About Fjordtek

Last updated: January 28, 2022

Fjordtek is a technology site concerning various topics such as security practices, computer networks, cloud solutions and virtualization.

The website is in constant development, and will evolve in time.

About the writer

Hi!

I am Pekka Helenius, a finnish IT professional and a land surveying engineer.

Information technology has always been more or less in my life. Since 2011, my daily drive has mostly been both Linux distributions and Windows both in desktop & server environments. From 1995 to 2011 I mostly used, configured and troubleshooted Windows environments.

I learn new things fast, and that combined with technical knowledge, curiosity and seeing a potential in various technical solutions has kept me motivated in new technology.

In the far, far past

Between 2003-2008, I developed a game mod project C&C Generals: Situation Zero on my own - and with a lately gathered international team in 2007-2008. The project taught me a lot about soft skills such as project management (in good and in bad; lessons learned) and hard skills such as programming, 3D modelling & rendering techniques, photoshopping & video editing.

I have also modded assets for Trackmania racing game and for various other games in the past.

Situation Zero was an international community mod project, led & found by me in 2003-2008. I have published some mod assets on GitHub.

IT - Skills & Experience

Git projects & community

Most of my public open source projects are available on GitHub/Fincer. I host some projects on my private Git website.

Occasionally, I contribute to various GitHub project issues I find interesting. I have also contributed & opened bug reports on various open-source bug trackers, such as Wine & KDE Bugzillas. I have also troubleshooted many Linux issues for my friends.

Programming

I have knowledge of programming in high-level languages such as Java, Python, JavaScript. I have basic understanding of some low-level languages such as Rust, C and C++. HTML and CSS are quite obvious markup languages to know about.

I have self-developed website HikinGrounds.com which uses Java in its backend.

Coding, coding…

I write Unix shell scripts, Python scripts and PowerShell scripts for automation purposes. Occasionally, I do small-scale patching for open source programs for various reasons, such as better integration. As coding is always learning, I find it essential to improve my present coding skills if required by any need.

More coding…

I learn new programming languages which I do not see difficult in general. The difficulty comes with implementing a working logic, testing it, and scaling up the code base without writing spaghetti code (code management). And in a team work, communication skills are also essential. Programming can involve complex mathematics which comes with its own logic and difficulties depending on project goals.

Databases

I have designed MySQL databases - from planning to deployment and Java integration. I host several SQL servers for development and production use. I have used MSSQL in Microsoft SQL server environment, as well. I have written both simple and complex SQL queries for various purposes.

SQL queries for a database I designed and integrated with a self-developed Java back-end.

Linux

My Linux adventure began with Ubuntu 10.04 LTS based EasyPeasy which I used on my notebook in early 2011. Since then Linux has been my daily drive.

My current Linux distributions are Arch Linux, and CentOS + Arch Linux on my headless servers. In the past, I used Debian-based Ubuntu distributions but decided to switch mostly to Arch Linux to gain more flexibility for system & software configuration. I have set up and used Gentoo, as well, but I decided to keep it in background since find it too time-consuming to administrate in my daily life.

I use virtual machines, virtual networks and other virtualization techniques in my computer environment. I use both Oracle VirtualBox and QEMU + libvirt.

I have configured Apache CloudStack to be used remotely on authenticated client machines as seen below.

Creating a VM instance on a self-hosted Apache CloudStack.

I have basic understanding of Linux namespaces, such as deploying various network namespaces isolation and using systemd-nspawn. I am currently self-studying Kubernetes since I see it is essential in most (public) cloud environments such as in AWS, MS Azure and GCP.

I have got touch with central server management systems (SaltStack), yet I am not yet familiar with StackStorm, Ansible, Chef or Puppet.

Overview of my basic personal computer tool set.

Windows

Like anyone, I have done troubleshooting, deployment and malware removal purposes. I have experience of writing PowerShell scripts & modules and I have got touch with Windows Active Directory administration (GP management, AD management, DNS & DHCP etc.). As I was tasked to set up a basic Windows AD lab environment and system + user policies (GPO), I decided to do it with coding.

Automating AD deployment with PowerShell (left), and centralized Linux computer management with SaltStack (right).

Android

Current mobile phone

Model: Samsung S5 Neo (SM-G903F; s5neolte), since 2016
OS: Self-compiled & modified Lineage OS 18.1, Android 11, Linux kernel 3.10.108
Rooted: yes
GAPPS: no

I have modified Android phones since 2011, mostly for security and bloatware removal. I have rooted several Android phones, modified boot & system images, extracted & modified APKs and experiment with Xposed framework. I have workflow for analyzing processes & network traffic of an Android phone from a Linux computer.

As with any very personal device, I take a critical look of phone's security aspects: I usually analyze what kind of software components I install and for what purpose, and I use XPrivacy along with other privacy tools to strictly administrate software permissions. I prefer F-Droid or direct open source repositories for my mobile phone applications.

