• 0 Posts
  • 15 Comments
Joined 1 year ago
cake
Cake day: June 15th, 2023

help-circle




  • I just started my first official cybersecurity position at a medium size company in an industry that is currently being heavily targeted with ransomware.

    I'm starting pretty much from scratch as they have not had a dedicated security role in over a year and my predecessor didn't make much progress. So far i've been focused on inventory lists, policies, and procedures for hardware, software, and data. I think we're doing okay with minimizing stuff thats internet facing and patching is in a good place (well, at least with the devices and os's that are still supported).

    Any suggestions on where to go from there or what to prioritize?



  • Kagi! Worth every penny of the subscription. The emphasis on privacy is a big deal for me but the killer feature is the ability to customize results. I have sites I personally like/trust towards the top and have an ever growing blacklist of sites that don't get shown at all. No more pinterest, spruce, or other seo spam sites!



  • If you're looking at paying for certs I personally would stick with ones from common organizations, like CompTIA, (ISC)^2, SANS, Cisco, etc. I think a lot of the value in the cert (at least for career purposes) comes from the name recognition and trust placed in the organization certifying you. A recruiter looks at a Sec+ credential and knows exactly what that entails, whereas a certification from a lesser known organization or community college doesn't do much to tell them what you know or have studied.





  • Hey, I have a career question this week! I've been a sysadmin for the last 1.5 years (It's a small shop so everything security related is currently my responsibility). I'll soon be graduating with a BS in Cybersecurity & Information Assurance. I'm SSCP, CySA+, and PenTest+ certified. I want to end up in a penetration testing role. Once I graduate, should I start looking for pen testing gigs immediately or do you think I ought to get some experience directly in the security industry first? Would getting OSCP help my chances of moving directly to pen testing?


  • A vertical mouse saved me from carpal tunnel syndrome. A few years ago I started developing wrist and elbow pain in my mouse arm along with the numbness. It was getting so bad I would take frequent breaks to ice my wrist and would wear a brace at night. I started looking for ergonomic mice and decided to try out a $15 Anker one from Amazon. I felt relief the day I started using it and within a few days the symptoms were gone entirely.


  • For managing my library on disk, I just recently made the effort to set up the *arr apps. I love having the metadata, tagging, organizing, and file naming all consistent and automated. Previously I used mp3tag and filebot to manage them and it was way more manual. Everything is set up with docker-compose and Ansible.

    Library file stuff:

    • Two Radarr instances, one for 4k and another for lower resolutions
    • Sonarr for TV
    • Lidarr for music
    • Two readarr instances, one for epub/pdf and one for audiobooks
    • Jackett
    • deluge+openVPN

    For library frontend stuff:

    • Jellyfin for movies, tv, music, audiobooks
    • Plex, for when Jellyfin is acting up
    • Jellyseer for TV & movie requests
    • LaunchBox for videogames and emulators
    • Calibre + calibreWeb for ebooks & syncing to my Kobo eReader

    Haven't set up yet:

    • flaresolverr
    • unpackerr
    • audiobookshelf

    Doesn't exist yet/wishlist:

    • *arr app for emulator ROMs (I'll have to check out romm, looks pretty cool!)