AWS Monitoring with IFTTT

AWS Monitoring with IFTTT

Performance monitoring is two-fold. There is proactive performance monitoring and reactive investigation. The majority of my posts and case studies reflect the latter. This post is more related to the former. Services on premise typically rely on SLAs, NetFlow, scripts, synthetic transactions and more to provide monitoring and alerting. While some of this is possible in the cloud to keep track of specific pieces, you first need a good foundation by knowing if the underlying technology by your cloud provider is operating as expected. In this example, I will walk through setting up an alert to monitor individual Amazon Web Services and send a notification using an IFTTT applet. Create the Applet Before creating an applet/recipe, you might want to see if one is already available with the functionality you need in IFTTT's discover section. If one isn't available, you can create one following their instructions here. I will skip the step by step that they provided, and demonstrate how you might...
Read More

Using Fiddler to Fix Issues

I've helped many users who say Fiddler has "fixed" their issue. Unfortunately, this is a bit deceptive. Fiddler is an excellent debugging tool for web apps, but it does not permanently resolve problems. What it does do is act as a proxy with its own connection settings. This allows it to act as a "man in the middle" and even decrypt the traffic to provide better more insight into application behavior. Sometimes, this is just enough to correct the underlying problem and give the illusion that all is well. This can be very frustrating when trying to find and debug the problem! I have personally seen Fiddler "help" with the following: Proxy issues TLS versioning SSL cert problems Telerik themselves have a great post on this here outlining the technical details and corrective actions. If you do any sort of debugging with Fiddler it's worth a read. Side Note: If you help end users, but...
Read More

Packet Threat Analysis

Everyone needs to do some housekeeping at different points, and I figured it was time I did some a basic security sweep of my setup. To get started, I performed a quick packet capture on the very server that hosts this blog. I decided to give one of CloudShark's newer and more distinct features a spin with my recently created account; their Threat Assessment tool. I thought it would be interesting to pit this against PacketTotal as well. These are both great tools with similar, but also different purposes. At the time, I had SSH and web ports open along with a few other unused ports for various common services. The only true security measure in place was a few basic iptables rules. CloudShark What I Liked: Up front, quick severity level rating dashboard Brief descriptions of issues which helps puts everything in laymen's terms World map view Privacy settings External references to source data and additional information Ability to view the...
Read More