Most organisations don’t fail because they lack intelligence, capital, or ambition. They fail because leadership becomes arrogant, distant, and insulated from reality. Humility is not about being nice. It is about designing an organisation that can still hear the truth after it gets big. When you strip it down, most companies fall into one of two leadership models. 1. The … Continue reading “Corporate Humility Is Not Soft. It Is a Survival Trait.”
A Complete Guide to Archiving, Restoring, and Querying Large Table Partitions When dealing with multi-terabyte tables in Aurora PostgreSQL, keeping historical partitions online becomes increasingly expensive and operationally burdensome. This guide presents a complete solution for archiving partitions to S3 in Iceberg/Parquet format, restoring them when needed, and querying archived data directly via a Spring Boot API without database restoration. … Continue reading “Aurora PostgreSQL: Archiving and Restoring Partitions from Large Tables to Iceberg and Parquet on S3”
I decided to make this my final blog of the year. I wanted to write about the trends we can see playing out, both in South Africa and globally with respect to: Large Retailers, Mobile Networks, Banking, Insurance and Technology. These thoughts are my own and I am often wrong, so dont get too excited if you dont agree with … Continue reading “Banking in South Africa: Abundance, Pressure, and the Coming Consolidation”
1. Introduction Java 25 introduces a significant enhancement to application startup performance through the AOT (Ahead of Time) cache feature, part of JEP 483. This capability allows the JVM to cache the results of class loading, bytecode parsing, verification, and method compilation, dramatically reducing startup times for subsequent application runs. For enterprise applications, particularly those built with frameworks like Spring, … Continue reading “Java 25 AOT Cache: A Deep Dive into Ahead of Time Compilation and Training”
1. Introduction The Enterprise Service Bus (ESB) once promised to be the silver bullet for enterprise integration. Organizations invested millions in platforms like MuleSoft, IBM Integration Bus, Oracle Service Bus, and TIBCO BusinessWorks, believing they would solve all their integration challenges. Today, these same organizations are discovering that their ESB has become their biggest architectural liability. The rise of Apache … Continue reading “The Death of the Enterprise Service Bus: Why Kafka and Microservices Are Winning”
The Model Context Protocol (MCP) represents a fundamental shift in how we integrate Large Language Models (LLMs) with external data sources and tools. As enterprises increasingly adopt AI-powered applications, understanding MCP’s architecture, operational characteristics, and practical implementation becomes critical for technical leaders building production systems. 1. What is Model Context Protocol? Model Context Protocol is an open standard developed by … Continue reading “Model Context Protocol: A Comprehensive Guide for Enterprise Implementation”
Executive Summary CVE-2024-3094 represents one of the most sophisticated supply chain attacks in recent history. Discovered in March 2024, this vulnerability embedded a backdoor into XZ Utils versions 5.6.0 and 5.6.1, allowing attackers to compromise SSH authentication on Linux systems. With a CVSS score of 10.0 (Critical), this attack demonstrates the extreme risks inherent in open source supply chains and … Continue reading “Understanding and Detecting CVE-2024-3094: The React2Shell SSH Backdoor”
1. Introduction Understanding and testing your server’s maximum concurrent stream configuration is critical for both performance tuning and security hardening against HTTP/2 attacks. This guide provides comprehensive tools and techniques to test the SETTINGS_MAX_CONCURRENT_STREAMS parameter on your web servers. This article complements our previous guide on Testing Your Website for HTTP/2 Rapid Reset Vulnerabilities from a macOS. While that article … Continue reading “Testing Maximum HTTP/2 Concurrent Streams for Your Website”
Introduction In August 2023, a critical zero day vulnerability in the HTTP/2 protocol was disclosed that affected virtually every HTTP/2 capable web server and proxy. Known as HTTP/2 Rapid Reset (CVE 2023 44487), this vulnerability enabled attackers to launch devastating Distributed Denial of Service (DDoS) attacks with minimal resources. Google reported mitigating the largest DDoS attack ever recorded at the … Continue reading “Testing Your Website for HTTP/2 Rapid Reset Vulnerabilities from a macOS”
1. Size Was Once Mistaken for Stability For most of modern banking history, stability was assumed to increase with size. The thinking was the bigger you are, the more you should care, the more resources you can apply to problems. Larger banks had more capital, more infrastructure, and more people. In a pre-cloud world, this assumption appeared reasonable. In practice, … Continue reading “Why Bigger Banks Were Historically More Fragile and Why Architecture Determines Resilience”
