Chiwai Chan's Blog

These words are my own

Security

Maintain a Prefix List of EC2 Private IP Addresses using EventBridge

AWS VPC customer-managed prefix list is a great feature to have in a tool box as it provides the ability to track and maintain a list of CIDR block values, that can be referenced by other AWS Networking component’s in their rules and tables. Each Prefix List supports either IPv4 or IPv6 based addresses, and […]

Work-around for cross-account Transit Gateway Security Group Reference

Have you ever tried to create a Security Group with a Source or Destination rule that references another Security Group? how about referencing a Security Group from another AWS account to allow ingress network traffic over a Transit Gateway architecture? if this question peaked your interest then you should keep reading. In this blog we […]

Breaking Down Monolithic Subnets

As my knowledge and experience of Cloud networking grew from designing network architectures over time and also more of lately from reviewing client network architectures, I’ve come to realise and appreciate the need to designing a proper network architecture that includes the long-term considerations, as early as possible – especially before a projects begins and […]

Swiss Cheese Network Security: Factorising Security Group Rules into NACLs and Security Group Rules

Introduction Lately I’ve been doing some networking configuration reviews for some of the projects I’ve been put on; to balance out the #crazycatlady blogs I’ll be blogging about some network patterns and components that don’t often get much attention or get used at all in the pipeline of blogs. Today I’ll be talking about Network […]

Hack The Box

Last week, I finally sat down to create an account on Hack The Box. It was no simple task even for someone that has not been technically active for the last year. The aim of learning how to hack on HTB is to provide me with a better understanding of the techniques used by hackers, […]

Scroll to top