Curean Niculai

Paris, France

I build and operate Internet infrastructure.

I spend most of my time close to the stack: Linux hosts, Proxmox, routing, packet filtering, DDoS problems and the small tools that make this kind of work less painful to run.

View selected work Contact me
niculai@infrastructure:~

$ whoami

Curean Niculai
Systems administrator, network engineer and programmer

$ focus --current

  • Linux and Proxmox infrastructure
  • Routing and network operations
  • BPF/XDP and DDoS mitigation
  • Automation and internal tooling

$ status

Available for relevant technical conversations

Selected work

A few things I have built, fixed or tested in production-like conditions.

All work
Application security2023

Real-browser bot defense with a WAF

Behavioral and request-level controls for automated browsers that imitate normal visitors and evade basic bot signatures.

  • WAF
  • Bot management
  • HTTP
  • Rate limiting
  • CAPTCHA
Read in full

What I work on

I like work where the details actually matter.

Most of the projects here came from practical constraints: a host taking bad traffic, a tunnel behaving strangely because of MTU, a Proxmox workflow that needed to be repeatable, or a panel that had to pull useful state out of an existing game-server database.

I try to write these pages the way I would explain the work to another technical person: what the issue was, what I changed, and where the limits were.

Technology watch

BGP hijacking and route security

How false route announcements can redirect Internet traffic, and how IRR data and RPKI help network operators reduce the risk.

Read the article

From the archive

Website update, ILShield and Romania plans

A quick website update, plus what I am currently doing with ILShield and my longer-term plans in Romania.

Read the post