1. Introduction In networking, OSPF (Open Shortest Path First) is a routing protocol that ensures traffic flows along the shortest and lowest cost path through a network. It does not care about hierarchy, seniority, or intent. It routes based on capability, cost, and reliability. Modern engineering organisations behave in exactly the same way, whether they realise it or not. Workloads … Continue reading “Comparing OSPF to Human Workload Resolution”
1. Introduction Java’s concurrency model has undergone a revolutionary transformation with the introduction of Virtual Threads in Java 19 (as a preview feature) and their stabilization in Java 21. With Java 25, virtual threads have reached new levels of maturity by addressing critical pinning issues that previously limited their effectiveness. This article explores the evolution of threading models in Java, … Continue reading “A Deep Dive into Java 25 Virtual Threads: From Thread Per Request to Lightweight Concurrency”
1. Introduction Garbage collection has long been both a blessing and a curse in Java development. While automatic memory management frees developers from manual allocation and deallocation, traditional garbage collectors introduced unpredictable stop the world pauses that could severely impact application responsiveness. For latency sensitive applications such as high frequency trading systems, real time analytics, and interactive services, these pauses … Continue reading “Deep Dive: Pauseless Garbage Collection in Java 25”
1. Introduction This guide walks you through setting up Memgraph with Claude Desktop on your laptop to analyze relationships between mule accounts in banking systems. By the end of this tutorial, you’ll have a working setup where Claude can query and visualize banking transaction patterns to identify potential mule account networks. Why Graph Databases for Fraud Detection? Traditional relational databases … Continue reading “MacOs: Getting Started with Memgraph, Memgraph MCP and Claude Desktop by Analyzing test banking data for Mule Accounts”
Introduction NMAP (Network Mapper) is one of the most powerful and versatile network scanning tools available for security professionals, system administrators, and ethical hackers. When combined with Claude through the Model Context Protocol (MCP), it becomes an even more powerful tool, allowing you to leverage AI to intelligently analyze scan results, suggest scanning strategies, and interpret complex network data. In … Continue reading “MacOs: Deep Dive into NMAP using Claude Desktop with an NMAP MCP”
Prepared statements are one of PostgreSQL’s most powerful features for query optimization. By parsing and planning queries once, then reusing those plans for subsequent executions, they can dramatically improve performance. But this optimization comes with a hidden danger: sometimes caching the same plan for every execution can lead to catastrophic memory exhaustion and performance degradation. In this deep dive, we’ll … Continue reading “Deep Dive into PostgreSQL Prepared Statements: When Plan Caching Goes Wrong leading to Memory Exhaustion”
1. What Are Stablecoins? Stablecoins are a type of cryptocurrency designed to maintain a stable value by pegging themselves to a reserve asset, typically a fiat currency like the US dollar. Unlike volatile cryptocurrencies such as Bitcoin or Ethereum, which can experience dramatic price swings, stablecoins aim to provide the benefits of digital currency without the price volatility. The most … Continue reading “Stablecoins: A Comprehensive Guide”
Modern sites often block plain curl. Using a real browser engine (Chromium via Playwright) gives you true browser behavior: real TLS/HTTP2 stack, cookies, redirects, and JavaScript execution if needed. This post mirrors the functionality of the original browser_curl.sh wrapper but implemented with Playwright. It also includes an optional Selenium mini-variant at the end. What this tool does Note: Advanced bot … Continue reading “Building an advanced Browser Curl Script with Playwright and Selenium for load testing websites”
Modern websites deploy bot defenses that can block plain curl or naive scripts. In many cases, adding the right browser-like headers, HTTP/2, cookie persistence, and compression gets you past basic filters without needing a full browser. This post walks through a small shell utility, browser_curl.sh, that wraps curl with realistic browser behavior. It also supports “fire-and-forget” async requests and a –count flag to … Continue reading “Building a Browser Curl Wrapper for Reliable HTTP Requests and Load Testing”
1. Executive Summary Amazon Aurora DSQL represents AWS’s ambitious entry into the distributed SQL database market, announced at re:Invent 2024. It’s a serverless, distributed SQL database featuring active active high availability and PostgreSQL compatibility. While the service offers impressive architectural innovations including 99.99% single region and 99.999% multi region availability, but it comes with significant limitations that developers must carefully … Continue reading “Amazon Aurora DSQL: A Deep Dive into Performance and Limitations”
