Skip to main content

Passive Packet Capture

In every situation where I've wanted to monitor a device's packets for troubleshooting or analysis purposes in the past 25 years, I've always listened to a single interface that I knew the packets were traversing. This works great for completely controlled environments in short bursts, but what if you wanted to provide some guarentees that all packets leaving the monitor were being captured?

In otherwords, what is the cost of analysis when packets are permitted to traverse the network without you knowing about them? How do we prevent this?

Why is automatically starting a process so difficult and different from platform to platform?


In nearly every case, there are processes or services that I want launched on boot. Many of these services do have methods for automatically starting, but they only consider themselves and not the environment that they'll exist within.


Came across Caddy (v2) recently and took the time to take a peek at what it can really do for me. After gawking at its landing page posters for awhile, I've come up with several use cases I want to put Caddy through to see if it really is the haproxy/nginx/traefik app killer that I've been looking for.


In short, I've been using Tailscale, but it drains my battery when I leave it enabled on my phone but I need access to my network for nightly backups. VMWare Workstation 17 (on Windows 11) has a pretty bad UX for networking. That said, its the lesser of problematic hypervisors, so its my poison of choice. Recently I had a requirement to make the networking behave more deterministically.



Due to the metric driven corporations like Microsoft, Google, and Apple, two-factor authentication has become a sort of an infection. While most of the 1st world's population will benefit by the increased security of 2FA, it remains a fact that there are a significant number of folks that will be left behind due to the fact that they don't have smart phones or access to smart phones at the point of authentication.


Recently resolved a long standing issue with my k3s implementation that was causing many DNS issues within my setup whenever the system restarted (usually due to automatically nightly patching). It was all due to the way that k3s cleverly injects "host names" into the K8s controller node's coredns service. This could be nice if it wasn't a namespace conflict where it was injecting k8s and


When things go wrong in Kubernetes, things can go really wrong and there isn't much documentation on how to inspect the system out of band of what a working kubectl can deliver. This can be maddening. This article covers some of what is going on under the hood of Kubernetes and Containerization so that you have some more tools in your collection for inspecting Kubernetes issues from within kubectl and out-of-band of Kubernetes.


So my Docker image and container collection has grow over the past years and I see no sign of it stopping. From adding random services for integrations to multi container services for development, staging, and deployment, to throw away containers, to scheduled task automation .... its time that I start to consider setting up my own Platform as a Service (PaaS).


This is my overview of kubernetes. There are many like it, but this one is mine.

Back in 2020 when I first started looking into building a mobile application I wanted to do things "smart" by architect-ing the backend system on Kubernetes. After all, kubernetes was the hot new thing that all the cloud services were supporting. I think I went about it all wrong at the time. I took a very top down approach (which I very often do) jumped right into some cloud infrastructure on GKE and just started poking around with kubectl and the various GUIs. Turns out this doesn't work in Kubernetes land without some solid base knowledge. I had no context, no terminology. To make matters worse, I watched a few how-to videos on youtube that went kind of like: "kubectl this, kubectl that, and viola! You have a working infrastructure." In reality "Kubernetes is not making my job easier! Kubernetes is just creating another career's worth of complexity in my application." At the time I settled for docker-compose instead.

Now I've returned to Kubernetes in pursuit for a flexible home/DIY Platform As A Service (PaaS).


I've recently been beefing up my security posture by added very secure and randomly generated passwords to all systems that I have console access too. This in turn has created a new issue where I need to copy/paste that password whenever I sudo.

Turns out there is a solution to this problem that has been around since at least 2013. I'm talking about the ability to use SSH keys to authenticate sudo commands so you don't have to constantly unlock the secure password from the password vault and you don't need to submit to NOPASSWD: in /etc/sudoers.