Security

Penetration testing, auditing systems, firewall rulesets (iptables), network segmentation, IPS software, authentication, mandatory access control, server certificates and programming security in mind are familiar matters to me.

I also administrate OpenLDAP & Kerberos environments.

Creating a backdoor connection. Attack host: Kali Linux VM on a laptop. Target host: Raspberry Pi, connected to a different network segment via a physical DD-WRT router. The picture shows basic network data flow and various firewall configurations for different network segments and devices.

In critical environments, I usually evaluate default software configuration and consider security aspects. If necessary, I re-compile and patch software codebase for individual environments. In complex or multipart server software, I see it mandatory to read official documentation carefully, carry out and test configuration which meets commonly agreed security policy requirements - not forgetting the continuous auditing and testing cycles.

Infected GZDoom Windows executable with a successful backdoor connection established. You don't want this to happen to you while playing Doom with friends.

Networks

I have several physical routers & switches along with multiple VLAN & DMZ configurations. I have done virtualized network planning with real router/switch firmwares & VM clients.

Personally, I have a HP Procurve 2650 switch on my Homelab but I have also used Cisco IOS. I have achieved certificates of Cisco Academy courses CCNA R&S: Routing and Switching Essentials and CCNA R&S: Introduction to Networks. However, because these courses are quite basic, I have got more into network virtualization, cloud and security on my own.

I have configured DD-WRT/OpenWRT-based routers on my home network. I did my first DD-WRT installation in 2010. I currently have 15 virtual networks with various firewall rules and server configurations for various purposes on my personal Arch Linux laptop.

Some of my personal networking devices.

Cloud environments

Most of my current cloud experience is gained on Microsoft Azure where I have scripted runbooks and basic automation, set up VPN connections and private networks with NSG rules applied.

Earlier career path - land surveying

Before my current IT career, I studied land surveying and worked as land surveying engineer. Although IT has been my main focus in recent years, I still have good friends in land surveying. In my upper secondary school studies in 2005-2008, I was interested in geography, math & visualization techniques.

My key interests in land surveying were combination of team field work and analytical touch in the form of coordinate calculation & transformations, GIS technologies and 3D modeling based on laser scanning data. I also liked the fact that land surveying combined technological knowledge with practicality. Ability to work in teams and with clients are essential requirements in the field.

I with a total station, basic modern land surveying measurement instrument.

Most land surveying techniques are heavily based on raw mathematics and physics. Land surveying has its own terminology and methods. Land surveying has history of thousands of years, unlike current IT, which has evolved in recent decades. In their hard core, the fields are vastly different. However, IT is heavily used on current land surveying, beginning from 1970-1980 with the first total stations and GNSS technology. Currently, IT is heavily used in geoinformatical analysis and in high-level development tasks such as improving existing land surveying instruments and technology-based practices.

Why did I decide to jump from land surveying to pure IT field?

I self-studied IT in my land surveying years. Self-studying IT was not a burden to me, it was more like a passion that still keeps me going. What is a bit suprising, I still have a land surveyor friend who uses Arch & Gentoo Linux for audio production.

Learning and understanding complex technological topics is mandatory in IT field. You need to have a passion for it. In land surveying, you can do complex geospatial calculations, Helmert tranformations, modeling 3D laser scanning data and societally important data analytics based on GIS & other available data. However, many generic land surveying job includes being a surveyor in a client's construction site or working as a town official or surveyor in public sector. Land surveying techniques are used in archeology, too.

Both IT and geography has interested me during my whole life. Although land surveying is interesting in its own way and there are some possibilities in the field, I felt I personally hit the wall. To be honest, I see way more interesting possibilities and public demand in IT field. I have not lost my interest in land surveying but I see the future involves more and more advanced technologies where IT plays a major role and where the actual development work happens and potential may evolve - and not just in the scope of land surveying but many other fields included.

Thesis works

Business Information Technology

My business Information Technology thesis work, freely translated as Management of a Windows domain with a virtualized Linux-based domain controller, written in Finnish:

Business Information Technology thesis work (Finnish)

Land Surveying

My land surveying thesis work, Modelling of point cloud data in hydrographic data processing workflow, written in Finnish (abstract in English, too):

Land surveying thesis work (Finnish)

Passions

Everyone of us have other than professional matters in life, too. Me? I love astro & landscape photography. And since we talk about digital photography, I have developed a small set of Linux camera tools for that workflow, too. I like outdoor adventures, and also enjoy small & simple things in life with people.

Check also out my photo gallery.

Who says it is only IT that gets me in the mood? Take another look! I also love cool outdoor adventures in interesting places, whenever possible - with nice a company (friends and strangers), photography and experiences.

Contact me

Get in touch with me via email pekka.helenius@fjordtek.com, via GitHub or via LinkedIn. You find additional ways to contact me in the website contact section below.