March 2, 2019

Locating ssh hackers

Introduction Have you ever read an article and thought: I want to build this? Well that happened to me while reading Geolocating SSH Hackers In Real-Time, so I decided to build it. I am into kubernetes these days so I decided that I would host the showcase on my kubernetes lab environment: - I run a proxmox server with 64 cores and 256 GB of RAM, that is reachable over ssh from the internet (pub/priv-key login only). Read more

February 23, 2019

Protect critical Kubernetes namespaces with Open Policy Agent

Introduction Open Policy Agent is an open source, general-purpose policy engine that enables unified, context-aware policy enforcement across the entire stack. OPA provides greater flexibility and expressiveness than hard-coded service logic or ad-hoc domain-specific languages and comes with powerful tooling to help anyone get started. In this post we will explore OPA with the purpose of implementing a policy that prevents from inadvertedly deleting kubenetes namespaces annotated with protected: "yes". Read more

Content licensed under CC BY 4.0