You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
177 lines
10 KiB
HTML
177 lines
10 KiB
HTML
<!DOCTYPE html>
|
|
<html lang=""><link rel="stylesheet" href="../../css/style.css" type="text/css" media="all" />
|
|
|
|
<meta property="og:locale" content="en_US">
|
|
<meta property="og:type" content="article">
|
|
<meta property="og:title" content="Weekly Roundup #1: December 12-19th 2021 · Graham Helton">
|
|
<meta property="og:description" content="What is this? This is the first of a weekly &amp;ldquo;round up&amp;rdquo; that aims to summarize the security or IT related concepts I have worked on this week during my free time. My goal is to create a footprint for others to follow in if they so desire. When I was first learning the basics of security I struggled to find projects that I could work on to help me learn useful security practices and techniques.">
|
|
<meta property="og:url" content="https://grahamhelton.com/roundup/roundup1/">
|
|
<meta property="og:site_name" content="Graham Helton">
|
|
<meta property="og:image" content="">
|
|
<meta property="og:image:secure_url" content="">
|
|
|
|
|
|
<script type="application/javascript">
|
|
var doNotTrack = false;
|
|
if (!doNotTrack) {
|
|
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
|
|
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
|
|
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
|
|
})(window,document,'script','https://www.google-analytics.com/analytics.js','ga');
|
|
ga('create', 'UA-211014781-1', 'auto');
|
|
|
|
ga('send', 'pageview');
|
|
}
|
|
</script>
|
|
|
|
<meta property="article:published_time" content="2021-12-19T00:00:00Z">
|
|
|
|
<body><header>
|
|
<nav class="navbar" role="navigation">
|
|
<div class="navbar__left">
|
|
<a href="../../">Graham Helton</a>
|
|
</div>
|
|
<div class="">
|
|
<a href="../../roundup">Roundup</a>
|
|
<span class ="nav-item navbar-text mx-1"> / </span>
|
|
<a href="../../blog">Blogs</a>
|
|
<span class ="nav-item navbar-text mx-1"> / </span>
|
|
<a href="../../tags/">Tags</a>
|
|
<span class ="nav-item navbar-text mx-1"> / </span>
|
|
<a href="../../pages/">Other</a>
|
|
</div>
|
|
</nav>
|
|
</header>
|
|
<main>
|
|
<section class="section">
|
|
<article>
|
|
<div class="blog__container">
|
|
<h1 class="blog__title">Weekly Roundup #1: December 12-19th 2021</h1>
|
|
|
|
<p> The first roundup! </p>
|
|
<p>Published: December 19, 2021</p>
|
|
<p>Reading Time: 3 minutes <p>
|
|
|
|
<div class="blog__details">
|
|
<div class="blog__info">
|
|
</div>
|
|
</div>
|
|
<div class="content">
|
|
<h1 id="what-is-this">What is this?</h1>
|
|
<p>This is the first of a weekly “round up” that aims to summarize the security or IT related concepts I have worked on this week during my free time. My goal is to create a <em>footprint</em> for others to follow in if they so desire. When I was first learning the basics of security I struggled to find projects that I could work on to help me learn useful security practices and techniques. Some weeks will have have more content than others depending on the amount of free time I have.</p>
|
|
<h1 id="12122021">12/12/2021</h1>
|
|
<ul>
|
|
<li>Went over SANS GSEC certification notes</li>
|
|
<li>Spent entirely too long getting <a href="http://git.grahamhelton.com">git.grahamhelton.com</a> and <a href="http://twitter.grahamhelton.com">twitter.grahamhelton.com</a> to point to my twitter and github using DNS…</li>
|
|