When managing large PostgreSQL tables with frequent updates, vacuum operations become critical for maintaining database health and performance. In this comprehensive guide, we’ll explore vacuum optimization techniques, dive deep into the pg_repack extension, and provide hands-on examples you can run in your own environment. 1. Understanding the Problem PostgreSQL uses Multi-Version Concurrency Control (MVCC) to handle concurrent transactions. When rows … Continue reading “Deep Dive into PostgreSQL Aurora Vacuum Optimizations for Large Tables”
The script below monitors LDAP operations on a Domain Controller and logs detailed information about queries that exceed specified thresholds for execution time, CPU usage, or results returned. It helps identify problematic LDAP queries that may be impacting domain controller performance. Parameter: ThresholdSeconds Minimum query duration in seconds to log (default: 5) Parameter: LogPath Path where log files will be … Continue reading “Windows Domain Controller: Monitor and Log LDAP operations/queries use of resources”
When you deploy applications behind a Network Load Balancer (NLB) in AWS, you usually expect perfect traffic distribution, fast, fair, and stateless.But what if your backend holds stateful sessions, like in-memory login sessions, caching, or WebSocket connections and you need a given client to keep hitting the same target every time? That’s where NLB sticky sessions (also called connection stickiness … Continue reading “Deep Dive: AWS NLB Sticky Sessions (stickiness) Setup, Behavior, and Hidden Pitfalls”
Below is a fairly comprehensive passive penetration testing script with vulnerability scanning, API testing, and detailed reporting. Features Installation Required Dependencies Optional Dependencies Usage Basic Syntax Options Examples: Network Configuration Default Interface: en0 (bypasses Zscaler) To change the interface, edit line 24: The script automatically falls back to default routing if the interface is unavailable. Debug Mode Debug mode is enabled by default and … Continue reading “Macbook: Enhanced Domain Vulnerability Scanner”
If you’re like me, the idea of doing anything twice will make you break out in a cold shiver. For my Claude desktop, I often need network pcap (packet capture) to unpack something that I am doing. So the script below installs wireshark, and then the wireshark mcp and then configures Claude to use it. Then I got it to … Continue reading “Macbook: Setup wireshark packet capture MCP for Antropic Claude Desktop”
If you’re trying to figure out whats draining your macbook, even when the lid is closed – then try the script below (call with “sudo ./battery_drain_analyzer.sh”): If you see windowServer as your top consumer then consider the following: Finer grained optimisations: To optimise the power when the lid is closed, below are some options: 0 0
⚠️ LEGAL DISCLAIMER AND TERMS OF USE **READ THIS CAREFULLY BEFORE PROCEEDING** Legal Requirements: **AUTHORIZATION REQUIRED**: You MUST have explicit written permission from the system owner before running any of these tests **ILLEGAL WITHOUT PERMISSION**: Unauthorized network scanning, port scanning, or DoS testing is illegal in most jurisdictions **YOUR RESPONSIBILITY**: You are solely responsible for ensuring compliance with all applicable … Continue reading “MacOS Penetration Testing Guide Using hping3”
A SYN flood test using hping3 that allows you to specify the number of SYN packets to send and scales horizontally with a specific number of processes can be created using a Bash script with the xargs command. This approach allows you to distribute the workload across multiple processes for better performance. The Script This script uses hping3 to perform … Continue reading “Testing your sites SYN flood resistance using hping3 in parallel”
If you want to quickly health check your website, then the following script is a simple NMAP script that scans your site for common issues and formats the results in a nice report style. Here’s a comprehensive guide on how to fix each type of directory permission issue that the above script might find (for apache): 0 0
If you have tier 1 services that are dependant on a few DNS records, then you may want a simple batch job to monitor these dns records for changes or deletion. The script below contains an example list of DNS entries (replace these records for the ones you want to monitor). 0 0
This is (hopefully) a short blog that will give you back a small piece of your life… In technology, we rightly spend hours pouring over failure in order that we might understand it and therefore fix it and avoid it in the future. This seems a reasonable approach, learn from your mistakes, understand failure, plan your remediation etc etc. But … Continue reading “Technology Culture: The Sinking Car Syndrome”
