WSR: #1: December 12-19th 2021

The first roundup!

Published: December 19, 2021

| Reading Time: 3 minutes

What is this?

This is the first of a weekly “round up” that aims to summarize the security or IT related concepts I have worked on this week during my free time. My goal is to create a footprint for others to follow in if they so desire. When I was first learning the basics of security I struggled to find projects that I could work on to help me learn useful security practices and techniques. Some weeks will have have more content than others depending on the amount of free time I have.

12/12/2021

Went over SANS GSEC certification notes
Spent entirely too long getting git.grahamhelton.com and twitter.grahamhelton.com to point to my twitter and github using DNS…
Rebuilt homelab into a snazzy new case.

Compiled some information about how to get started with docker to go through once I finish my SANS GSEC material

1# Docker learning resources
2https://www.youtube.com/watch?v=wCTTHhehJbU
3
4https://www.youtube.com/watch?v=3c-iBn73dDE&feature=youtu.be
5
6https://www.youtube.com/watch?v=MnUtHSpcdLQ&feature=youtu.be

12/13/2021

Watched Black hills information security’s emergency log4j webcast
Studied SANS GSEC notes
Spent forever researching searx and borking installs.
Fiddled with my recipe website to fix some formatting issues.

12/14/2021

Studied SANS GSEC notes
Fixed searx install from previous day
Wrote Thou Shall Not Snoop Our Searches - Searx Installation and Discussion
Added some android VMs to my lab for future projects

12/15/2021

Discovered Unsupervised Learning by Daniel Miessler
Watched A Tale of Two Johns (John hammond and John strand interview)
Set up rsyslog server in my home lab via this tutorial (This was very easy)
- Noticed some weird things going on in my network. The first being some very strange pings every few minutes to some random IPs. After some researching I found a reddit post where someone described the same problem. Looks like its a part of PIA’s code to check the latency to their servers.
- Noticed UFW was blocking some more traffic that happened to beacon every 2 minutes and 6 seconds…
Investigated further with wireshark and found out it was an IGMP query packet to refresh the IPs of multicast group memberships. This was sent out by my router.

1sudo tcpdump -i <interface> -s 65535 -w sketchy.pcap

Added pushRsyslog.sh to my smallScripts github repot

12/16/2021

Listened to The Privacy, Security, and OSINT show episodes 242 and 243
Discovered Privacy.sexy which is a collection of scripts to disable windows / mac features that reduce privacy
Verified with PIA VPN that they do send out pings to all their servers every couple minutes to “verify connectivity” (This still makes me feel uneasy…)

Went over GSEC notes.

12/17/2021

Studied GSEC
- Finished indexing GSEC books
Formally accepted the agreement for the SANS Masters degree program (🎉 🎉🎉)

12/18/2021

Got sick :/
Binged like 20 John Hammond videos
Learned a little bit about web3, filecoin, and IPFS

12/19/2021

Listened to darknet diaries #106
Published this round-up
Began looking for some open source asset management tool.
- @snipeyhead on twitter linked me to snipe-it

Have any questions

Do you have any questions? Feel free to reach out to me on twitter. See you next Sunday. :)