Skip to content

The personal website of Phil MassynΒΆ

Multi Router Traffic Grapher

MRTG - an age-old graphing tool used by network administrators all over the world. But it's not just for networking systems. I've used it to monitor various things. In this how-to, I'll walk you through how you can create a simple MRTG system to track pretty much anything.

Strange password policies

We all have passwords, and the volume of passwords we need to manage is not slowing down. Most of the sites we interact with have some sort of a password policy that forces you to go through a process of trying to create them. I have written about this before.

Threat Modeling

Threat modeling is a process used by developers and engineers to understand the threats that exist that may exploit a weakness or vulnerability in a software application or platform.

Security in a Development environment

As a security professional, you would most often be dealing with teams that are directly responsible for the security of a system. In many cases, developers will have the ability to make or break the security of their particular solutions, and in many situations, too much frustration for the security team. I have observed firsthand how adversarial the relationship between security and developers can be. It doesn't have to be that way.

Hosting a website on Lambda Function URL

In the past, I did a lot of Perl programming and a lot of CGI code that still run on various websites around the world today. When I migrated my knowledge across to AWS and serverless infrastructure, I found myself having to develop code in a similar structure to what I did previously in Perl and PHP.

With this article, the goal is to demonstrate how you could dynamically generate HTML in a Lambda function, and use Lambda as a make-shift web server for some simple applications using Python.

Optus breach of 2022

Optus, one of the largest telcos in Australia has suffered a major security breach, losing the sensitive information of close to 10 million Australians. A lot has been said already on the topic. I wanted to focus on the psychology behind a breach.

The Uber Hack of 2022

It's been a wild year for Uber which has suffered through another security breach. The reactions to the hack have been mixed, and I've been contemplating how to respond. Here's my take...

Resilient Software Design

When you operate a large fleet of servers, patching your operating system and other software components is a necessary task to prevent malware and external threat actors from taking control of your system. In a number of cases, I've heard clients use the words: "I can't patch my system because it might cause an outage." Let's unpack this disturbing statement.