Just two people trying to do IT and Security the right way.
We’ve come up with a short list of things we should do for security. These are industry recommended solutions. They make it extremely hard for an attacker to get in. LINKS 1. Security Onion 2. Getting started with Elastic Stack 3. Sysmon 4. AppLocker FIND US ON 1. Twitter - DamienHull 2. YouTube...
Security in a lab is one thing. Security in the real world is something else. Time to start thinking of real world solutions. LINKS 1. Pay What You Can Training - List of Antisyphon training that includes John Strands classes. FIND US ON 1. Twitter - DamienHull 2. YouTube...
Do you know what devices are on your network? Do you have an accurate inventory? Discover what’s really connected to your network with Rumble.run. This is an awesome network discovery tool. LINKS 1. Rumble.run 2. Nmap - Nice but not as cool as Rumble FIND US ON 1. Twitter - DamienHull 2. YouTube...
Time for another round of security training. This time it’s John Strands Cyber Deception class. We’re also talking about job hunting Jason Blanchard style. LINKS 1. Active Defense & Cyber Deception w/ John Strand - Starts 1-24-22 2. Jason Blanchard: Twitter Account 3. Jason Blanchard: Twitch Account FIND US ON 1. Twitter - DamienHull 2. YouTube...
A proper explanation of our Fortinet firewall licensing. Goals, tasks, and lessons learned. LINKS 1. FortiGate 60F - We have two of these. 2. Overlay Controller VPN (OCVPN) FIND US ON 1. Twitter - DamienHull...
Time to get licenses for our Fortinet firewalls. They expire next month. We’re also planning for next year. LINKS 1. Free Python Class - Focused on network automation. 2. FortiGate 60F - We have two of these. FIND US ON 1. Twitter - DamienHull...
We’re talking Python classes, Wi-Fi issues, security training and more. We’re also beginning to plan for next year. Yup, the new year is right around the corner. LINKS 1. Free Python Class - I’m not ready for this class. Might go back to it when I’ve learned the basics. FIND US ON 1. Twitter - DamienHull...
What’s next for our lab? What should we focus on? What kinds of things can we add to it? FIND US ON 1. Twitter - DamienHull
It use to take us forever to build a lab. Lots of documentation, testing and planning has changed that. Big step in the right direction. FIND US ON 1. Twitter - DamienHull
We need to build a new network. One that includes a Firewall, Windows Domain Controller, Windows 10 and Windows 11 workstations. This will be our starting lab. One we can add to in the future. FIND US ON 1. Twitter - DamienHull
As the title says, we’re analyzing logs with Logwatch. Big step in the right direction. Started this back in episode 218. Couldn’t get email to work. It works! Not only does it work, but we can catch evil. LINKS 1. Logwatch 2. Postfix 3. How To Install and Configure Postfix on Ubuntu 20.04 4. Rsyslog TLS configuration : Ubuntu simple step-by-step FIND US ON 1. Twitter - DamienHull...
Found a new tool called Netbox. This tool was designed to document large data centers. We’re trying to use it to document our network. Lots of cool features and lots of moving parts to think about. LINKS 1. What is NetBox - FREE Network Documentation System? 2. i HATE network documentation....but NetBox might help // ft. Jeremy Cioara 3. Installing Netbox in 10 Minutes or Less FIND US ON 1. Twitter - DamienHull...
Time to analyze our cloud server logs. For that we’re going to use Logwatch. This will require the Postfix SMTP server for sending email. We also need the UFW firewall. Once again, lots of moving parts. LINKS 1. Logwatch 2. Postfix 3. How To Install and Configure Postfix on Ubuntu 20.04 FIND US ON 1. Twitter - DamienHull...
We’re talking Windows 11 and VMware Updates. Did an Install of Windows 11 in our VMware environment. This required a virtual TPM. Moved on to VMware updates. This included updates to ESXi and VCSA. Lots of moving parts to these projects. LINKS 1. Create a Virtual Machine with a Virtual Trusted Platform Module 2. Configuring and Managing vSphere Native Key Provider FIND US ON 1. Twitter - DamienHull...
We’re trying to get the most out of 365. That includes learning how to use apps like Teams, Planner, OneNote and more. There’s a lot of moving parts to this. Installing, configuring, training, standards and more. We’re still at the beginning stages of this process. We have a long way to go. FIND US ON 1. Twitter - DamienHull...
