Former lurker trying to post more, Internet link curator, and meme connoisseur. He/Him

All typos are intentional

Ask me about pigeons!

  • 5 Posts
  • 28 Comments
Joined 1 year ago
cake
Cake day: June 5th, 2023

help-circle
  • matttoHardwareNUC to run Proxmox
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    I think my smallest nuc, when I was running proxmox, had 24 gigs with four cores and I was able to get ~4 ubuntu servers running at the same time. Or like 1 Windows 2012 R2 and a couple ubuntu servers. YMMV definitely and worthwhile tuning/building an image that is stripped down


  • @shellsharks@infosec.pub Sorry, was offline for a few days! Not really sure what I’m looking for, honestly? Mostly someone to kind of push me for doing more/exploring more? I’d like to focus in on AI security as well as container security and I know I can start that work on my own – I just know it’s easier/more likely for me to do things if I have someone filling in the blanks on things I don’t know that I don’t know. I’ll start with those there (been following She Hacks Purple and InfoSec Sherpa for a bit) and see if any long hanging fruit shakes lose from the tree, thanks again!


  • write_that_down.jpeg

    This is amazing info, thank you! So I have a BS in comp sci and applied math but all my experience is from ~10 years in different roles in IT from helpdesk to now cloud engineering/devops. I’ve had been doing some CTF’s and Juice Shop for a bit but fell off because things got busy (as they always do). Lately I’ve been looking at reversing DRM for old shareware games just to get more familiar with the concepts but it’s been mostly looking rather than doing so far lol. What I really want to get better at are namely two things:

    • Container security and exploiting it
    • Getting better at understanding how things work at lower levels to be better at reverse engineering

    Really appreciate the insight and hope that everything goes well with your plans!












  • I’m not sure if this is the right venue for this question so please let me know if that is the case – happy to ask elsewhere!

    I’ve been in various IT roles for the past 10 years and seem to have gotten stuck in a support capacity. My career goal is to be more of a DevSecOps or Security Engineering role but I honestly can’t get the time of day with an interviewer. I’ve got experience with programming, cloud infrastructure, web application security, and am currently going for my CKA but I don’t have a ton of experience “on paper”. Most of my experience is either me doing things myself to further my knowledge or taking on security things within my current role – for ex. in one support role I did a web application penetration test to make sure there weren’t any gaping holes before we deployed it.

    How can I make sure that I have the right experience down on paper for when I’m applying to roles? Has anyone here “broken out” of a support role into security? What was your experience with it? I also have a lot of interest in doing research work and I know this can dovetail with the two roles I listed above but maybe I need to focus on the core ideas of those roles more?









  • Oh one suggestion for external access that I have is Tailscale – it’s a dead simple wireguard VPN. You don’t need to do any kind of port forwarding or configuration, you literally just install the binary and run it. It even has support for custom domains so if you have a website, you could set your jellyfin server as a tailscale only subdomain. 10/10 recommend


  • No worries at all! So I use Miniflux as my RSS reader but there TONS of different ones – some open source, some freemium, some premium and closed source. Even VLC and Thunderbird can be used for keeping track of RSS feeds! For that front, I’d just search and give a couple a try – find which one suits your needs best. I used FreshRSS before making the switch to Miniflux but there are hosted options like Feedly.

    In terms of finding things to read via RSS, you’ve got a ton of options there too! There’s a lot of open RSS feeds out there that just aren’t advertised. A few that I have are:

    • I think all youtube channels (stackoverflow post) have the option for RSS. You can go about it the way outlined in that post but I’ve found using https://youtube[.]com/channel/CHANNEL_NAME_HERE is good enough if I want to sub to every video of a channel
    • A lot of smaller blogs – most wordpress sites actually have a default rss feed that gets created unless you actively disable it
    • Substack news letters/blogs for folks that I follow have this support built in
    • I actually found out yesterday how to subscribe to both my Lemmy inbox and all the subscribed communities that I’m in to get those over RSS (there’s a little RSS feed icon next to the drop down filters for the latter)
    • I use hnrss for hackernews since they don’t have a direct rss feed you can subscribe to. Lobste.rs at least does have the ability to subscribe to multiple “subreddits”/“communities”/what have you and be able to filter things out – otherwise it gets really noisy
    • There’s a couple of folks that I follow on Twitter via Nitter that supports RSS (how to guide but since bird site is such a cess pool, might reconsider some of these.
    • I live in a fire prone area so I also subscribe to some of NOAA’s RSS feeds in case my family needs to evacuate
    • You can even pull various subreddits over rss if you’re still using reddit for somethings. The one thing that I loved about using these rss feeds is that you could group subreddits together into one rss feed and just have that but I imagine this will change with the API changes
    • This doesn’t even include all the podcasts since the way they’re distributed is built on-top of RSS feeds!

    The one big problem with RSS is that there really isn’t a good way to find other RSS feeds – or at least I haven’t found a good way, ha! Typically, I’ll get linked to a site from hackernews, lobsters, here, wherever. If I like their stuff, I’ll just paste their URL into Miniflux to see if they have an RSS feed and subscribe from there. I really wish that there was a recommendation list of good rss feeds but honestly, sometimes the best way is word of mouth? Hope this helps!

    Edit: Put brackets around the youtube link so that it doesn’t turn into an actual link



  • Honestly, it took a little while because I was learning a lot of it on the fly. If I had to put a hard number on it, maybe like a week of actual work with tuning and permissions but a lot more time in terms f reading how things should all plug in together. Right now, if I had to set it up, maybe an hour of actual work? But that’s because I know how to write a docker compose file, how to tunnel the traffic through a vpn in a docker container, how volume mounts work, etc. etc.

    It’s really intimidating to start with but there’s a fair number of really good guides on the internet for basic setups. I kind of started it one thing at a time – set up a docker container for jellyfin to point to my existing media, then setup Sonarr to manage only the TV shows, then this one, then that one, yadda yadda. Incrementally doing it is really the way to go so you can test what works, what breaks, and what is actually something that you need.