Finding issues in SQL Server is not alway that easy. It can be NUMA issues, it can be DBCC settings, it can even be the CU (eg CU19). A friend sent me a very useful query a few years ago that really helped me fault find these issues. It was written by Glenn Berry, but I lost the query. Luckily … Continue reading “Ms Sql Server 2019 Diagnostic Query”
The Amazon EC2 console allows you to delete up to 50 Amazon Elastic Block Store (Amazon EBS) snapshots at once. To delete more than 50 snapshots, use the AWS Command Line Interface (AWS CLI) or the AWS SDK. To see all the snapshots that you own in a specific region, run the following. Note, replace af-south-1 with your region: Note: … Continue reading “AWS: Use the AWS CLI to delete snapshots from your account”
Most companies will have a fair amount of SQL databases and its likely that most of those databases are performing sub-optimally due to missing indexes. We can debate (for a long time) the pros and cons of indexes, but the undeniable reality is that having missing indexes on large tables create a lot of issues in production environments (including, slowness, … Continue reading “Sql Server: Query to View a list of missing indexes from your Sql Server database”
You can absolutely get the following from the AWS help pages; but this is the lazy way to get everything you need for a simple single account setup. Run the two commands below to drop the package on your Mac. Then check the versions you have installed: Next you need to setup your environment. Note: This is NOT the recommended … Continue reading “AWS: Install and configure the AWS CLI on a Macbook”
Below is a quick (am busy) outline on how to automatically stop and start your EC2 instances. Step 1: Tag your resources In order to decide which instances stop and start you first need to add an auto-start-stop: Yes tag to all the instances you want to be affected by the start / stop functions. Note: You can use “Resource Groups and … Continue reading “AWS: Automatically Stop and Start your EC2 Services”
I have seen many organisations restructure their technology teams over and over, but whichever model they opt for – they never seem to be able to get the desired results with respect to speed, resilience and quality. For this reason organisations will tend to oscillate from centralised teams, which are organised around skills and reuse, to federated teams that are … Continue reading “How to Optimise your Technology Teams Structure to improve flow”
Once you start using a zero trust network, the first causality is normally the Ping command. The gping (Graphical Ping) command line displays a color coded realtime graph of continuous pings to a specified host and it supports specifying alternate interfaces/gateways. First lets find which interface to use. The “arp -a” command is used to display the ARP cache on a … Continue reading “Macbook OSX: Using gping over a Zero Trust Network Client (like Zscaler)”
If you have multiple connections on your device (and maybe you have a zero trust client installed); how do you find out which network interface on your device will be used to route the traffic? Below is a route get request for googles DNS service: If you have multiple interfaces enabled, then the first item in the Service Order will … Continue reading “Mac OSX : Tracing which network interface will be used to route traffic to an IP/DNS address”
If you have just changed ISPs or moved house and your internet suddenly starts misbehaving the likelihood is your Maximum Transmission Unit (MTU) is set too high for your ISP. The default internet facing MTU is 1500 bytes, BUT depending on your setup, this often needs to be set much lower. Step 1: First check your current MTU across all … Continue reading “Finding and Setting the Maximum Transmission Unit (MTU) on a Windows Machine”
If you have just changed ISPs or moved house and your internet suddenly starts misbehaving the likelihood is your Maximum Transmission Unit (MTU) is set too high for your ISP. The default internet facing MTU is 1500 bytes, BUT depending on your setup, this often needs to be set much lower. Step 1: First check your current MTU. As you … Continue reading “Finding and Setting the Maximum Transmission Unit (MTU) on Mac/OSX”
I frequently forget this command shortcut, so this post is simply because I am lazy. To clear your history in iTerm press Command + K. Control + L only clears the screen, so as soon as you run the next command you will see the scroll back again. If you want to view your command history (for terminal) type: 0 … Continue reading “Macbook Tip: iTerm2 clearing your scroll back history”
There are three basic ways to secure email, these are: Sender Policy Framework (SPF), Domain Keys Identified Mail (DKIM), Domain-based Message Authentication, Reporting & Conformance (DMARC) definitions. Lets quickly discuss these before we talk about how to check if they have been setup: SPF helps prevent spoofing by verifying the sender’s IP address SPF (Sender Policy Framework) is a DNS record … Continue reading “Macbook: Check a DNS (web site) to see if basic email security has been setup (SPF, DKIM and DMARC)”