Time to plan for a new Wi-Fi Access Point. We’re replacing our old Asus Wi-Fi router with a Fortinet Access Point. What are the risks? How much downtime will there be? What’s our backout plan? FIND US ON 1. Twitter - DamienHull
Time to add another DNS server to the network. This could be considered a small project. It still has a lot of moving parts. What OS should we use? What hardware should we use? Can we manage another server? FIND US ON 1. Twitter - DamienHull
Dorothy want’s to speed up the installation of Windows Server 2019 in the lab. We’re looking into an automated install. We’re also looking at all the steps leading up to the install. How do we connect to our VMware server? How do we create a VM? How do we make everything faster? FIND US ON 1. Twitter - DamienHull...
Yes we can! We’re using Intune, Azure AD and Automox to manage two laptops. The same process we use for two could be applied to 1,000. Settings, applications and updates can all be pushed out with a few mouse clicks. FIND US ON 1. Twitter - DamienHull
I’ve had 3 job interviews this year. Here’s what I’ve learned so far. FIND US ON 1. Twitter - DamienHull
We’re focusing on basic Microsoft 365 security. We’re also reviewing our Microsoft 365 Business Premium Licensing. LINKS 1. m365maps.com 2. Basic Security Set Up for Microsoft 365 FIND US ON 1. Twitter - DamienHull...
Got a nice email from a listener who happens to be managing Microsoft 365. He made some interesting suggestions. This got me thinking about how we use 365. Ended up falling down the rabbit hole. We still have a lot to learn about Microsoft 365. LINKS 1. CBT Nuggets 2. Connect Azure Active Directory (Azure AD) data to Azure Sentinel FIND US ON 1. Twitter - DamienHull...
Time to review our IT management process. We have some work to do. FIND US ON 1. Twitter - DamienHull
The Cybersecurity & Infrastructure Security Agency has a mandate for the print spooler service vulnerability. This mandate includes step by step instructions for fixing the vulnerability. For people like us, this is awesome! LINKS 1. us-cert.cisa.gov - Their website. 2. Emergency Directive 21-04 FIND US ON 1. Twitter - DamienHull...
PrintNightmare and the out of band patch forced us to change. We needed to evaluate the way we handle out of band patches. Fortunately for us, this wasn’t a big deal. LINKS 1. CVE-2021-34527 - For those that want to dive a little deeper. 2. Sans Internet Storm Center Podcast - Episode that talks about PrintNightmare FIND US ON 1. Twitter - DamienHull...
Time to look for a new job and brush up on my skills. Following Jason Blanchard’s tips on job hunting. I’m also trying to improve my SIEM skills. A skill that I’ve seen a few job postings. LINKS 1. Jason Blanchard - Twitter 2. Jason Blanchard - Twitch 3. ELK - Free SIEM Solution 4. Install ELK on Ubuntu 20.04 Focal Fossa Linux - The instructions I followed to setup ELK FIND US ON 1. Twitter - DamienHull...
A couple episodes ago, we got to interview John Strand of Black Hills Information Security. He gave us a lot of really good information. In our last episode, we talked about the technical half of the interview. In this episode, we’re looking at the training he recommended. LINKS 1. Training Trail - Organized list of training from Johns training company Antisyphon Training 2. Antisyphon Training Courses - This is where Johns training lives 3. Hack The Box 4. Holiday Hack Challenge 2020 - No Answe...
In our last episode, we interviewed John Strand of Black Hills Information Security. Now it’s time to analyze what he said. For this episode, we’re looking at the technical side of the interview. We’re saving the training portion for another episode. LINKS 1. The Essential 8 from Australia 2. DeepBlueCLI 3. Sysmon 4. Elastic Stack - ELK 5. Security Onion 6. LogonTracer 7. sigma 8. JPCERT Tools 9. JPCERT: Tool Analysis Results Sheet FIND US ON 1. Facebook 2. Twitter - DamienHull...
Yes, we got to Interview John Strand from Black Hills Information Security. He was kind enough to donate his time. We covered first steps to improving security, best practice, tools and training. Links to some of thing things John mentioned. 1. LogonTracer 2. sigma 3. JPCERT Tools 4. JPCERT: Tool Analysis Results Sheet FIND US ON 1. Facebook 2. Twitter - DamienHull...
We’re looking into version 8 of the Critical Security Controls. LINKS 1. The 18 CIS Controls 2. SANS: CIS Controls v8 FIND US ON 1. Facebook 2. Twitter - DamienHull...
