Skip to content

Sysrant Posts

AIX metrics in Prometheus with N(J)MON

Ok. What? Why? You can skip my intro and go straight to the “Technical solution” section. Yes, let’s start with that. AIX was born before I was. 1986. How is that relevant you might ask? Well, it happens people still use this, and AIX is actually somewhat pretty active used in 1000’s of computer labs. As with most things, even though we run on (sorry to those hurt by this term) “old-school” stuff, most people also want to use some new technologies or features. Such as monitoring. And this is where Nigel Griffiths steps in with nmon. nmon is short…

Monolith vs microservices – It’s not about the tech.

Let’s start with the most spot-on comic of Hilbert. I’ve personally seen various cases as this comic. In real companies. For real production flows. From real people. This entire discussion about monolith vs microservices feels the same for me. The same as the discussion about cloud vs on-prem, Rust vs Go, red vs blue… What we read is biased Every blog, even this one, is biased. Because I have my set of experiences gained over the years, it does not mean I have covered every aspect of IT. Not even speaking over the aspect that comes with company politics, architecture,…

Building a Slack slash command bot with Golang and Kubernetes

I use Slack ever so often, therefor I challenge myself to explore it further, rather than just being a user. For the fun, experience and just random interest in how things work. That’s was also the reason for https://sysrant.com/500-bounty-man-in-the-middle-on-slack/ 😉 Anyhow, within Slack you can create bots with various capabilities. I just want to create small apps/bots in my spare time. Making something of a Slash Command is fairly easy. Slash Commands A slash command is something like /the-command input which can be fired from the chat in Slack. It will do an HTTP request and expects a response back…

Part 2 – Security – No, nothing is secure

secure: adjective –  certain to remain safe and unthreatened. I’d never been that “secure” in my entire life when it comes to IT security. In the past, I’ve run for years without a virus -scanner or protector. The thing is that I’ve been taking this quite logically rather than rationally. Most people would have to frown their eyebrows on my second sentence; why would you not protect yourself?  That’s the thing though. I know what I’m doing and what is happening on my system. I know what I visit (browsing) and I know what I install. I monitor my network…

Part 1 – Security – your reasons are wrong

I’ve always had an interest in security the moment a teacher showed me an SQL injection in the code I’ve made.. over 12 years ago.  There were two main reasons for that. I was intrigued by the technical puzzle that presented itself by abusing someone’s code. The second part was that everyone with that knowledge could access my database. Something I did not want because it could contain sensitive data. In this case, it was merely a school assignment but ever since I developed more skills in security because I cared.  It’s now 12 years later and security became a…

500$ bounty: Man in the Middle on Slack

I wanted to disclose a security issue/concern which I found a while ago on Slack in a blog post. The issue itself is not very technical on itself. This makes it cool to share it with a somewhat broader public. Hopefully to create more awareness about security in general. Besides that, I hope people will start using bug-bounty programs more often. Either by signing up on programs such as HackerOne with their company or by just trying to hack in one of the programs there 😉 Slack? Just a small intro for those who don’t know Slack (shame on you…

WordPress can be secure

I have encountered many discussions regarding WordPress and it’s security. I love arguments and I believe we should stop see everything in black and white. Hence my title. It can be secure. Because I believe it can also be insecure, but more importantly I want to share my knowledge on the topics regarding security. To make it more secure. I have managed over 150 WordPress websites professionally on my previous job(s) and this website itself is WordPress too. Over a timespan of roughly 3-4 years, I have had 0 breaches. One could argue: but you got “pwned” yet you did…

Everything is still very insecure

I obviously browse the web and sometimes when I do that, I just randomly check for odd behavior. It’s just a simple fact that if we have given some random website, there are issues. In general, it takes me literally about 3 minutes to “find something”. First thing first. I’m actually not a great hacker. I’m probably not even good. I just know what to look for and have my experience of ~10 years as a programmer in my backpack. The second part is when I find “something”, it can be something simple. Most cases it is just misconfigurations and/or…

Creating a static website with Google Cloud’s Storage & App engine

I recently had some experiences with Hugo. Hugo is one of the most popular open-source static site generators. With its amazing speed and flexibility, Hugo makes building websites fun again. https://gohugo.io/ I wanted to create a new website for myself and figured I’d give it a go. These are my experiences with it. General thoughts about Hugo I like the principle of Hugo. It enables you to create content in a fairly easy way and generate static files for it. Out of the box, it provides various internal functions to make that generation easier. Especially when your theme is set…

Enjoy life!