1. Find a list of IP addresses linked to a domain To find the IP address for a particular domain, simply pass the target domain name as an argument after the host command. For a comprehensive lookup using the verbose mode, use -a or -v flag option. The -a option is used to find all Domain records and Zone information. You can also notice … Continue reading “Macbook: Querying DNS using the Host Command”
Nikto is becoming one of my favourite tools. I like it because of its wide ranging use cases and its simplicity. So whats an example use case for Nikto? When I am bored right now and so I am going to hunt around my local network and see what I can find… Now lets pop across to nmap to get … Continue reading “Hacking: Using a Macbook and Nikto to Scan your Local Network”
If you see the error “The capture session could not be initiated on the device “en0″ (You don’t have permission to capture on that device)” when trying to start a pcap on wireshare you can try installing ChmodBPF; but I suspect you will need to follow the steps below: 0 0
When you open terminal you will see that it defaults the information that you see on the prompt, which can use up quite a bit of the screen real estate. Customize the zsh Prompt in Terminal Typically, the default zsh prompt carries information like the username, machine name, and location starting in the user’s home directory. These details are stored … Continue reading “Macbook: Changing prompt $ information in the mac terminal window”
This is a very short post to help anyone quickly setup vulnerability checking for a site they own (and have permission to scan). I like the vulners scripts as they cover a lot of basic ground quickly with one script. 0 0
The below script will give you basic information on a websites certificate: NMAP is provides a simple way to get a list of available ciphers from a host website / server. Additionally, nmap provides a strength rating of strong, weak, or unknown for each available cipher. First, download the ssl-enum-ciphers.nse nmap script (explanation here). Then from the same directory as the script, run … Continue reading “Mac OS X: View the details of a websites supported TLS certificates from terminal”
If you want to automatically renew your certs then the easiest way is to setup a cron just to call letsencrypt periodically. Below is an example cron job: First create the bash script to renew the certificate Now enter the script in the following format into nano: Now edit the crontab to run the renew script: 0 0
If you have ever tried to use jumbo packets, or trace a weird slowness on the network – one of the things that frequently comes up is packet fragmentation. This is basically where a source machine is sending bigger packets than can be consumed along its pathway to a destination machine. This means the packets will need to be split … Continue reading “Linux: Find the maximum packet size (MTU) between two hosts (using do not fragment flag)”
If you have ever tried to use jumbo packets, or trace a weird slowness on the network – one of the things that frequently comes up is packet fragmentation. This is basically where a source machine is sending bigger packets than can be consumed along its pathway to a destination machine. This means the packets will need to be split … Continue reading “Mac OS X: Find the maximum unfragmented packet size (MTU) to reach a host”
Imagine you have trauma and could figure out whats causing in under one minute. Obviously, the preference is an observability platform – but for my little wordpress site I don’t really have the budget. So I just use a few tools to isolate common issues. The idea behind this blog is to quickly isolate the fault by looking for errors … Continue reading “Linux: Diagnose your linux server in under a minute using standard (free) command line tools”
To retrieve a list of the SSL/TLS cipher suites a particular website offers you can either use sslscan or nmap alternatively you can just use nmap (note: i use “-e en0” to bypass zscaler): Another variant (including cert dates, again “-e en0” is used to bypass zscaler): 0 0
Web devs need to know the http headers their apps/webpages. This can be easily achieved using a browser plugin for Chrome or Firefox. But I prefer to use the command terminal, and curl makes this really easy. 0 0
DIG is an awesome command line utility to explore DNS. Below is a quick guide to get you started. Query Specific Name Server By default, if no name server is specified, dig will use the servers listed in /etc/resolv.conf file. To view the default server use: You can override the name server against which the query will be executed, use the @ (at) symbol followed by … Continue reading “Macbook: Exploring DNS using DIG (Domain Information Groper)”
Below is a dump of examples of doing pretty much the same thing differently. I mostly use netstat and lsof, coupled with some bash scripts. You can argue that this is overkill, but below is a simple bash function that you can paste into terminal and call it whenever you want to see which application/process IDs have open ports: Below … Continue reading “Macbook: Show which applications have ports open and to what IP address”
