wop @ wop @infosec.pub

Blog: [ittavern.com](https://ittavern.com/)

---

Read more

Posts

53

Comments

21

Joined

2 yr. ago

Moderating

---

Small follow up - asked about bag recommendations like a month ago and went with the recommendation from Nasan@sopuli.xyz - Mystery Ranch Catalyst 26l - been really happy so far.

I'll look into it! Appreciate it, Cheers

We do. Security/Network > dummy data / files, brainstorming, drafts. Not part of a department-wide process, but rather part of an individual's workflow.

Gotcha - makes sense. appreciate it.

It may be a little late, but do you enjoy cybersecurity? - Chasing ghosts, scrolling through endless lines of logs, fending off threats, responding to incidents in high-stress situations, fighting for budgets, clients and colleagues who just don't care, being the "bad guy" in meetings, and so on.

I've only been there a few months, but there's no light at the end of the tunnel. I'm pretty sure it has something to do with my environment, but I can't see myself doing this for a long time.

I am pretty sure one of our consultants has this Osprey Comet. Looks decent! Wow, the Technonaut looks more like a travel bag than an everyday carry, and man, 400 bucks? And I thought my Veto Pro Pac was expensive.

Just ordered the Catalyst 26. Thanks again

Those bags are looking great! Having enough space for tools and a big water bottle. Cheers

And fairly inexpensive - thanks!

It seems that I have to drive more often to the office again. Any bag recommendations? What is your favorite brand/ model?

So, let's assume that you are in an international company and the first and only security person. What are your first steps and projects? It is like really vague, but I'd assume like a SIEM, inventory of the network and all devices, backup situation, maybe even honeypots?

What are your high-prio things that every company should have? Is there even a framework for it?

Feeling kinda lost and I hope you get some guidance in the right direction.

Testing a few CTF platforms to learn more about pentesting. It is interesting, but the learning curve is quite steep.

Same here

Currently using HedgeDoc for taking notes, but it is lacking some features, so I am trying to find and host some alternatives and compare them. And I hope I can find some time to play with my Flipper Zero....

I want to get into Ansible and I am building a testing env for it - home lab with various switches and routers, Fortinet, Palo, and a proxmox host server and some remote VPS. One of my goals for Q1 '24. Today I am going to prep the switches.

Besides that, I want to host my own NFTY server and I hope that I can get it online within this week.

I am currently transitioning into a Security role at work. One question would be: what are the must-have tools for every blue team?

• Vuln-Scanner
• Logging/ SIEM-Server
• ...

Learning things about Wireguard and implement it to secure my internet facing servers.

Getting a pcap of another client could bring some insight, yeah.

SSH is used for the data transfer. Without knowing it at this moment, I'd assume scp or rsync. You mean whether all their internet traffic is routed through the active SSH session?

Gotcha! - I thought Wireguard might has some logging features that could provide some insights. Thank you.

Not yet. Wouldn't expect it tbh, but you'll never know. How would you utilize Wirehuard for it? I'd like to hear more about it.