Tindra's Grove

Thinking, occasionally.

  • GIAC Test Prep

    GIAC Test Prep

    Information Security is a field with lots of certifications. And lots of certification study methods. I’ve experienced everything from the person who knows all the memory devices and will ensure you know the material you need to know, to the “instructor” who could barely read off the vendor-provided slides. However, GIAC is relatively unique in…

  • Mastodon, WordPress, and Verification

    With the seemingly impending collapse of Twitter, many have started checking out Mastodon as an alternative for keeping in touch with the same people. And, while federation can make that a little different, I’d say it’s overall been going well. That said, one item that is very different is the concept of verification. With Twitter,…

  • Facebook Failure

    For several hours on 4 October, 2021 Facebook disappeared from the Internet. Not just Facebook, but all of the services that Facebook provides. Big deal, right? It’s just a website. Just social media. Except Facebook isn’t just a website. It is an entire communications ecosystem that has worked very hard to get every person on…

  • Bridging Captive Portals

    So, I’m working on my research project, and it involves a bunch of virtual machines (which I have set up according to @da_667‘s instructions from his book). Cool, too easy, everything works fine. …until I have to travel. Fortunately, my lab fits on my laptop. Unfortunately, when I connected to hotel Internet, none of my…

  • Supporting the Business

    In Information Security (Infosec), one of the first things most of us learn is the concept of CIA – Confidentiality, Integrity, and Availability. This is such an important concept that is part of US Code: (1) The term “information security” means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction…

  • Notes

    Here’s an example of what I’m *not* trying to do – I don’t want to add more crap to home networks; I just want juicy juicy log data. And to be able to understand it: https://www.sans.org/reading-room/whitepapers/hsoffice/protecting-home-devices-malicious-blacklisted-websites-36152 I’m definitely going to need to learn me some PowerShell to make this work – to dig through and…

  • Notes

    Look at this thread for some thoughts on the autopilot problem: https://twitter.com/giorgio_montana/status/962740192334422017 Potentially useful article on DNS: https://www.sans.org/reading-room/whitepapers/analyst/securing-dns-emerging-threats-hybrid-approach-37692

  • Rebooting

    Giving the blog a reboot. Please stand by while it finds a new personality.

Advice autopilot blog bookmarks dns GIAC mastodon postmortem powershell risk SANS Test Prep troubleshooting wordpress