Wireshark is an open-source, cross-platform network packet analyser tool capable of sniffing and investigating live traffic and inspecting packet captures (PCAP). It is commonly used as one of the best packet analysis tools. Colouring Packets Wireshark colours packets in order of different conditions and the protocol to spot anomalies and protocols in captures quickly. Packet Dissection Packet dissection is also known as protocol dissection, which investigates packet details by decoding available protocols and fields.…

Target Details URL: http://scanme.nmap.org/ Host: scanme.nmap.org Starting out with basic TCP port scanning The TCP scans use the Transmission Control Protocol as the transport layer protocol for the probes. The different TCP scans are: Connect Scan To scan for all open TCP open ports on a target, we use: nmap -v scanme.nmap.org The -v flag turns on verbose mode. This increases the verbosity of the details provided by the scan. This is useful for debugging and understanding what is going on.…

What is a container? You must have seen large ships with “Containers” - like the one shown below. Yes those colored boxes are called containers. They help to transport goods from one place to another. Each of these colored boxes are small isolated units that don’t know what’s inside the other and aren’t even bothered by it [As if they have a life :) ]. While the containers “contain” the goods, they essentially rely on the ship for the actual transportation.…

Kubernetes is a container orchestration tool. It groups containers that make up an application into logical units for easy management and discovery. Now before we dive into the details of what Kubernetes is, we need to understand what a container is. You can read this blog for a starter. BTW kubernetes is also known as k8s as there are 8 letters between k and s. What does Kubernetes do? In simple language, we have the containers and containers information (also sometimes called as configuration by sophisticated people), which we “throw” at kubernetes, and it will run our container with the help of a Container Engine.…

This is the first blog in the Kubernetes Basics series. In this blog, we will be setting up a simple Kubernetes cluster on GCP. We won’t be using the GKE instead we will go for two identical Ubuntu 20.04 VMs to setup a simple lab setup. This is basically the starter point for CKS certification. Prerequisites: A GCP account Knowledge of basic Linux commands Google Cloud CLI installed on your local machine Step 1: Create two identical Ubuntu 20.…

What is OWASP Top 10? Well it’s simply a list of top 10 web application security vulnerabilities. The link to the actual source material has been given already, so you can read more about it there. The list was last updated in 2021. Many security researchers including the very best in OWASP Foundation believe it’s still relevant in that order, even tho I kinda disagree :P. Anyway, let’s get started with the list.…

NOPE it’s not the CIA who watches us all, the open, friendly yet closed, confidential, epitome of ahem ahem ahem :P. The CIA triad is a set of three basic principles of information security: confidentiality, integrity, and availability. These three principles are the foundation of information security and are the basis for all security policies, standards, procedures, and guidelines. The CIA triad is also known as the “Holy Trinity” of information security.…

This is kinda a sub-blog within my main blog. This is a collection of notes I’ve taken while studying for the CCNA. I’m not sure if I’ll ever take the exam, but I did learn a lot and got some cool badges which will probably go away in a few years :). Networking knowledge is one of the most basic skills you must have before embarking on “H4c!<in6”, or start your DevOps or Development journey.…

Analyze your application portfolio (Application Portfolio Analysis) It’s not uncommon for large enterprises to have hundreds of applications in all forms and shapes using different underlying technologies, buisness processes and DevOps capabilities. The wise way to invest your time and money wisely is to perform an application portfolio analysis (APA), to identify which applications should be focused on. There are 4 dimesions of an APA. For each category you collect the data and you translate it into a relative graph.…

Find your MVC Minimum viable cluster (MVC) is a subset of applications that are the most important to the business and are the best candidates for a DevOps transformation. Improving the MVC leads to faster and more reliable delivery of business value. Thge concept behind this is that of a weakest link in a chain. the weakest link in a chain defines the overall doability of a chain. Similarly the applicatiion witth lowest maturity in a cluster tends to define oyour ability to deliver.…