Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.

  • Rich Bartlett@infosec.pub
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    I’m currently combining a data protection improvement project with security audits of multiple small to medium charities and we’re also rebuilding our home (a solar powered fossil fuel free widebeam boat). It’s exhausting. I’m also struck by how lack of key skills in some many sectors increases cost and risk!

    • shellsharks@infosec.pubOPM
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      Don’t know much about boats or boat-building but that sounds pretty cool. You’re building it completely from “scratch” or starting with a base boat of some kind?

      • Rich Bartlett@infosec.pub
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        We stripped it back to the hull as there were so many issues with the original fit out. The hull was largely fine, we needed a vent hole too close to the waterline closed and a beam where the weld had popped welded, and then it was re-treating the bilge with Lanoguard to prevent rusting, then building from there. The floor is in (using recycled plastic lumber and sheets) first fit electrics hopefully in the next two weeks. It’s a journey :D

  • dpendolino@infosec.pub
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    I’m trying to NixOS a try, it’s been something I’m curious about for ages. I’m typically use Arch.

    • N7x@infosec.pub
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      Nix has been on my radar for a while too. The approach is takes to reproducibility looks very interesting

  • Tanders@infosec.pub
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    I’ve been working on a locally hosted instance of VaultWarden, deploying it locally is easy with Alpine but I want it accessible remotely. That requires some restructuring and trust. OpenBSD.Amsterdam is a good choice for that, a small instance of theirs works as my front end relaying to a system that connects over WireGuard to my local VW install with PGSQL back-end.

    Presently my solution is 1P/BW for low value accounts, but a VaultWarden on a USB Armory Mk II for high value. The Somu works great for storing keys to open the VW vault. Overkill but it was fun to make.

    • noUsernamesLef7@infosec.pub
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      Nice! I have a bunch of services I run locally but have been hesitant to expose to the internet so when I want remote access it’s alwys over an openVPN connection. Why did you decide to go this route over just using wireguard directly from your client devices? I presume the openbsd box is just a reverse proxy?

      • Tanders@infosec.pub
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        I had some servers sitting around from a previous project and I put them to use.

        As soon as I wanted a valid TLS endpoint I was going down the rabbit hole of tunneling the local services; ingress or egress I’d have “trust issues” that I would have to deal with such as where the vaults live and get the database to them, sshfs? zfs smb? nfs? So I decided to extend out for the public services and keep the private services a couple tunnels away from the internet.

        The other nice part is that I can make a tmpfs/memfs mount for my vault and cache it at the edge, still working on that one. ;-)

    • httpjames@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      What time format are you using? 64 bit Unix and date time strings should be easy to parse. Just a simple new Date(x).toLocaleString()

      • Rooster@infosec.pub
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        It’s not that simple. Parsing isn’t a problem, it’s formatting with a timezone that sucks. It’s a pinch point in a lot of different ways. Because MomentJS is in maintenance mode and the Temporal library isn’t ready yet, I tried to do it in vanilla JS. Date objects don’t do a good job of keeping track of timezone. You can only apply the timezone when converting the Date object to a string with .toLocaleString(locale, {timeZone: "America/New_York"}) and the formatting rules available are not capable of producing the desired not-quite-ISO8601Nanos timestamp (I don’t want it to be in UTC, I want that layout with a trailing timezone offset). I fell back to moment but moment-timezone doesn’t work well with the Jest tests as they’re written. I plan to rewrite a lot when the Temporal library is prod ready but that won’t be before this sprint is over.

      • calmluck9349@infosec.pub
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Thanks. I am being asked to take it by my employer. Halfway through the study guide. For the most parts its been review/refresher from (8 years ago)university.

        • shellsharks@infosec.pubOPM
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          I just (begrudgingly) renewed mine for this exact reason where a (future) employer might require it.

          • calmluck9349@infosec.pub
            link
            fedilink
            English
            arrow-up
            1
            ·
            edit-2
            1 year ago

            Any study tips? I’ll be taking the new 4 hour(ish) computed aided test. All my friends took the 6 hour paper test a few years ago. I assume you had the same 6 hour test?

  • Unicent@infosec.pub
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    Logscale / Humio Training. Pretty interesting so far, especially seeing the differences between it and Splunk.

  • spamfaux@infosec.pub
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    Non-technical: Just shipped off a mead for a competition so today will be planning for the next batch.

    Technical: Side project web application browser puzzle/word game. First time developing something in node.js so it has become an interesting adventure in learning.

  • noUsernamesLef7@infosec.pub
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    Just started prep for Pentest+! I’m normally a Jason Dion fan for cert prep but for this one i’m giving TryHackMe a go. It has been surprisingly engaging.

  • TrontheTechie@lemmy.blahaj.zone
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Currently I’m working on a full lemmy migration, looking around and figuring out how to access everything.

    For some reason the usual search method isn’t working to let me view most communities here with my blahaj account, but I can see them publicly, and I can access everything from an alt infosec account I made.

    Currently I’m in the gathering and planning phase of my cybersecurity venture in my career.I’ve spent most of my working life in kitchens, but I’ve always been a triple boot style power user. I recently got a Google IT Support Cert to try to help me get my foot into the door and open up my horizons to a better more engaging career.

    • shellsharks@infosec.pubOPM
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Same same on the Lemmy/Kbin/Threadiverse migration. My guess(es) on your searching-from-blahaj issue is that it’s a defederation issue (larger instances have defederated from blahaj?), a Lemmy-based federation issue (I’ve seen some stuff on Mastodon recently about issues with Lemmy and federation), or could be a strange instance-specific issue. Are you the instance admin for blahaj.zone or could ask?

      Good luck on your infosec journey! Hopefully this community can be of some help to ya. If it you’re interested, check out my guide for getting into the field as well - https://shellsharks.com/getting-into-information-security. Cheers!

      • TrontheTechie@infosec.pub
        link
        fedilink
        English
        arrow-up
        3
        ·
        1 year ago

        Yeah… it’s strange whatever it is. That first comment was from my Blahaj but now I can’t pull this comment up for the life of me from there.

        Here on the infosec account it showed up though, so I know it went through to some extent, and you replying to me solidifies it.

        Hopefully it is just growing pains.

        • TrontheTechie@lemmy.blahaj.zone
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          Problem appears to be somewhat related to language settings, and while I could find this post and comment chain again, there are still certain communities from this instance that give me 404 through blahaj.

  • jezcaudle@infosec.pub
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    A web front end for OpenSMTPd. It’s an off/on - mostly off - project.

    It’s written in Ruby On Rails and runs on OpenBSD.

    It’s a very simple project really - three tables: domains, credentials and virtuals. Ensuring the security of it and writing tests to cover the models, controllers and that everything flows as it should is taking the time and effort. I’m enjoying it!!

      • jezcaudle@infosec.pub
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        It is. The extra stuff bundled in Rails makes web development enjoyable. Ruby allows me to code without thinking too much, it just seems to flow.