The following is a list of additional technical writings & tutorials that I've done in the past when I was a practionier of security engineering and incident response. Many of these are linked to the Wayback Machine from other websites I formerly ran. At some point, I will add them all here.

​

Build a dynamically linked Docker [html] 
NET_DROP_MONITOR: Monitoring packet loss in the Linux kernel [html] 
Nagios and DNS Resiliency with Unbound [html] 
Log Storage and Analysis Infrastructure: Reliable Logging and Analysis with Rsyslog and RELP [html] 
Mausezahn: As a Protocol-Aware Packet Crafting Server [html] 
Creating a Personal Privoxy/Tor/Proxy EC2 Instance [html] 
CHECK_NRPE: ERROR - Could Not Complete SSL Handshake [html] 
SecurityOnion - Connecting to Sguild [html] 
Nagios Configuration Tips and Tricks: Shell Edition [html] 
SecurityOnion - Moving the MySQL databases [html] 
Tuning Snort Rulesets with Bro Data [html] 
Nagios Deployment Automation Tips and Tricks [html] 
Automate Patch E-mails with Git Hooks [html] 
Working with Bro Logs: Queries by Example [html] 
Creating a Minimal Bro Cluster [html] 
NSM Sensor Perspectives - Examples of a Topology Map [html] 
Snorby's Asset Manager - Convert and Upload /etc/hosts [html] 
Packet Loss Under Light Load: Invalid Packets or Line Noise? [html]
OSX Live Memory Forensics with Volatility and MacMemoryze [html] 
The Trafgen Expression Language [html] 
ARGUS - Detecting Protocols on Non-Standard Ports with Flows [html] 
Netsniff-NG (Ubuntu Community & Fedora Wiki) [html, html] 
Extract an Attachment from a Phishing E-mail (eml) w/ base64 and sed [html] 
Reading Multiple PCAPs - Header Dissection and a Little Cmd-Fu [html] 
Extracting SSIDs from PCAPs - Multiple Methods [html] 
TCPTrack - Simple TCP Connection Monitor [html] 
Hack3rcon^3, The XRG - CTF Challenge #4 Solution - Decrypt PCAP (WEP), Extract file [html] 
Case Study #1: Using Traffic Analysis to Investigate an IDS Alert [html] 
The Pig Doktah - A Snort Performance Metric Tool [html] 
Hack3rcon^3, The XRG - CTF Challenge #1 Solution - Analyze PCAP [html] 
tcpdstat - a statistical data program and a compilation fix [html] 
Query Interface Bandwidth via SNMP on Cisco Routers [html] 
httpry - HTTP logging and information retrieval tool [html] 
Mining networks for PII with ngrep [html] 
PassiveDNS - Logging DNS requests [html] 
APR (ARP Poison Routing) Detection [html] 
Configuring a Network Monitoring System (Sensor) Ubuntu Server 12.04 ( Part 1. Interface Configuration ) [html] 
netsniff-ng - a high performant packet sniffer [html] 
tcpick - tcp stream sniffer and connection tracker [html] 
tcpflow - a tcp/ip session reassembler [html] 
iftop - finding traffic hogs [html] 
tcpstat - Network Statistics [html] 
Speedometer - A Graphic Network Throughput Tool [html] 
Snort - Offline Analysis [html] 
Interface down? - Alerts with ifpps [html] 
ifpps - top-like network statistic tool [html] 
Automated backups of a SonicWall NSA (or other device) w/ Expect [html] 
Nipper - Firewall & Router Configuration Parser [html] 
OSX Server - Automated backups of Open Directory [html] 
OSX - Remote Logging /Library/Logs [html] 
Introduction to Auditing on AIX [html] 
OSX Keychain - Administration and Psuedo SSO [html] 
Keeping Up With News: An Efficient Approach [html] 
Finding Malware by DNS Cache Snooping or by Comparing BRO and PassiveDNS logs [html] 
Creating an Anonymization Gateway (Middlebox) with Tor and OpenBSD 4.9 [html] 
Creating a Hidden Management Network with IP Aliasing using Linux, FreeBSD, and OSX [html] 
Log Query Examples w/ Splunk: [html] 
Bash Defensive Measures - Shell History & Logging [html] 
Nmap & Ndiff: Detecting Compromised Hosts [html] 
OSX 10.5-10.7 - Basic Security Settings [html] 
SonicWall NSA - Log Reviews with grep [html] 
Understanding Passwords Part 1: Theory, Hashing, and Salting [txt] 
Understanding Passwords Part 2: Attacks by Example [txt] 
IP Options: RR, SSRR, LSRR [txt] 
Notes on Network Scanning [txt]