Andreas Happe: Everything
Homeserver: Glances and Home Assistant for Monitoring
Now that I have a minimal home server running, I thought it would be good idea to monitor temperature, disk usage and such. The simplest solution that I found was to use Glances and use Home Assistant to store and display the data.
Homeserver: Creating local Proton Drive/Mail Backups
By now, I am using Proton Drive for cloud data storage and Proton Mail as my primary mail service. While I trust Proton with my data, I do not want to rely on them completely. As I have a small server standing around at home, it’s kinda obvious to use it for automatically performing backups of my cloud data. I try to use systemd services and timers for this, as this makes monitoring and logging quite easy. This blog post mostly serves as a reminder for me, but maybe it helps someone else as well.
Homeserver: Services Pt. 1
I am running a home server for a while now. I have been using it to host some services that I use regularly. In this post, I will share my experience with some of the services I have set up on my home server. This initial post will go over local git hosting using gitea, audiobook streaming using audiobookshelf and a self-hosted RSS reader using tt-rss.
Using tailscale on Fedora Silverblue
I am using Fedora Silverblue as one of my main desktops. Recently, I’ve been moving some services to a server behind tailscale but was still using its local IP address when at home at my Silverblue desktop. While doable, using an IP-address with an invalid HTTPS certificate wasn’t that pretty — so why not just access it through tailscale even within the same network, it’s an overlay network overall (so it should do a direct connection between my desktop and the home-server).
Building a little home-server with Linux, TailScale, ProtonVPN, Docker Compose and VM support
I’ve been using a mini-computer as home-server for the last couple of years. Originally, I used it to share files between my computers, but over time more and more services (like RSS-readers, media-libraries, home automation, etc.) were moved on that surprisingly capable mini-server. I’ve grown up using Linux (well, I was already 16 when Linux became available around here, but you get the gist) so it always felt natural to me to just just use a minimal Linux installation (debian) instead of using some NAS that supports add-on third-party software.
Work/Life Balance, pt. 3: Scheduling Work
The first parts of this series were about getting more done while at work as well as making it easier to switch from work into leisure mode. Both have a rather bottom-up feeling to them. In contrast, this post will be top-down: investigating my scheduling habits and trying to get them to a point where they actually protect myself from over-scheduling too much work. My Scheduling Habits thus far After years or trying different todo and task applications, I’ve settled upon a rather simplistic approach: simple markdown todo lists versioned through git.
Work/Life Balance, pt. 2: Separation and Blurry Lines
While the initial experiment focused upon productivity, the main goal of this series is to improve my work/life balance. Getting more productive should just allow me to switch from work to leisure earlier. Currently I have access to my university office, so I have a nice geographical separation between Work/“The Office” and “Everything Else”. So basically I want to keep work at the Office and leisure (mostly) outside of it: getting out of the office to recover while keeping distractions out of the office to let me get out of it faster.
Work/Life Balance, pt. 1: Prelude and Experiments
Last winter I was lucky to enroll in the so-far best lecture of my PhD studies: From Surviving to Thriving: Crafting your good personal Life by the great Geraldine Fitzpatrick. The course was about stress, mindfullnes, crafting, productivity.. nothing mind-blowing nor rocket science but comprehensive, accessible, and charmingly presented. Recently I read Do Nothing which I thoroughly enjoyed. Maybe it’s time to experiment with my time (or rather life) management..
Using WSL2 to hide from EDR
TL;DR WSL2 seems to be one big lolbin when it comes to EDR Scenario/Background During a recent assumed-breach pen-test assignment I was stranded as a low-level user on a fully-updated Windows 10 Enterprise system (10.0.19045) including a deployed CrowdStrike Falcon EDR suite (6.49.16303.0). As I respect CrowdStrike I did not want to execute any malicious scripts on the host, so what to do? WSL2 to the rescue! Installation was done quite comfortable through the company’s Software Center, no local administrative rights required.
Active Directory: Using LDAP Queries for Stealthy Enumeration
During a recent assumed-breach pen-test assignment I ran into a problem: the customer had an up to date Windows Active Directory environment, CrowdStrike was rolled out as an EDR and a dedicated Incident Response Team was monitoring for alerts.. and I needed some Active Directory Enumeration to be done before I was planning out my next steps. I assumed, which later proved correctly, that just starting BloodHound or GetUserSPN.py would trigger defenders and defences.