverse Engineering with radare2 Cutter - Part 3: Solving a Crackme Challenge

Solving a beginner crackme challenge using radare2 Cutter.

Saturday 5th January 2019

Reverse Engineering Guide


2018

Transferring Domain Names to Cloudflare Registrar

Screenshots and information on the transfer-in process for Cloudflare Registrar.

Sunday 23rd December 2018

Domain Names

Using a Bloom Filter to Anonymize Web Server Logs

Anonymizing personal data in web server access logs in order to improve data security and comply with the GDPR.

Monday 17th December 2018

Security Apache

Introduction to Reverse Engineering with radare2 Cutter - Part 2: Analysing a Basic Program

Analysing a basic program using static analysis in radare2 Cutter.

Saturday 17th November 2018

Reverse Engineering Guide

Booting a Physical Windows 10 Disk Using VirtualBox on Linux

Configuring VirtualBox on Linux to boot a physical Windows 10 disk connected via SATA or USB.

Friday 9th November 2018

Virtualisation Guide

Introduction to Reverse Engineering with radare2 Cutter - Part 1: Key Terminology and Overview

An overview of some key reverse engineering terminology and details on the various interfaces and tools available in radare2 Cutter.

Tuesday 23rd October 2018

Reverse Engineering Guide

Automatically Testing Your Content Security Policy Using Travis-CI and Headless Chrome Crawler

A Travis-CI build configuration for automatically testing your website's Content Security Policy.

Saturday 28th July 2018

Security Apache Chrome

Launching a Public HackerOne Security Vulnerability Disclosure Program

A write-up of launching the public HackerOne security vulnerability disclosure program for JamieWeb.

Friday 11th May 2018

Security Bug Bounty

Using a Public Wi-Fi Hotspot Securely

Connecting to hotel Wi-Fi through a Raspberry Pi and forwarding an external VPN connection.

Tuesday 8th May 2018

Security Guide

Let's Encrypt SCTs in Certificates

Let's Encrypt certificates now have Signed Certificate Timestamps (SCTs) included by default.

Wednesday 4th April 2018

Security TLS Chrome

Disabling TLS 1.0 and TLS 1.1

Assessing browser compatibility and disabling older TLS protocol versions.

Tuesday 13th March 2018

Security TLS Apache

Registering a Namecoin .bit Domain

Using Namecoin Core to register a .bit domain and setting up ncdns.

Tuesday 16th January 2018

Security Namecoin Guide

Tor Onion v3 Vanity Address

Generating a vanity address for Onion v3 Hidden Services.

Saturday 6th January 2018

Security Tor


2017

security.txt Internet Draft

A look at the security.txt draft specification.

Tuesday 26th December 2017

Security RFC

Tor Onion v3 Hidden Service

Testing the new Tor Onion v3 Hidden Services.

Saturday 21st October 2017

Security Tor

iPad Mini iOS 6

Using iOS 6 on the iPad Mini + iOS 6 Security.

Tuesday 19th September 2017

Security Apple

Pastebin Keyword Alerts

Using the Pastebin Alerts Service.

Saturday 2nd September 2017

Security Pastebin

Upgrading to IPv6

Setting up and configuring IPv6 on JamieWeb.

Saturday 5th August 2017

IPv6 Apache

Hosts File Site Blocking

Blocking sites using the hosts file and an integrity verification script.

Saturday 15th July 2017

Security

How to Install and Configure 'InspIRCd' on Linux

In-depth guide for installing and configuring InspIRCd on Linux.

Tuesday 16th May 2017

Guide IRC

Creating the IRC Drawing Bot

Thought process and development of the IRC Drawing Bot.

Sunday 14th May 2017

IRC

Chrome Site Whitelist Extension

Discussing the Chrome extension that I am developing.

Tuesday 7th March 2017

Security Chrome

Subgraph OS Overview

An overview of Subgraph OS: Adversary Resistant Computing.

Tuesday 21st February 2017

Security

Tor Hidden Service

Setting up a Tor Hidden Service for my site.

Sunday 12th February 2017

Security Tor

Blocking Exloitable Content

Blocking exploitable web content in your browser.

Tuesday 7th February 2017

Security

Proof Of Timestamp

Cryptographically proving a timestamp.

Thursday 19th January 2017

Security

Identicon Gravity Animation

Animated collapsing identicon.

Thursday 5th January 2017

Meta


2016

New Site Design + Layout!

New, more modern looking design, built better.

Wednesday 14th December 2016

Meta

Plainsight Enciphering Demo

Enciphering text and files using Plainsight.

Sunday 4th December 2016

Security

iPhone System Clock

iPhone 4 behaving strangely because of an incorrect system clock.

Saturday 3rd December 2016

Apple


2015

Ubuntu Phone Review

A month with the Ubuntu Phone.

Wednesday 9th September 2015

Ubuntu