Index

Home

April 28, 2022
in Security, 2fa, Totp
15 min read

Understanding Time-based One-time-password

cover

Now that every web service encourage you, more and more, to use MFA to secure your account, one of them is used most than others : Time-based one-time password or TOTP generate a unique code of 6 or more numbers to enter just after typing your password.

The server or web app allowing to setup TOTP give a QRCode to scan (or a Base32 string) to configure in a TOTP generator app like Microsoft Authenticator, Google Authenticator, Bitwarden or more.

We all use it, but how does it work ? Is it secure ? Is my account secure when using third-party TOTP generator ??

February 6, 2022
in Certificate, Openssl, X509
15 min read

x509 certificat managment

cover

What are x509 certificates ?

According to Wikipedia, x509 is a standard defining the format of public key certificates. They are used in many Internet protocols, including TLS/SSL, which is the basis for HTTPS (the secure protocol for browsing the web).

December 24, 2021
in Dns, Server, Public
30 min read

Create and Expose a public DNS service

cover

What is DNS ?

The Domain Name System (DNS) is a system that provided human readable names for computers, services and other resources connected to the internet. Basic records allow to translate a Domain Name (that humans can understand) into an IP Address (that computer understand for routing).

October 13, 2021
in Python, Pylint, Performance, Logging
15 min read

Why pylint rule `W1203` is important

cover

If you have been using pylint tool to check the format of your Python code you may have encounterd the rule W1203: logging-fstring-interpolation but you didn't really understand why it's important.

The warning looks like :

path/to/my/file.py:37:4: W1203: Use lazy % formatting in logging functions (logging-fstring-interpolation)

It appears when you are using the Python logging library. On the pylint documentation about this rule it is said that you shouldn't use f-string formated strings.

October 13, 2021
in Gateway, Web, Security, Firewall, Network
15 min read

Securing web entrypoint from external threats

cover

I'm currently hosting some private web services accessible from internet. In order to protect those apps, I needed a very secure way to protect the access to them.

As you may already know, there are tons of bots that continuously scan all public internet IPs for potential vulnerabilities. From open ports, insecure web services or security breach. There are private organizations that allow to discover those vulnerabilities like Shodan. In my particular case, this is the only information that they could collect from my IP gateway :

October 5, 2021
in Blog, Website, Pelican, Python
5 min read

Blog initialisation

cover

First of all I'm not a web engineer and I hate web development. There are too many framework to work with (ReactJS, Angular, jquery, ...). Javascript asynchronous system is a pain to manage at large scale. And dependencies maintainability is too much for me (yes, I'm talking about you npm). I'm not a web designer either so HTML/CSS are the enemy (mostly because I don't know how to use them at their full potentials).

This is pretty much why I quit web development in the first place and became a SysOps engineer.