IT Managed Services Provider Resource Recommendation Update on 2022-11-29

Training Resource

BGP4All Workshop is a free resource for those who wish to learn the intricacies of working with BGP routing. It’s based on a discontinued program once offered by Cisco that was fortunately adopted by industry volunteers who keep it current for use in Network Operations Group workshops and at other global meetings.

Blog

TechDirectArchive features a wealth of tips, how-to guides and product reviews on system and network administration, DevOps and cloud computing on Windows, Linux and macOS. You’ll find lots of clearly explained articles on various Microsoft products, automation and other topics that can help make a sysadmin’s life easier.

Windows OS Hub is a blog loaded with posts on Microsoft tech as well as other topics of interest to Windows system administrators. This rather large knowledge base is searchable and sorted into categories, so you can find any explanation or tutorial in the collection that may help solve your latest tech challenge.

Podcast

The Homelab Show features respected tech experts Tom Lawrence and Jay LaCroix, digging into an assortment of fascinating homelab projects. The perspective of exploration ranges from an introduction all the way through to a detailed how-to, and each discussion is conducted with both the novice and the experienced listener in mind.

Open Source Security focuses on whatever topics are hot in security, as well as a broad range of areas including IoT, application and operational security, cloud and devops. Hosts Kurt Seifried and Josh Bressers bring a unique open-source spin to each conversation, “they touch regularly on Sysadmin-like topics, definitely worth a listen…”

Free Tool

Learn and Test DMARC is a console that allows you to see the communication between email servers. It’s a great way to understand what SPF, DKIM and DMARC are actually doing behind the scenes. Simply send an email to the provided address to begin testing your DMARC setup. Suggests it’s “worth a bookmark to test your own DMARC policy.”

Metasploit Framework is a widely used, modular penetration testing platform that can help you stay a step ahead of attackers. Allows you to write, test and execute exploit code using a suite of tools that enable you to test security vulnerabilities, enumerate networks, execute attacks and evade detection.

Goss is a YAML-based tool for validating server configuration that allows the user to generate tests from within the current system state. Once written, tests can be executed, awaited or served as a health endpoint. Explains, “We wanted to use a ‘different tool’ to verify the outcomes of our Ansible run… we use [Goss] on all of our servers to validate they are working as expected. Think of it as a sanity check after changes.… By building this into all of our processes it gives us a great deal of confidence that changes we do on the instance have not impacted the critical services that the instance provides. Tool is: small, simple, useful, powerful. Love it.”

Kismet is a wireless network and device detector, sniffer and WIDS framework that works with Wi-Fi, Bluetooth and some specialized capture hardware. The tool is compatible with most hardware and Bluetooth interfaces on Linux; built-in Wi-Fi interfaces on OSX; and remote captures on Windows 10 under the WSL framework. Explains, “If you need open source, I can highly recommend kismet.”

Helm is a tool for managing pre-configured “Charts” of Kubernetes resources. Provides an easy way to find and use popular software to run in Kubernetes or to share your own Kubernetes applications, create reproducible builds and intelligently manage manifest files.

ntfy allows you to send notifications from any computer to phone or desktop via scripts. It’s a simple, open-source HTTP-based pub-sub notification service with no signup or setup required. Explains: “It allows you to listen for notifications sent to ‘https://ntfy.sh/super-secret-whatever’ and have the notifications appear in your phone app or desktop notifications. You can self-host also. Many examples of usage are provided on their pages.”

yamllint, as the name suggests, is a linter for YAML files. It checks syntax validity, as well as looking for more-complex errors like key repetition and cosmetic problems such as line length, trailing spaces, indentation etc.

Tera Term is an open-source tool that uses software to emulate different types of computer terminals, from DEC VT100 to DEC VT382. Supports telnet, SSH 1 & 2 and serial port connections plus has a built-in macro scripting language that supports Oniguruma regular expressions as well as a some nice plugins.

wavemon is a Linux wireless-network monitoring tool for watching signal and noise levels, packet statistics, device configuration and network parameters. The ncurses-based application is designed to work with all devices supported by the Linux kernel.

croc is a simple, secure way for any two computers to connect and transfer files and folders. This cross-platform CLI tool enables data transfer using a relay, with end-to-end encryption and ipv6-first with ipv4 fallback. Allows multiple file transfers, resuming transfers that are interrupted, ability to use a proxy like tor, and no need for local server or port forwarding. I lists it as a favorite for “CLI peer-to-peer file transfer.”

ClipX is a simple program that supercharges your standard 1-item Windows clipboard so it can hold up to 1024 items, including text snippets, urls and bitmap images. The full list of copied elements is easily accessible from the system tray.

Boto3 is the AWS-maintained Software Development Kit for Python that allows Python developers to write their own software to leverage AWS. Makes it easy to integrate Python applications, libraries or scripts with Amazon services like S3, EC2 and DynamoDB. I considers it “indispensable.”

Scanner is a tool that employs a sunburst chart to graphically represent your hard disk usage. Allows you to see a representation of all major files and folders from all directory levels at a glance. I recommends it “for individual server stuff… tiny, fast, free way to see what’s taking up disk.”

Log Parser Studio is a front-end GUI for Log Parser and a convenient ‘Query Library.’ Allows you to easily store, edit and search both libraries and queries in different formats and import/export all your favorite queries and scripts.

Multicast Hammer is a troubleshooting tool for multicast issues that can simulate multicast traffic and show the raw traffic on your network. Explains, “Not open source, but it is 100% free … I have crashed networks with it. Very powerful. You will need at minimum two windows laptops. You install it on both laptops, one as a sender and the second as a receiver. Works better if you can setup several receivers. You can really hammer a network.”

PortQryUI is an alternative user interface for the PortQry Command Line Port Scanner that allows you to figure out if a machine can connect to a port or range of ports on a specified server. Appreciates that it “lets you quickly test if a TCP/UDP port is open/closed/firewalled from a windows PC.”

Tutorial

The Ultimate SPF/DKIM/DMARC Best Practices 2022 walks you through the implementation of the latest recommendations to reduce spoofing and phishing, improve your organization’s reputation and enhance email deliverability. Explains, “After a lot of sleepless nights carefully reading every related RFC and best practice, I’ve written a concise blog with the latest best practices on the subject of outbound email security (SPF, DKIM and DMARC).”

Cheatsheet

Exim Cheatsheet is a nicely organized, text-based list of useful Exim commands, all kindly compiled and shared by DevOps Engineer Brad “the Mad.” I likes to keep it handy “because I can never remember the commands in Exim.”

Career Resource

Jobs from Larry is a site that scrapes Twitter for all the jobs posted during the past 48 hours, then filters by location, remote/local and various technical categories. Explains, “it’s pretty gnarly, and as it seems to be geared more towards the IT crowd, I thought I’d share it as a job resource for anyone looking at a career transition for whatever reason.”

Quote

While we’re on the topic of careers, shares a memorable nugget of advice from the novel Shibumi:

“You can gain experience, if you are careful to avoid empty redundancy. Do not fall into the error of the artisan who boasts of twenty years experience in craft while in fact he has had only one year of experience–twenty times. And never resent the advantage of experience your elders have. Recall that they have paid for this experience in the coin of life, and have emptied a purse that cannot be refilled.”