I think you’re a genius! You found this blog and your reading it – what more evidence do I need?! So why do you keep asking others to think for you? There is a harmful bias built into most technology projects that assumes “the customer knows best” and this is simply a lie. The customer will know what works and … Continue reading “Technologists: Please Stop asking for requirements 😎”
I always forget the syntax of SCP and so this is a short article with a simple example of how to SCP a file from your laptop to your EC2 instance and how to copy it back from EC2 to your laptop: Copying from Laptop to EC2 scp -i identity_file.pem source_file.extention username@public_ipv4_dns:/remote_path scp: Secure copy protocol-i: Identity filesource_file.extension: The file that you want … Continue reading “Macbook/Linux: Secure Copy from your local machine to an EC2 instance”
A lot of companies are moving to ZTNA (Zero Trust Network Architecture). This is generally a good thing, it helps cyber posture and it and makes life a lot easier as you no longer need to login to VPN tunnels to manage your cloud environment/s. But one of the few downsides of ZTNA is that (by definition) it cannot support … Continue reading “Macbook: Alternative to Ping (using TCP rather than ICMP)”
22 If you want to change the default mail client on your Mac then you can use a quick Python script to quickly change the default mail app. Copy/paste the following command into Terminal. Below I am setting Outlook to be the default mail client, but you can replace com.microsoft.Outlook with whatever application bundle identifier you use. Note: If you’re not sure … Continue reading “Macbook: Change the default Mail Client using Terminal/CLI (Command Line Interface)”
To view the list of nameservers your mac is using, simply open Terminal and paste the following: Alternatively, you can copy the DNS servers to clipboard directly from the command line (using pbcopy): 0 0
I am not going to tell you why you would need to flush your DNS cache (you will know if you need to). So, to flush DNS on a mac simply fire up Terminal and run the following sudo command: 0 0
I recently managed to explode my wordpress site (whilst trying to upgrade PHP). Anyway, luckily I had created an AMI a month ago – but I had written a few articles since then and so wanted to avoid rewriting them. So below is a method to create a backup of your wordpress mysql database to S3 and recover it onto … Continue reading “How to Backup your MySql database on a bitnami wordpress site”
If the fingerprint of your remote host changes you will see the following error message appear: There are many ways to fix this. The easiest of which is simply to delete your “known_hosts” file. This will mean you just need to accept new finger prints on all your SSH hosts. Yes, this is very lazy… 0 0
If you’re like me, little things bother you. When I turn on my bluetooth headset and it connects to my Macbook when its closed/sleeping, I get very frustrated. So I wrote a simple script to fix this behaviour. After running the script below, when you close the lid on your Macbook it will automatically turn bluetooth off. When you open … Continue reading “How to Automatically Turn your bluetooth off and on when you open and close your MacBook”
If you want to quickly test a URL for changes, then the linux Watch command couple with Curl is a really simple way to hit a URL every n seconds (I use this for blue/green deployment testing to make sure there is no downtime when cutting over): 0 0
If you are testing how your autoscaling policies respond to CPU load then a really simple way to test this is using the “stress” command. Note: this is a very crude mechanism to test and wherever possible you should try and generate synthetic application load. 0 0
Previously Macs would allow you to install software from anywhere. Now you will see the error message “NMAPxx.mpkg cannot be opened because its from an unidentified developer”. If you want to fix this and enable apps to be install from anywhere, you will need to run the following command line: Once you have run the script you should then see … Continue reading “How to Install Apps From Anywhere on Apple Mac”
bonuscide noun Definition of bonuscide: Bonuscide is a term used to describe incentive schemes that progressively poisons an organisation by ensuring the flow of discretionary pay is non does not serve the organisations goals. These schemes can be observed in two main ways, the loss of key staff or the reduction in client/customer base. Bonuscide becomes more observable during a … Continue reading “Definition: Bonuscide”
