What is this?

This is the first of a weekly “round up” that aims to summarize the security or IT related concepts I have worked on this week during my free time. My goal is to create a footprint for others to follow in if they so desire. When I was first learning the basics of security I struggled to find projects that I could work on to help me learn useful security practices and techniques. Some weeks will have have more content than others depending on the amount of free time I have.

12/12/2021

• Went over SANS GSEC certification notes
• Spent entirely too long getting git.grahamhelton.com and twitter.grahamhelton.com to point to my twitter and github using DNS…
• Rebuilt homelab into a snazzy new case.

• Compiled some information about how to get started with docker to go through once I finish my SANS GSEC material

1# Docker learning resources
2https://www.youtube.com/watch?v=wCTTHhehJbU
3
4https://www.youtube.com/watch?v=3c-iBn73dDE&feature=youtu.be
5
6https://www.youtube.com/watch?v=MnUtHSpcdLQ&feature=youtu.be

12/13/2021

• Watched Black hills information security’s emergency log4j webcast
• Studied SANS GSEC notes
• Spent forever researching searx and borking installs.
• Fiddled with my recipe website to fix some formatting issues.

12/14/2021

• Studied SANS GSEC notes
• Fixed searx install from previous day
• Wrote Thou Shall Not Snoop Our Searches - Searx Installation and Discussion
• Added some android VMs to my lab for future projects

12/15/2021

• Discovered Unsupervised Learning by Daniel Miessler

• Watched A Tale of Two Johns (John hammond and John strand interview)

• Set up rsyslog server in my home lab via this tutorial (This was very easy)

  • Noticed some weird things going on in my network. The first being some very strange pings every few minutes to some random IPs. After some researching I found a reddit post where someone described the same problem. Looks like its a part of PIA’s code to check the latency to their servers.

  

  • Noticed UFW was blocking some more traffic that happened to beacon every 2 minutes and 6 seconds…

• Investigated further with wireshark and found out it was an IGMP query packet to refresh the IPs of multicast group memberships. This was sent out by my router.

1sudo tcpdump -i <interface> -s 65535 -w sketchy.pcap

• Added pushRsyslog.sh to my smallScripts github repot

12/16/2021

• Listened to The Privacy, Security, and OSINT show episodes 242 and 243
• Discovered Privacy.sexy which is a collection of scripts to disable windows / mac features that reduce privacy
• Verified with PIA VPN that they do send out pings to all their servers every couple minutes to “verify connectivity” (This still makes me feel uneasy…)

• Went over GSEC notes.

12/17/2021

• Studied GSEC
  • Finished indexing GSEC books
• Formally accepted the agreement for the SANS Masters degree program (🎉 🎉🎉)

12/18/2021

• Got sick :/
• Binged like 20 John Hammond videos
• Learned a little bit about web3, filecoin, and IPFS

12/19/2021

• Listened to darknet diaries #106
• Published this round-up
• Began looking for some open source asset management tool.
  • @snipeyhead on twitter linked me to snipe-it

Have any questions

Do you have any questions? Feel free to reach out to me on twitter. See you next Sunday. :)