WSR: #1: December 12-19th 2021

The first roundup!

Published: December 19, 2021

| Reading Time: 3 minutes

What is this?

This is the first of a weekly “round up” that aims to summarize the security or IT related concepts I have worked on this week during my free time. My goal is to create a footprint for others to follow in if they so desire. When I was first learning the basics of security I struggled to find projects that I could work on to help me learn useful security practices and techniques. Some weeks will have have more content than others depending on the amount of free time I have.

12/12/2021

  • Compiled some information about how to get started with docker to go through once I finish my SANS GSEC material
1# Docker learning resources
2https://www.youtube.com/watch?v=wCTTHhehJbU
3
4https://www.youtube.com/watch?v=3c-iBn73dDE&feature=youtu.be
5
6https://www.youtube.com/watch?v=MnUtHSpcdLQ&feature=youtu.be

12/13/2021

  • Watched Black hills information security’s emergency log4j webcast
  • Studied SANS GSEC notes
  • Spent forever researching searx and borking installs.
  • Fiddled with my recipe website to fix some formatting issues.

12/14/2021

12/15/2021

  • Discovered Unsupervised Learning by Daniel Miessler

  • Watched A Tale of Two Johns (John hammond and John strand interview)

  • Set up rsyslog server in my home lab via this tutorial (This was very easy)

    • Noticed some weird things going on in my network. The first being some very strange pings every few minutes to some random IPs. After some researching I found a reddit post where someone described the same problem. Looks like its a part of PIA’s code to check the latency to their servers.

    • Noticed UFW was blocking some more traffic that happened to beacon every 2 minutes and 6 seconds…
  • Investigated further with wireshark and found out it was an IGMP query packet to refresh the IPs of multicast group memberships. This was sent out by my router.

1sudo tcpdump -i <interface> -s 65535 -w sketchy.pcap

12/16/2021

  • Listened to The Privacy, Security, and OSINT show episodes 242 and 243
  • Discovered Privacy.sexy which is a collection of scripts to disable windows / mac features that reduce privacy
  • Verified with PIA VPN that they do send out pings to all their servers every couple minutes to “verify connectivity” (This still makes me feel uneasy…)

  • Went over GSEC notes.

12/17/2021

  • Studied GSEC
    • Finished indexing GSEC books
  • Formally accepted the agreement for the SANS Masters degree program (🎉 🎉🎉)

12/18/2021

12/19/2021

Have any questions

Do you have any questions? Feel free to reach out to me on twitter. See you next Sunday. :)