Configure LLDP on Extreme EXOS Switching

Traditionally when working with voice and data vlans you normally have to either have DHCP voice options set up in your data scope or you manually untag the voice ports onto the voice vlan both of these come with their own disadvantages, this guide utilises Link Layer Discovery Protocol (LLDP) which is a vendor independent link layer protocol used by network devices for advertising their identity and capabilities to neighbors on a LAN segment. This guide shows you how to configure LLDP on Extreme EXOS switching to detect IP phones when plugged in and move them to the correct VLAN before reaching the initial DHCP stage.

Automate Starting and Stopping EC2's using Lambda and Cloudwatch

For on-demand EC2's that are not required during certain hours that are essentially wasting money running when not in use it is worth setting up a Lambda function that can stop and start the EC2's as per your requirements. This guide configures an IAM policy/role then uses a Lambda function to start/stop the EC2 during the business hours of 9am to 5pm.

Startup your EC2's via Powershell

For EC2's that are started up infrequently it can be time consuming to go through the AWS Management login with MFA just to start them up, this powershell script uses the AWSPowerShell module along with API keys to startup the specified EC2 instance.

Configure SNMPv3 on Cisco Catalyst switching

SNMPv3 is the most advanced and secure version of SNMP yet, with features like user authentication and encryption greatly enhancing the protocol.

The following instructions will show you how to configure SNMP v3 with authentication and privacy on Cisco switching using MD5 and DES;

Permanently Remove Deleted Users from Office 365

When a user is deleted from Office 365 the account is moved into a recycle bin where it is held for 30 days before being purged, this is very useful should users be accidentally deleted and can be easily recovered however this can still cause issues with Azure Active Directory Connect (AADC - used for syncing users from on-premise to Office365) when you have duplicated users/errors when trying to link up accounts for the first time when the first sync may have been done incorrectly, this guide shows you how to permanently delete the problematic deleted item therefore allowing you to redo the AADC sync as if for the first time.

AWS - Connecting to an S3 Bucket using WinSCP

Connecting to the Amazon S3 protocol is now natively supported as of WinSCP version 5.13, WinSCP uses the REST interface to interact with S3.

This guide creates an S3 bucket, an IAM user, an IAM access policy with least priviledge, then generating access and secret keys for API access to allow WinSCP to seamlessy migrate files over.

Firefox Monitor

Firefox Monitor

Firefox have teamed up with "Have I Been Pwned" to offer a service that allows you to check your email address against a database that serves as a library of data breaches. It will let you know if your email address and/or personal info was involved in a publicly known past data breach. Once you know where your email address was compromised you should at the very least change that system password and any other place where you’ve used that password.

This guide shows you how to check if your details have been compromised.

Tightening up Apache SSL security

At the very least modern websites should be using HTTPS by default with any traffic on HTTP redirected to HTTPS, this ensures traffic in transit is encrypted from 3rd parties prying eyes. The next step is ensuring that the SSL certificate along with the web server it sits on is configured correctly from a security perspective ensuring any well known backdoors are addressed.

The Qualys SSL Server tool is an excellent free tool that grades the quality of your SSL configuration that also identifies any areas that need to be addressed.

Secure Apache with an SSL certificate and force all traffic to use HTTPS

Using an SSL certificate is a must for ensuring your website is protected and meets the demands of today's modern sites/browsers. Customers and visitors to your site will know that their browsing session is safe, and that payment details and personal information is secure and encrypted in transit.

The following guide creates a certificate through Apache and a trusted certificate authority, applying the certificate to your website then forcing all traffic to use HTTPS rather than HTTP.