SSSG Ninja is my new open source project - It is a all-in-one managemenet tool for SSSG (Site Shield Security Group), it not only makes recommendations but also can do the jobs for you. If you are interested to try, it can be found in my Github repo. Here are current supported features: Make recommendations based … Continue reading SSSG Ninja
Tag: Security
AWS security group limits Q&A
Here are a few questions that I asked AWS regarding the security group limits and their answers. Just like to share it with more people here: 1) Q: By default, it is 50 limit for both inbound and outbound (giving 100 rules in total). Is it possible to set a different limit to inbound and … Continue reading AWS security group limits Q&A
Double SSH Hops example
Client -ssh only--> Jumpbox00 -ssh only--> Jumpbox01 --http only-> Internal network Here is how to ssh to jumpbox01, and visit websites in internal networks from Client. 1) Ensure you have a private key that is trusted by both jumpbox00 and jumpbox01. For example, jb.pem under ~/.ssh/, then run the following command: ssh-add ~/.ssh/jb.pem 2) Add the following … Continue reading Double SSH Hops example
Nginx upstream key exchange issue
Continue with my previous post. Now it is about phase #3. Theoretically, it should be very straightward. All Nginx needs to do is just fowarding the Akamai reqeusts to the upstream. Right? But in real life, whatever can go wrong will go wrong 😦 In the testing, we always get '502 Bad Gateway' error. I … Continue reading Nginx upstream key exchange issue
Akamai protocol rewrite issue
I have been working on a API gateway project (Akamai + Nginx + Lua) for quite a few weeks. There are lots of things that I would like to write and share. This post is one of them. The high level architecture looks like this: Phases: Users send http(s) GET or POST requests to Akamai. Akamai … Continue reading Akamai protocol rewrite issue
Jackie Chen's IT Workshop 