<li>Rebuilt homelab into a snazzy new case.</li>
|
|
</ul>
|
|
<p><img src="../../Pasted-image-20211214203659.png" alt=""></p>
|
|
<ul>
|
|
<li>Compiled some information about how to get started with docker to go through once I finish my SANS GSEC material</li>
|
|
</ul>
|
|
<div class="highlight"><pre tabindex="0" style="color:#ebdbb2;background-color:#282828;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span style="white-space:pre;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#756d59">1</span><span><span style="color:#928374;font-style:italic"># Docker learning resources</span>
|
|
</span></span><span style="display:flex;"><span style="white-space:pre;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#756d59">2</span><span>https://www.youtube.com/watch?v<span style="color:#fe8019">=</span>wCTTHhehJbU
|
|
</span></span><span style="display:flex;"><span style="white-space:pre;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#756d59">3</span><span>
|
|
</span></span><span style="display:flex;"><span style="white-space:pre;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#756d59">4</span><span>https://www.youtube.com/watch?v<span style="color:#fe8019">=</span>3c-iBn73dDE&feature<span style="color:#fe8019">=</span>youtu.be
|
|
</span></span><span style="display:flex;"><span style="white-space:pre;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#756d59">5</span><span>
|
|
</span></span><span style="display:flex;"><span style="white-space:pre;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#756d59">6</span><span>https://www.youtube.com/watch?v<span style="color:#fe8019">=</span>MnUtHSpcdLQ&feature<span style="color:#fe8019">=</span>youtu.be
|
|
</span></span></code></pre></div><h1 id="12132021">12/13/2021</h1>
|
|
<ul>
|
|
<li>Watched Black hills information security’s <a href="https://www.youtube.com/watch?v=igoDXnkYDy8">emergency log4j webcast</a></li>
|
|
<li>Studied SANS GSEC notes</li>
|
|
<li>Spent forever researching <a href="https://searx.github.io/searx/">searx</a> and borking installs.</li>
|
|
<li>Fiddled with my <a href="https://level99cooking.com">recipe website</a> to fix some formatting issues.</li>
|
|
</ul>
|
|
<h1 id="12142021">12/14/2021</h1>
|
|
<ul>
|
|
<li>Studied SANS GSEC notes</li>
|
|
<li>Fixed searx install from previous day</li>
|
|
<li>Wrote <a href="https://www.grahamhelton.com/blog/searx/">Thou Shall Not Snoop Our Searches - Searx Installation and Discussion</a></li>
|
|
<li>Added some android VMs to my lab for future projects</li>
|
|
</ul>
|
|
<h1 id="12152021">12/15/2021</h1>
|
|
<ul>
|
|
<li>
|
|
<p>Discovered <a href="https://danielmiessler.com/podcast/">Unsupervised Learning</a> by <a href="https://twitter.com/DanielMiessler">Daniel Miessler</a></p>
|
|
</li>
|
|
<li>
|
|
<p>Watched <a href="https://www.youtube.com/watch?v=7LXfBSuaFFE">A Tale of Two Johns (John hammond and John strand interview)</a></p>
|
|
</li>
|
|
<li>
|
|
<p>Set up rsyslog server in my home lab via <a href="https://www.techrepublic.com/article/how-to-install-and-configure-rsyslog-for-a-centralized-linux-log-server/">this tutorial</a> (This was very easy)</p>
|
|
<ul>
|
|
<li>Noticed some weird things going on in my network. The first being some very strange pings every few minutes to some random IPs. After some researching I found a reddit post where someone described the same problem. Looks like its a part of <a href="https://github.com/pia-foss/desktop/blob/master/daemon/src/latencytracker.cpp#L64-L101">PIA’s code</a> to check the latency to their servers.</li>
