Miscellany
Here you’ll find various projects and custom-designed solutions I’ve developed within the IT field. I’ve selected those I consider particularly useful because they were solved with a cost-saving approach, investing only the minimum necessary time in research and testing.
Traffic redirection for compliance
To overcome a series of security scans, it was necessary to redirect traffic from clients requiring a service hosted on Google Firebase, as there was no specific protection against hacking attacks. The process, whose solution is presented with the anonymized diagram above, consisted of:
- Deploying IPS and IDS filters in the corporate firewall clusters.
- Reserving a public IP address on these firewalls.
- Deploying a load balancer to receive specific service requests.
- Adding security layers to the load balancer with HTTPS (certified through AWS Certification Service) and DDoS protection.
- Redirecting all traffic to a WAF module.
- All traffic that passed the previous filters was redirected to Firebase.
- Deploying a WAF system with the basic protection filters published by OWASP.
- Finally, editing the service’s public DNS (in different stages, first creating test records with simulated requests).
To verify the work, free websites such as Qualys’ SSLTest and Cloudflare were used. In fact, all the software used to deploy the solution in this case was free.
SIEM Deployment
Also within the framework of a security certification, with the goal of cost savings, I implemented a custom SIEM by preparing scripts that centralized the daily system logs (filtered to export security records) and performed three tasks with them:
- They displayed daily reports on a corporate website deployed with Grafana and iFluxDB.
- These reports were sent by email.
- In the case of critical alerts, a monitoring system based on Nagios was fed.