This server runs Debian’s Testing release. Yes, Testing changes a lot and is not meant for long-term production servers. But I like to be a little more up-to-date on the software packages, and there are times when Debian Stable is too far out of date for what I need or want to run on this server. I do use it as a shell server too. And yes, I know bastion hosts, one “process” per server. That assumes one has a budget for multiple servers.
Anyway, I updated the server, and it pulled PHP 8.1. Previously I was running PHP7.4. Well, something interesting happened during the upgrade. I rebooted the server to get the new kernel loaded, and when everything came back up, I had the “White Page of Death” on the WordPress page. This is a self-hosted server, no CPanel, phpAdmin, or anything like that. If I have to fix a problem, it’s the command line and me.
I’m getting ready for a fun little project with a friend. Several years ago, while doing my undergrad, I got a copy of Chris Sander’s “Applied Network Security Monitoring.” I was going to do a book study group at school when it came out, but it turns out it was a required text for my Incident Response course.
Sadly, that class was a mess, and I don’t think we used the book in it at all. A different friend and I referenced the book to build a project for one of our other classes. We used it to build several honey pots, with what was supposed to be centralized logging. That, however, failed due to the Data Center we put the logging server in. The DC we picked for the log server didn’t allow logging to that DC for some reason. The other ones through the VPS provider would have worked fine. Just not that one. No clue why. We did complete the project with the honey pots but had to monitor each one instead of having central logs.
Anyway, talking about burnout recently with friend one mentioned above, we both feel burnt out. We don’t want to do anything computer-related after work. Studying, Udemy, Coursera, Hack-in-The-Box, Try Hack Me, scripting, blogging, etc. To get around this, we’re going to work through Applied Network Monitoring, and we’re also going to blog about it.
Before confirming this was the book and project we would do, we asked Chris Sanders via Twitter if the book material was still relevant. He said the concepts would be, but the tools would be different now.
It should be fun.
Once my friend gets his blog set up, I’ll link to it too. And yes, I know I still have some OpenFAIR/CTI/OSINT related content I want to blog about; see the comment about being burnt out above.
I got an email saying that my site auto-upgraded. I wasn’t happy about it, some of the settings I on the server should have prevented that. But it did the auto-upgrade anyway.
When I logged in, the dashboard said to update to PHP I checked the terminal, since I’m self-hosting, and saw I had the newest available in the repo installed on the server. I had to do testing to find out, no it kept pulling the older version.
I searched around, and all the howto guides were for people using Cpanel or some other hosting tool. They also suggested the PHP text tool. Which I used, and it said all my plugins would work. But the howto guides for hosted accounts past that point wouldn’t work for me though. I’m self-hosted. I finally found a blog post by someone saying what to change, the webserver to point to the right files. So I did.
And the site broke.
The error wasn’t much help, but more searching found I could turn debug on get better information. So I did that. The page was tossing errors. Google those, and found a walkthrough to fix Crayon Syntax Highlighter.
I also had to toss Attack Scanner, which made me sad, but that plugin was shut down in 2017.
And I thought getting Let’s Encrypt fixed a couple of weeks ago was a pain.
There was a poll on twitter recently asking about making a new blog. My suggestion was to self-host WordPress on a VPS, and then use the attacks against both as case studies for the blog itself.
The real question comes down to, “what is your goal?”
Last Thursday I listened to Risky Business 377. The part that really got me engaged was the section with the sponsor, RSA. They were talking about how they are working with schools to build educational SOCs.
What they were talking about though, and I’m paraphrasing from my point of view, was making Universities less theory like and more Trade school like. For example why not add a check point certification class to get students out with some experience and a certification after 3 months of class?
So for those that hadn’t heard, I started a new job about a month ago. I’m no longer doing firewall audits, secure network design, and mainframe web emulation. I was kind of sad to leave some of the projects I was working on un-finished, but that was the nature of the beast.