|
|
</ul>
|
|
<p><img src="../../Pasted-image-20211215161851.png" alt=""></p>
|
|
<ul>
|
|
<li>Noticed UFW was blocking some more traffic that happened to beacon every 2 minutes and 6 seconds…
|
|
<img src="../../Pasted-image-20211215162540.png" alt=""></li>
|
|
</ul>
|
|
</li>
|
|
<li>
|
|
<p>Investigated further with wireshark and found out it was an IGMP query packet to refresh the IPs of multicast group memberships. This was sent out by my router.</p>
|
|
</li>
|
|
</ul>
|
|
<div class="highlight"><pre tabindex="0" style="color:#ebdbb2;background-color:#282828;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span style="white-space:pre;user-select:none;margin-right:0.4em;padding:0 0.4em 0 0.4em;color:#756d59">1</span><span>sudo tcpdump -i <interface> -s <span style="color:#d3869b">65535</span> -w sketchy.pcap
|
|
</span></span></code></pre></div><ul>
|
|
<li>Added <a href="https://github.com/grahamhelton/smallscripts/blob/main/pushRsyslog.sh">pushRsyslog.sh</a> to my <a href="https://github.com/grahamhelton/smallscripts">smallScripts github repot</a></li>
|
|
</ul>
|
|
<h1 id="12162021">12/16/2021</h1>
|
|
<ul>
|
|
<li>Listened to <a href="https://www.inteltechniques.com/podcast.html">The Privacy, Security, and OSINT show</a> episodes 242 and 243</li>
|
|
<li>Discovered <a href="https://privacy.sexy/">Privacy.sexy</a> which is a collection of scripts to disable windows / mac features that reduce privacy</li>
|
|
<li>Verified with PIA VPN that they do send out pings to all their servers every couple minutes to “verify connectivity” (This still makes me feel uneasy…)</li>
|
|
</ul>
|
|
<p><img src="../../Pasted-image-20211219153745.png" alt=""></p>
|
|
<ul>
|
|
<li>Went over GSEC notes.</li>
|
|
</ul>
|
|
<h1 id="12172021">12/17/2021</h1>
|
|
<ul>
|
|
<li>Studied GSEC
|
|
<ul>
|
|
<li>Finished indexing GSEC books</li>
|
|
</ul>
|
|
</li>
|
|
<li>Formally accepted the agreement for the SANS Masters degree program (🎉 🎉🎉)</li>
|
|
</ul>
|
|
<h1 id="12182021">12/18/2021</h1>
|
|
<ul>
|
|
<li>Got sick :/</li>
|
|
<li>Binged like 20 <a href="https://www.youtube.com/c/JohnHammond010">John Hammond videos</a></li>
|
|
<li>Learned a little bit about <a href="https://www.youtube.com/watch?v=l44z35vabvA&t">web3</a>, <a href="https://docs.filecoin.io/about-filecoin/what-is-filecoin/#for-users">filecoin</a>, and <a href="https://www.youtube.com/watch?v=5Uj6uR3fp-U&t">IPFS</a></li>
|
|
</ul>
|
|
<h1 id="12192021">12/19/2021</h1>
|
|
<ul>
|
|
<li>Listened to <a href="https://darknetdiaries.com/episode/106/">darknet diaries #106</a></li>
|
|
<li>Published this round-up</li>
|
|
<li>Began looking for some open source asset management tool.
|
|
<ul>
|
|
<li><a href="https://twitter.com/snipeyhead">@snipeyhead</a> on twitter linked me to <a href="https://snipeitapp.com/">snipe-it</a></li>
|
|
</ul>
|
|
</li>
|
|
</ul>
|
|
<h1 id="have-any-questions">Have any questions</h1>
|
|
<p>Do you have any questions? Feel free to <a href="http://twitter.grahamhelton.com">reach out to me on twitter</a>. See you next Sunday. :)</p>
|
|
|
|
</div>
|
|
</div>
|
|
|
|
</article>
|
|
|
|
|
|
|
|
</main>
|
|
|
|
<footer>
|
|
<div class="footer_class">
|
|
<p>
|
|
<a href="https://grahamhelton.com/links" title="Reach out to me">Have Questions? Reach out to me.</a>
|
|
</p>
|
|
|
|
</div>
|
|
</footer>
|
|
</body>
|
|
</html>
|
|
|