Month: December 2018

Installing ELK without Docker on Ubuntu 18.04 with LetsEncrypt

In my last post, I set up ELK in a docker container to see if it would meet my needs, but I found that unless I wanted to go very deep with docker, I’d need to do a raw installation of ELK. The main motivation was that I wanted to install an SSL certificate in Kibana using LetsEncrypt from my pfSense box, and building a job that builds docker every 90 days seemed brittle.

One thing I realized was that you do do a lot without installing the ‘L’ in ELK. LogStash and ElasticSearch both provide means to ingest logs. When you install filebeat on your client, you can opt to output to LogStash or to ElasticSearch. I went direct to ElasticSearch for now, though I will likely revisit that later on. Here are two resources that discuss that here and here.

Continue reading “Installing ELK without Docker on Ubuntu 18.04 with LetsEncrypt”

Installing ELK in Docker on Ubuntu 18.04 with ZFS

I’m working on my next project, with is a DMZ Minecraft server, but I want to ensure that I have adequate logging in place. I decided that I’d install the ELK stack on a server so I could easily mine and visualize my logs. For those of you who aren’t familiar, ELK stands for ElasticSearch, LogStash and Kibana. These tools let you store, parse, and see log files from lots of computers in one place, so you can analyze them. It’s also handy for seeing when a system you maintain is behaving badly, like the morning after a deployment.

Continue reading “Installing ELK in Docker on Ubuntu 18.04 with ZFS”

DMZ Is a Four Letter Word

My latest project is to set up a secure Minecraft server for my kids and their friends to play on. As I  mentioned in my previous post, the usual recommendation to set up port forwarding on your router is a pretty bad idea. Normally, what is recommended is to set up a DMZ. I’ll do this in a bit (I had to order some stuff), but I’d like to talk about DMZs a bit, and how they are a terrible and misleading concept.

Continue reading “DMZ Is a Four Letter Word”

The Internet Is More Mad Max Than Wild West Now

Quaint were the days when we viewed the internet as a ‘Wild West’. I’d take a sparsely populated area of frontier towns where you could travel in a stagecoach, with minimal risk of robbery, to what we have today. Remember ‘Tombstone’? That seems like a downright safe and friendly place to spend time compared to today’s internet, where we basically have to live in miniature fortresses and travel to other larger fortresses in armored convoys, all while under constant attack by a robot-augmented army of criminals.

I got to thinking about this because I’d like to set up a Minecraft server for my kids, but with the recent hack of Mariott, where 500 Million accounts were hacked, I’m reminded (again) that it’s just not safe out there. For context, 500 million is about as many Americans who have ever lived. It’s a little shy of 10% of the world population. Once you think about the scale of these breaches, it’s time to rethink what the internet is.

Continue reading “The Internet Is More Mad Max Than Wild West Now”

Next Project – Video Surveillance with Unifi Video

Now that I’m done with my WiFi project, and everyone is surfing happily (it seems), I’m ready for my next project. For years now I’ve had a basic video surveillance setup using old Panasonic Security Cameras (BL-VP104W) and one ultra sketchy Chinese camera. You know, one of those with extra backdoor admin accounts named 888888 that you can’t disable. I bought extras that I can’t sell on eBay at any price.

Seriously, dont buy these.
Seriously, don’t buy these.

So I want to upgrade to a better video solution. Fortunately, Ubiquiti offers a solution that is as cost-effective as its infrastructure.

Continue reading “Next Project – Video Surveillance with Unifi Video”