I use atomic moves. I used to have everything configured to land in a staging directory and once ready for it to "go live" move it to the appropriate location and kick off a scan.
Using a .ignore file is probably the simplest though.
omegabyte
joined 10 months ago
Are you using indexes made by someone else or did you make it yourself? I highly suggest doing it yourself so you're more familiar with the layout and how your brain seeks content. I had tons of duplicate entries because search context matters. One question may ask what HTTP response code 301 indicates or it may ask what response code is returned when content has been Moved Permanently. Don't rely on memory to differentiate. Figure out how you'd begin looking the answer up and make sure it's covered in your index, then do it again for any other contexts you can think of.
I used this Lesley Carhart post as the basis for creating my index.
You're right that there's an untenable amount of knowledge if you're relying on your memory to get through it. Much like working in the industry, you don't have to have encyclopedic knowledge on any topics, but you do need a reliable method to find answers. I literally went page by page building my index over the course of a week. The prep was well worth it because not only did I have a solid index, I had gone over every piece of material shortly leading up to my test.
I did almost get blind sided by the clock though. I finished with about 2 minutes left. Please do also keep in mind certs are not remotely necessary. There's a person on my team that has zero certs but runs circles around me during forensic investigations.
I passed the GCFA exam last year. What are you struggling with?
Are you okay? They asked a very specific question and you're coming in with answers that don't matter.
When did I say anything about dhcp or mention randomized mac being a silver bullet for privacy? Your opinion on how effective it is or isn't has nothing to do with the fact that they can turn it off for their network and it will solve the issue they're asking about.
Eh, in pihole mac or ip address is a valid way to add a device to a group so you can give it a different policy. I have multiple access points but they're not meshed so if I randomized I'd have to have multiple client entries for a single device. Or turning off randomization for my trusted networks means just 1 client entry.
Assuming Android, you'll want to deselect randomized MAC for your wifi. No reason to randomize on a trusted network. You can turn it off on a per network basis.
In an ideal world I have multiple vlans for studf like iot, security cameras, my personal devices, my family's personal devices, and various ones for lab stuff (externally available apps, critical apps, etc.)
Networking is my biggest neglect and learning it to start fixing things feels pretty daunting when I only have an hour or so some nights to tinker. I'll get there eventually though.
The biggest thing keeping from doing an LXC per app is a poor decision when I first set the lab up, I only gave it a /24 and didn't separate out iot/user devices/servers so I'm flirting with exhausting the IPs. I'm planning on setting up opnsense soon so that should take care of it. I have a few different servers with apps grouped by type/priority and then running podman for the containers inside. It works well and I probably shouldn't change it for no real reason.
I don't have a really good reason not to use LXCs right now. I use VMs because that's what I knew when I started with Proxmox and the Internet seems pretty divided on when each one shines over the other. The goal of my switch to podman was twofold: switch to rootless and use something with better systemd support. I was hacking together unit files for docker using some pretty dumb tricks, none of that is necessary with quadlets though.
What's the benefit in your eyes for LXC over VM? I don't run Windows or anything so using the host kernel isn't an issue for me. I do sometime have problems with OOM kills taking out a VM though, but my understanding is if it were an LXC that kill could have hit a much more important process than my general apps VM.
E: As far as Fedora under IBM.. I don't like it either. I'm relatively prepared to jump back to Debian though, I've kept my Andi key playbooks updated for both Fedora and Debian just in case I have to go back.
Oh interesting. I just saw it was recently updated so I went with it. I'll have to look into what's going on with it though.
Thanks for the Thunder suggestion. This thing seems really solid.
Wait what happened with Raccoon? I recently switched to it after finally giving up on the Sync dream.
view more: next ›
This is a fun little rehash of the "what naming scheme should I use for my servers" discussion that will never end.
I agree, I use fun cutesy shit as aliases and whatnot but actual hostnames are boring and logical.