This section contains notes on various services and systems I've explored or setup. These are frequently stream of conciousness notes and may have dead ends, multiple attempts, or be outdated. I periodically go through them and attempt to rewrite them to make them more consumable by others and myself.

I hope these can help guide people on their own attempts to understand the services that they host. Please always double check the facts and don't take a random netizen's personal assessment will match your use cases.

DANE / TLSA

Posted on

DANE is an extension to certificate validation allowing DNSSEC to protect SSL fingerprints, reducing the overall reliance on the public CA infrastructure. It does this by creating a new DNS record type 'TLSA' for storing the raw value or hash of either the complete certificate or the public key.

Syslog-NG

Syslog-NG is a fast, reliable, and secure syslog daemon that can do advanced processing and log centralization while maintaining a sane configuration file syntax. I've recently come to vastly prefer it over my previous long term favorite Rsyslog.

GRE Tunnel

GRE encapsulates all layer 2 traffic, but does so through an unencrypted tunnel. Sensitive traffic should exclusively go through a lower level encrypted tunnel like IPSec.

Blender

Posted on

Open source best in class 3D Art and modelling program.

Page 1 of 19 Later