Archive

Incident handling for small sec teams

This is an article writing up a talk I gave during bSides Ljubljana 2026. Incident handling for small sec teamsIncident handling for small sec teams.pdf560 KBdownload-circle Incident management is one of those things that are rather simple to do even with very small teams, but that gets quickly overcomplicated

Millions of Linux servers voulnerable to RegreSSHion - new OpenSSH vulnerability

A new vulnerability in openssh used by most Linux servers has been announced today. It allows a remote attacker to gain root access on all unpatched openssh servers. A new OpenSSH vulnerability: CVE-2024-6387 has been announced. It exploits a number of not-safe-for async functions which are run (asynchronously) if the

How to resize Kubernetes Statefulset Storage

Learn how to safely and efficiently resize the storage of your Kubernetes statefulset volumes using a storageClass that supports resizing. Understand the limitations and capabilities of statefulsets and gain insights into the design decisions behind Kubernetes

Calico to Flannel - changing kubernetes CNI plugin

So you want to change the underlying CNI provider in your kubernetes cluster? Well in some cases it's as simple as running a few YAML manifests, in others, you have to do the hard work yourself.  For instance, going from Flannel to Calico is almost trivial. But to

How to choose a password manager

Passwords are like taxes, you simply cannot avoid them. They are the small mental tax you pay when you create a new account or login into an existing account. To avoid remembering and retyping you should choose a password manager. Websites and systems need a simple way for you to

Keep Asus ROG motherboard BIOS settings after a BIOS update

Many gamers and tech enthusiasts like to tweak their computers,  this includes tweaking BIOS Settings. Most overclocking and virtualization are done through BIOS settings. And even if that's not your game, you can still control fans and RGB through BIOS to avoid running extra unnecessary programs under your

What can increase DevOps technical debt

Technical debt is a topic that pops up often in the IT world. Simply stated, it's a metaphor for all the shortcuts that you take during development that later on hurt your ability to quickly produce or modify code. Often we hear about it in the context of

Sysadmin Technical Debt or why admins never have time

Technical debt is a commonly used metaphor in IT, it refers to shortcuts that make work more difficult in the long term. While we hear a lot about it in software development, it's rare to find someone talking about sysadmin technical debt. Few might realize that it'

Technical debt from the business perspective

Have you ever noticed that as time passes programming projects become slower and slower? Developers seem reluctant to touch the codebase, features and bug fixes take longer and longer. And this slowdown is very gradual/ Heck, whenever they start a new project it seems to eventually start happening to those

Technical debt from the developer perspective

Technical debt is a common metaphor in software development, taking shortcuts will allow us to ship code faster, but in the long term makes the code harder to change and extend.

Creating LXC containers from docker and OCI images

LXC a set of tools that provides lightweight virtualization with a shared kernel. LXC containers are an easy way of managing Linux kernel virtual machines

The current state of neuromorphic computing

Neuromorphic computing is a novel approach to computing. Using tailor-made hardware, neuromorphic computing can provide power-efficient AI training. We already covered what Neuromorphic computing is and how it works in a previous article. This article is quite abstract in the sense that it expects you're to know how

Neuromorphic computing - a promising branch of computing

Neuromorphic computing uses hardware-accelerated Spiking Neural Networks to achieve power-efficient AI training.

Service Mesh - works great if you can accept its trade-offs

Service mesh is a networking solution for organizations dealing with microservice proliferation. Simply said, as soon as you go further than a few services, inter-service communication becomes challenging. Service mesh attempts to make its functionality trivial to implement, from the app developer side. Service mesh works by running a lightweight

NoOps - a dream that is unfeasible for most organizations

NoOps is a trend trying to push out dedicated operations people out of the organization. Its name comes from "NO Operations", with operations being a synonym for system administration. To better understand what going on, let's first take a look at what regular Sysadmin does. What

IaC - The key tradeoffs when implementing Infrastructure as Code

What is IaC? As the name suggests, IaC or Infrastructure as Code is the practice of managing the infrastructure through plain text files (code). This management mainly consists of description and implementation.  First, you need to be able to describe all infrastructure details in the trough code. And your tools

GitOps - what benefits can it bring to your organization

What is GitOps? GitOps is version control and continuous delivery for your infrastructure. Sounds simple, but those fancy words hide a lot of complexity. Version control is a simple one, you have text files, and every time you change them you have a new version, and you can always see

IaaS - is it truly limited to public cloud providers?

Iaas or Infrastructure as a Service strives to provide a way to quickly and easily provision VMs in a private data center or cloud.

When to avoid using docker containers

While containers are a wonderful way to package applications let's mention a few cases in which you shouldn't use docker.

Dive into how Docker containers work

Containers are small packaged applications that you build once and run on pretty much any hardware/OS combo.