I am a father, husband, life-hacker and security professional.
Please help yourself to some kick-ass articles below, courtesy of me.

Running A One-Man Security Team

Posted by Mike Mackintosh on February 28, 2015 in security.

OMG, DO THEY STILL EXIST? Yes. And there's nothing you can do about it. Many companies are not willing to invest in security until they are hit with a massive and expensive breach. Others simply don't see the benefit after seeing companies like Anthem, who has over 200 security professionals on payroll get hit with the largest compromise in web history. As a one-man security team, I know you have a heck of a lot of responsibilities, with very minimal... Continue reading

Displaying Responsive Ads

Posted by Mike Mackintosh on February 28, 2015 in webapps.

If you resize this blog, you'll notice that the ads on the bottom resize with your screen. Here is a quick way to accomplish this using Namecheap: Continue reading

Slackdraft - The Simplest Way To Integrate

Posted by Mike Mackintosh on February 22, 2015 in integrations.

What Is Slack? Slack is the finest messaging and chat platform to find itself entangled in the world wide web since the dot com boom. If you don't know what I'm talking about, then you're a n00b. Check them out at www.slack.com. Installation Like any other gem: gem install slackdraft Features I created the gem to allow for really simple integration into Slack. Some of the features include: Formatting Support User(@channel and @mike) and Channel (#channel) Notification Support Awesome Attachment... Continue reading

Simple Port Forwarding with IPTables

Posted by Mike Mackintosh on February 20, 2015 in system-administration.

Background I run a Git server behind a reverse proxy for HTTP/S traffic. This is all fine and dandy, but causes headaches when you want to use git: or ssh: remote commands. Because the public IP of the git server is the reverse proxy, and the actual repositories don't live on this box, you have to be creative to get it to work correctly. The simplest approach to this problem is to setup some port forwarding. In turn, this becomes... Continue reading

Validate x509 (SSL) Certificates and Keys

Posted by Mike Mackintosh on February 17, 2015 in system-administration.

If you work commonly enough with SSL, you know that verifying certificates and keys needs to be done before you push a configuration change to a server. Thankfully nginx has the configtest flag set in the restart command, to prevent you from shutting down a broken configuration. Below, I have included a really simple script that will take all the .crt files in a directly, and match them up with .key files, and validate the modulus' md5sum. On failure, it... Continue reading

Converting From Wordpress to Jekyll

Posted by Mike Mackintosh on February 13, 2015 in state-of.

Background Today, I migrated all the posts from highonphp.com to here. Since Jekyll is all about the static files, I had to get a way to export the posts from Wordpress, and convert them to flat files. The exporting was the easy part. All you have to do in Wordpress is click the Tools -> Export link, and choose All Posts. When you click Export, your browser will download an .xml file. This file has pretty simple schema which can... Continue reading

Getting An Apple Model Name from the Serial Number

Posted by Mike Mackintosh on February 12, 2015 in system-administration.

In TitanOSX, I use the serial number of the device as a unique key/index. This is because there should always be a unique serial number. Part of the reason is, just like a MAC address or Zip Code, each segment of the number represents something specific. For example, with Apple products, the last 4 of the serial number can be used to get the model type, such as Mac Book Pro Mid-2014 or iMac Mid-2012, etc. It is very simple... Continue reading

Adding Comments to JunOS XML

Posted by Mike Mackintosh on February 11, 2015 in network-automation.

One of the projects I have been working on makes a NETCONF call from a worker script to several JunOS devices to apply changes to a blacklist/whitelist prefix-list. This serves essentially as a rapidresponse ACL, so we need the ability to track changes, etc. While working on the project, I wanted to be able to annotate the config changes with comments. Generically, in JunOS, you can add /* */ comment strings using the annotate command or in set form. When... Continue reading

Testing OpenSSL Speeds

Posted by Mike Mackintosh on February 10, 2015 in system-administration.

I was recently benchmarking to use of 4096-bit RSA certificates for some secure host communications. One of the servers was a raspberry pi, (lol) and the other was a beast of a machine with 128GB of RAM and 24 cores. Both of these devices would be communicating with each other as clients and servers, so they would each need to verify SSL certs. Noticing that there was significant lag on the Pi, I wanted to run some benchmarking. Up my... Continue reading

Ruby String Encoding Weirdness

Posted by Mike Mackintosh on February 6, 2015 in web-apps.