So now I’m working in a Security Operation Center, as a CIRT Event Analyst (or at least that was the job description they sent me after I interviewed of what the job was going to be).
The downside is I now have a 2+ hour daily commute. It should take 45 minutes or less, but well we only have 2 seasons. Winter and Road Construction. It also means I have less time to work on things I want to. Reading and projects have been affected.
I’ve also been less than healthy lately. I got really sick before Bsides Detroit. The night before the con, I was at the hospital. I also ended up missing the con because of being sick. A fever for a week, and everything spinning regardless if I was sitting standing or laying down. Turns out I had an inner ear infection. Got drugs that helped but didn’t make me better. I wended up running a fever for 3 weeks. Now I just have this annoying cough.
I graduated from Eastern Michigan University with a BS in Applied Information Assurance. Now that is done, I’m working on some stuff that I want to do. I also am trying to to get accepted to UMUC for a Master of Science. I’m unsure if I want to go for the Cyber Security or Digital Forensics and Cyber Investigations degree.
Some of the projects:
- My Raspberry Pi WIDs modifications
- Study for my CISSP
- Hacker’s Challenge (from 2001)
- R Programming (Coursera Data Science Program)
- catching up on leisure reading
- Studying for my General Amateur Ticket
- Designing a new home lab
- some other things not for open consumption
I know I haven’t written here lately, and I’m not getting in the number of blog posts I want per week. However I’ve been busy with school and projects. I only have time right now, because I can only run 1 Raspberry Pi (of 6) at a time (right now), and the first one is going through Kali’s apt-get upgrade. Man talk about not the fastest. Going to clone that drive and copy to other flash drives.
Currently, I’m working on a project for my independent study at Eastern Michigan University. The project and documents have to be turned in by Monday night, so I’ll talk about that after I get the stuff done.
The Eastern Michigan Campus Crime Project turned out really well. My team and I presented on it at Circle City Con in Indianapolis. What I thought was going to be a simple 4 week project will probably take the rest of the year to complete. That’s with 4 of us working on it. There is some more interest on campus and suggestions on how to move this forward. I’ve got a really good team, and I’m really proud to have worked with them on the project.
I also dug out, and updated (slightly) my Human Trafficking talk. I’m a little wary of posting that one. Goes against my OPSEC views, but the presentation is important enough. I will say this, things have changed in a year+ since I stopped working on it. Got some good books to go with it too, I’ll get reviews of them up eventually.
There will be another book review up over the weekend (probably Sunday) as well.
I was recently listening to Paul’s Security Weekly episode 366: How Security Weekly got defaced, and started thinking about my own security posture around my WordPress sites. When I first created The Rats and Rogues Podcast site, I read everything I could find and on WordPress security. There wasn’t much. Later when I created this site, I still wasn’t impressed.
I doubt it, but in case people are wondering why I’ve move to more of a book review format… My class load is taking up a lot of my free time. In fact I should be working on my Art project for EMU Gen-Ed Right now (well now when I’m writing this, not when you read this).
Doing homework is more or less preventing me from doing a lot of the things I would rather be doing. Granted I have a nice stack of books that tie in to Information and Cyber Security to read as well. However, while my Digital Forensics class occasionally brings up interesting things to talk about, the majority of my time is spent in Psych 101 and Psych 103 (Lab). This week has been tied up with a 1 week accelerated class, but it hasn’t left time for me to do other things. It’s not as easy as the Counter Terrorism class was last year. Ok, yes my Saturday’s are tied up with an interesting OSINT project, but I can’t talk about that yet.
Anyway, back to the point of this post. I know it seems like my content has gone from a really cool OSINT post (which I have at least 2 follow ups to), to mostly book reviews, but I’m trying to kill 2 birds with one stone here.
I do have some topics from other books I’ve been reading (I’m usually reading more than one non-school books at a time), the project above, some followup OSINT posts, a paper from last year to finish water marking and sharing on here, and a few other things. But those have to wait until I have some free time. Now… where did I put those crayons for intro to art?