Blog
Thoughts on engineering, design, and building great products.
TLS/SSL: Encryption and Certificates
A deep dive into the 'S' in HTTPS: how TLS handshakes and encrypts, what a certificate contains, and how the chain of trust from a server certificate up to a root CA lets the browser trust a website. Observed live with openssl.
Firewalls and Network Security
Controlling who can connect to which port: a firewall filters traffic by IP, port, and direction. Understand the default-deny principle, stateful firewalls, iptables/nftables on Linux, ufw, and cloud security groups.
Load Balancers and Reverse Proxies
One server can't carry all the traffic. A load balancer spreads load across many servers; a reverse proxy sits in front to shield and route. Understand L4 vs L7, load-balancing algorithms, health checks, and TLS termination.
Network Diagnostic Tools
A practical network-troubleshooting toolkit and workflow: ping, traceroute, dig, ss/netstat, nc, curl, openssl, tcpdump — each inspects one layer. And how to use them in sequence to pinpoint a 'can't connect' problem.
Tracing a Request End to End
The final article: putting everything together to trace a complete https:// request — from DNS resolution, routing, the TCP handshake, TLS encryption, to HTTP and the response — with real per-phase timing. Plus a series wrap-up.
Cron and Scheduled Tasks
Have commands and scripts run on a schedule — nightly backups, weekly log cleanup. Learn crontab syntax, the common pitfalls (PATH, environment), at for one-off jobs, and a wrap-up of the whole Linux series.
Shell Scripting: Automating with Bash
Combine commands into scripts so you don't retype them and can automate your work. Learn the shebang, variables, parameters, conditionals, loops, functions, exit codes, and safe-scripting habits like set -euo pipefail.