I was investing some more time into rebuilding Cronus for TitanOSX. Within the communications from the titan client to Cronus, I have python make an HTTP call that adds a HTTP Header to it's requests. I was using this header to validate the user (think Bearer) within an ActiveRecord call, but it kept returning nil. I scratched my head for a few minutes trying to figure out if it was white-spacing or not, so instinctively I tried things like #strip... Continue reading

An Awesome Write-up from Last Area41

Posted by Mike Mackintosh on February 2, 2015 in security.

This is still one of my favorite write-ups on how to solve the generic problem of wtf. For the past year, I read this on a weekly basis to replay the task and keep my abilities sharp. Although I didn't write it and I wasn't involved in the event, I use this to help stay fresh on general concepts, which the writeup handles beautifully. I hope you enjoy it as much as I do. Thanks Martynas Continue reading

Syntax Highlighting With Cat

Posted by Mike Mackintosh on February 1, 2015 in derp.

If you read a lot of source code or configuration files, and you're a loser that doesn't use vim, then these two commands will come in handy for you: It will make your stupid output look pretty hot. Continue reading

Maximize Key Strength for Tmate

Posted by Mike Mackintosh on January 26, 2015 in.

TMate is a pretty cool tool for sharing shell sessions remotely. I modified the create_keys script to read as the following, which maximizes the key strength for the 3 key types: Continue reading

DamnSimpleWhitelist for Ruby

Posted by Mike Mackintosh on January 19, 2015 in networking.

This class was created to be exactly what it's called, damn simple white-listing. (And for those captain-obvious' out there, yes, you can make it a black-list too. I'm so proud of you!) You can pass it whitelists if the form of a file. The default location for the WHITELIST_FILE is /etc/whitelist, and takes 1 IP range or host per line. It will only parse legit IP's, which are validated using the IPAddress gem. You can also pass a hard-coded array... Continue reading

Hello Scarecrow, A RESTful Interface For Spamhaus Feeds

Posted by Mike Mackintosh on January 14, 2015 in web-apps.

Scarecrow is the easiest way to consume the Spamhaus feeds which is traditionally powered by DNS. Although effective in SMTP services, I've found much benefit in using it to protect web apps from malicious and fraudulent behavior. Although it's simple to query DNS is most common web languages, it comes with headaches, buffer and cache issues, as well as control of which servers you actually hit. Scarecrow allows you to submit a GET request with the route being your IP... Continue reading

Generating OpenVPN Client Certs with Ruby

Posted by Mike Mackintosh on January 9, 2015 in system-administration.

I was working on a project recently that dealt with generating and revoking SSL certs for OpenVPN clients in a simple and automated fashion, without paying for Access Server. Easy-RSA is easy to use, but totally unsecure to automate (think Shellshock..), and in order to replicate certs for backup, I would need to rsync, GlusterFS or some weird file transfer hacks. In all honesty, it would have been easier to save encrypted certs to a database so the end user... Continue reading

Log Viewing With Ninetails

Posted by Mike Mackintosh on January 3, 2015 in system-administration.

Ninetails is a simple python tool for viewing logs in a very efficient (and colorful) manner. Anyone familiar with intrusion detection, system troubleshooting, or even ops engineers investigating outages, it's important to be able to spot a log anomaly quickly. Take a look: Creating your own colors is as simple as creating a python dictionary. The syntax is as follows: colors = { 'RED': ['sudo', 'kernel'], 'ORANGE': ['login'], 'GREEN': ['py', 'php', 'launch'], 'BABYBLUE': ['discoveryd'] } After you download, follow the... Continue reading

Splug Theme for bash prompt

Posted by Mike Mackintosh on January 2, 2015 in system-administration.

I tossed together this pretty cool theme late last year. I ended up switching to Bashit since it saved me some headache and increased performance as many of my .bashrc calls were not optimized. In doing so, I ported my bash prompt at the time (with awesome color support) to bashit to take advantage of their pugins. You can check it out on GitHub here: https://github.com/mikemackintosh/bash-it-splug-theme Continue reading

Building a Security Team in 2015

Posted by Mike Mackintosh on January 1, 2015 in security.

It is late, and I'm tired, but wanted to jot this down before I fell asleep. Revisions and corrections to follow. In my professional experience, compliance is not security. So, clearly, being compliant is not being secure. There are aspects of compliance which increase security, but they are more in the realm of operations and work flows (think PCI and SOX). What is being secure, is understanding what's happening on your network, within your apps or on your servers, and... Continue reading

Migration From HighOnPHP

Posted by Mike Mackintosh on December 31, 2014 in state-of.

I am going through the process of migrating from HighOnPHP to MikeMackintosh.com. Stay tuned for some pretty cool shit I've been working on over the past year. Continue reading