DNS, TLS, ports, headers. Short, practical, fix-oriented. No filler.
Run a systematic network security audit: device inventory, open-port review, DNS and certificate checks, firewall cleanup, and findings that get fixed.
Changed a DNS record and it's not showing everywhere? Check DNS propagation across resolvers, understand TTL, and know when waiting is the right answer.
Find any domain's expiry date with WHOIS or RDAP, understand registry vs registrar dates and grace periods, and set up alerts so a renewal never slips.
Build network documentation people actually use - IPAM, topology diagrams with consistent conventions, and a living-document process that survives change.
Trace failing API calls layer by layer (DNS, TCP, TLS, then HTTP) and fix the real causes: timeouts, rate limits, certificates, and proxies.
Users land on the wrong site despite typing the right URL? Baseline DNS responses, cross-check resolvers, and catch DNS hijacking before it spreads.
A step-by-step elimination workflow for slow internet. Isolate device, Wi-Fi, router, ISP, or the remote site, with the exact tests for each layer.
A systematic DNS → TCP → TLS → HTTP method for finding out why a website is down, with the exact dig and curl commands for each layer.
Encoding, hashing, and encryption solve three different problems. Learn which one your sensitive data needs, and why Base64 alone protects nothing.
Resolve any domain to its IPv4 and IPv6 addresses with dig or a DNS lookup tool, make sense of CDN and load-balanced results, and verify connectivity.
A device you don't recognise just joined your network. Use ARP tables, DHCP leases, and MAC OUI lookup to identify it, and handle the ones you can't.
Set up a MAC allowlist on your router or switch, work around MAC randomization on modern phones, and understand what filtering actually protects against.
Use WHOIS and RDAP to find who owns a domain, understand what GDPR redaction actually hides, and reach owners behind privacy protection.
Build a network device inventory that stays accurate. Scan subnets, capture MAC and vendor data, reconcile DHCP leases, and review on a schedule.
Cut latency to cloud services by measuring real round-trip times, picking the right region, fixing DNS resolution, and choosing better egress paths.
Slow DNS lookups add latency to every connection. Measure resolution times, pick faster resolvers, tune TTLs, and cut lookup counts to speed up loads.
Design an IP addressing plan that survives growth. RFC 1918 range selection, CIDR sizing, VLAN-aligned subnets, reservations, and documentation.
Practical home network security for remote work: router hardening, WPA3, guest network isolation, port exposure checks, and spotting unknown devices.
Measure round-trip time, jitter, and packet loss with ping, mtr, and traceroute. Learn what good latency looks like and why bandwidth tests won't tell you.
Verify a webhook endpoint is reachable, returns the right status codes, and validates signatures correctly, with curl commands for every step.
Geolocate any IP address, learn what the data really tells you (country yes, street address never), and apply it to log forensics and abuse reports.
Stale content, missed caches, one broken PoP. A practical workflow for debugging CDN problems with cache headers, DNS checks, and origin comparison.
Websites won't load but your internet is fine? Diagnose DNS resolution failures with dig and nslookup, flush stale caches, and fix resolver settings.
Mail not landing? Work through MX records, SPF, DKIM and DMARC TXT records, blocklists, and port 25/587 reachability to find where delivery breaks.
VPN won't connect or keeps dropping? Diagnose handshake failures, blocked UDP ports, MTU problems, DNS leaks, and split-tunnel routing step by step.
Create, list, pause, and delete monitors over REST. Authentication with API keys, request examples with curl, and webhook signature verification.
Prove a file arrived unmodified. Generate and compare checksums, pick between MD5 and SHA-256 correctly, and verify downloads and transfers.
Check a certificate chain end to end (expiry, SAN coverage, chain completeness, weak protocols) and set up monitoring before it bites you.
A DNS record changed. Was it you, a colleague, or an attacker? Set up a DNS drift monitor and learn which record types are worth watching.
Stop learning about expired TLS certs from support tickets. Set up SSL expiry monitoring in 30 seconds with the right thresholds and alerts.
Compute network address, broadcast, host range, mask, and wildcard from any IPv4 CIDR, without counting bits. Plus the math behind it.
Verify which TCP ports are reachable on a server from outside, step by step, and what open, closed, and filtered actually mean.
Encode text to Base64 and decode any Base64 string back, in seconds. Plus URL-safe Base64, padding rules, and the common gotchas.
Resolve any hostname to its A, AAAA, MX, TXT, CNAME, NS, or SOA records, step by step, with the tools you actually need and how to read the answers.
Inspect the chain, issuer, expiry, and SAN list of any TLS certificate, without reaching for openssl. The step-by-step SSL checker workflow.
