Slack Slash Command security

Slack "Slash Commands" can be a very useful tool to write a CLI to interact with other applications that you manage. In short the contract works something like this; from within a slack channel that the commands are available you would type: /my-command [text arguments] Seems simple enough, however you need to implement a REST … Continue reading Slack Slash Command security

Batch processing testssl.sh commands

If you secure your entire infrastructure at the transport layer with end to end SSL for both internal and external traffic, then you likely have a ton of endpoints, each with their own SSL software stacks and a wide array of different certificates, some CA signed, others not etc. Both the amount of these and … Continue reading Batch processing testssl.sh commands

Mocking a rate limiting endpoint 429

Ever have some client code that needs to call another endpoint which rate limits you? Join the club. I recently did, and honestly I didn't care at all about the ONE particular rest client that needed to backoff appropriately when the 429s were being barfed back; instead what I did care about was implementing a … Continue reading Mocking a rate limiting endpoint 429

Migrating APIs to Tyk

In the recent past I was helping on a project who's objective was to migrate off of a very costly proprietary appliance based API gateway solution, and move into a cheaper alternative; preferably an open source api gateway offering. The main challenge was that a large percentage of the APIs to be migrated were legacy … Continue reading Migrating APIs to Tyk

Google Wifi router, port forwarding, you have no devices, privacy

Had an Asus router die today, so in a pinch I went out and bought a Google WiFi router after hearing "good things". I have a few wired devices and several wifi connected devices and I also have needs for port forwarding. The first thing you will notice that is quite different from other routers … Continue reading Google Wifi router, port forwarding, you have no devices, privacy

Docker Swarm Traefik state analysis

Recently I've been working on a toolset (see github swarm-traefik-state-analyzer) intended to aid in the health analysis of Docker Swarm services that are proxied by Traefik in an Docker swarm footprint architecture I previously described in a previous post (click here to read). In short you have 1-N docker swarm clusters, each segmented into 1-2 … Continue reading Docker Swarm Traefik state analysis