The key to cloud adoption is change control and process management.

Without it, complexity sprawls.

This is a wide-spread outage affecting many customers, including my own.

Service outage originally was NOT reported on AWS status page.

Status page was inaccurate because is relied on failed service.

Proudly delivering vetted and cutting edge technologies in the AWS and App space, Nick helps customers focus on delivering their goals.

For Typing.com, it was a matter of scale, reliability, and experience.

With a combination of infrastructure-as-code, Dev/Ops expertise, AWS best-practices, and real-world production experiences:

Typing.com is used by third through fifth grade at LMES and more than 14 million students and 250,000 teachers nationwide.

Thank you for the opportunity!

Mattermost is a self-hosted, fully-developed #slack alternative.

Own your data, and don’t be locked in to a vendor.

It’s real-time, and seamless. Push ‘real-time’ via websockets for the tech-heads out there.

I use it daily and recommend it to all my customers. Be free.

Has in-browser, and desktop clients, and mobile. I use them all. So great!

MaxTo is a tile window manager style windows management tool.

Just drag a window into a defined screen ‘region and click maximize … and boom … it maximizes to the region.

So useful, and makes things clean. Now, I also use two monitors and have private documents on the other monitor.

It pairs so well with multi-monitors. Also shown, I use Rainmeter on Windows for the meters.

I use it daily. You know what your windows are going to have in them. Why resize them every time? Don’s mess with it. Set your notes, music player, communications tools, todo lists.

MaxTo makes it easy. Just create a layout, save it, adjust exactly what you need, and save again.

What is this?

This is something built for home use, easily can drop-in other pages and consumes other API’s as needed.

Why this project?

Great way to get started with a web project.

Compiled from a few examples, sources to come.

Built simply, using solid technologies.

Why port knock?

Open SSH ports are vulnerable to: scans revealing information, brute-force attempts, exploits attempts, and even password/key compromises.

Port knocking reduces the surface area at the TCP level via iptables firewall rules.

Port knocking is a good add-on to help improve existing techniques:

• scans - obfuscate version, info
• brute-force - use fail2ban, account attempt restrictions
• exploit attempts - keep systems updated; teams aware of CVE’s
• compromises - no passwords, key rotation, user-identiy management (accounts, logins, SSO, etc

What is port knocking?

Port knocking is sending a series of TCP SYNs to a set series of ports. The knockd daemon listens to these ports.

Knockd will open the port to the host IP source of the knock.

Knockd setup also allows established sessions, maintaining usability once initial knock and connection.

How does one ‘knock?’

1. Install knockd on the workstation doing the knocking.
2. Run the command knock -v hostname.example.com 5000 5001 5002
3. SSH as usual, e.g. ssh -p 2222 hostname.example.com

How does one set up port knocking?

1. Coming soon. Stay tuned for Ansible scripts.

Here’s a high level view of how to use Jekyll, AWS S3, and Cloudfront for an easy-to-use, self-hosted SSL static site solution.

Keeps getting more cost effective…