Introduction This article follows on from the “Cloud Migrations Crusade” blog post… A single tenancy datacenter is a fixed scale, fixed price service on a closed network. The costs of the resources in the datacenter are divided up and shared out to the enterprise constituents on a semi-random basis. If anyone uses less resources than the forecast this generates waste … Continue reading “Part 2: Increasing your Cloud consumption (the sane way)”
Back in the day I had to do quite a bit of COM / .Net interop. For some reason (and I cannot remember what it was), I need to be able to enumerate the COM running objects table (ROT). I think it was to do with createboject/getobject and trying to synthesis a singleton for an exe. The System.Runtime.InteropServices.Marshal.GetActiveObject method will … Continue reading “Iterating through the contents of the ROT (running objects table) using C#”
I remember getting weird flashing on my laptop and eventually figured out my icon cache was full. So if you ever get this, try running the script below. This is obviously quite a weird/random post – hope its helpful 🙂 0 0
In technology, there is a tendency to solve a problem badly by using gross simplification, then come up with a catchy one liner and then broadcast this as doctrine or a principle. Nothing ticks more boxes in this regard, than the principle of least privileges. The ensuing enterprise scale deadlocks created by a crippling implementation of least privileges, is almost … Continue reading “The Least Privileged Lie”
I was playing with S3 the other day an I noticed that a file which I had uploaded twice, in two different locations had an identical ETag. This immediately made me think that this tag was some kind of hash. So I had a quick look AWS documentation and this ETag turns out to be marginally useful. ETag is an … Continue reading “AWS: Making use of S3s ETags to check if a file has been altered”
If you need to test out your big data tools below is a useful set of scripts that I have used in the past for aws emr and redshift the below might be helpful: 0 0
So after getting frustrated (and even recreating my ec2 instances) due to a “Permission denied (publickey)”, I finally released that the worpress builds by default as set up for SSH using the bitnami account (or at least my build was). This means each time I login using ec2-user I get: Being a limited human being, I will never cope with … Continue reading “Setting up ssh for ec2-user to your wordpress sites”
Ok, so I am a windows dude and only after docker and K8 came along did I start to get all they hype around Linux. To be fair, Linux is special and I have been blown away with the engineering effort behind this OS (and also glad to leave my book of Daniel Appleman win32 api on the shelf for … Continue reading “Linux: Quick guide to the CD command – for windows dudes :)”
This is a short blog, and its actually just simple a plea to AWS. Please can you do three things? North Virginia appears to be the AWS master node. Having this region as a master region causes a large number of support issues (for example S3, KMS, Cloudfront, ACM all use this pet region and all of their APIs suffer … Continue reading “AWS: Please Fix Poor Error Messages, API standards and Bad Defaulting”
Getting an application knocked out with a simple SYN flood is both embarrassing and avoidable. Its also very easy to create a SYN flood and so its something you should design against. Below is the hping3 command line that I use to test my services against SYN floods. I have used quite a few mods, to make the test a … Continue reading “A simple DDOS SYN flood Test”
Introduction In most large corporates technology will typically report into either finance or operations. This means that it will tend to be subject to cultural inheritance, which is not always a good thing. One example of where the cultural default should be challenged is when managing IP duplication. In finance or operations duplication rarely yields any benefits and will often result in … Continue reading “The Triplication Paradigm”
The cloud is hot…. not just a little hot, but smokin hot!! Covid is messing with the economy, customers are battling financially, the macro economic outlook is problematic, vendor costs are high and climbing and security needs more investment every year. What on earth do we do??!! I know…. lets start a crusade – lets go to the cloud!!!! Cloud … Continue reading “Part 1: The Great Public Cloud Crusade…”
Today I am a happy bunny!!!! Yury Tsarev (a very clever dude) did a presentation to one of the Kubernetes co-founders Tim Hockin. The demo was one of absa banks opensource projects called K8GB (a cloud native GSLB for K8s): https://www.k8gb.io/ Why do I like K8GB? Because it uses a single CRD that integrates to all the big DNS providers … Continue reading “External k8gb presentation to Kubernetes SIG multicluster”
Just popping this here as I have had this a few times. Have you ever had your desktop icons flash and if you check explorer.exe its using high CPU. If so try: Step 1. Delete the Icon Cache Save the following as a batch file on your desktop and run it as admin: Step 2. Tweak the Registry Try setting … Continue reading “Windows 10: How to fix you desktop flashing icons”