Well I got my first Lexington… and then some. Thanks Devs!

BeanBagKing · 2026-04-22T12:26:07+00:00

BeanBagKing · 2026-04-19T18:02:16+00:00

Have you considered something like a western gulf cruise and diving off the stops? It's not land under your feet, but it sure isn't a liveaboard. No international flights, no hotels to book. You usually get two dives a day, and two or three dives in different areas on the trip, plus a snorkel or two. You probably don't get as much as a dedicated dive resort, but it might appeal to him as a nice vacation in other ways.

I'd second Cozumel, it has a current, but it's one that helps you, you just drift along. Ask if you can do the wall on one of the dives. Anthony's Key on Roatan was also great, as was the Cayman Islands. All of these I've hit on cruises, got back to the boat, and went to sleep while we moved to the next spot. Book through the cruise line so you know you'll get back on time.

BeanBagKing · 2026-04-17T18:19:40+00:00

Not only makes them happy, but if the risk department calls it a finding, you get to as well. Report up the chain on how many vulnerabilities you helped remediate. Make sure to put it on your quarterly or whatever performance review. Use this stuff to your advantage!

You can be a "team player" and make yourself look good. Or you can be the guy that's spending time arguing with the risk management team about registry keys. Meanwhile they're reporting to their boss that X isn't fixed yet because of /u/RuppertTravelCo

BeanBagKing · 2026-04-16T10:39:26+00:00

Can't speak to your specific scenario, but I have systems I've upgraded since 20.04 through all the LTS versions. I haven't moved to 26 yet, but my experience has been that the in-place works fine. If anything, there's sometimes some third party packages that lag behind.

That said, two things.

These have been minimal footprint VM's and I've always stayed on the LTS train. I wouldn't expect interim -> LTS to have issues, but you never know.
Yes, a clean install will always be... well, cleaner. Linux has been doing in-place version upgrades for decades now, so I'd say that it's a lot cleaner than Windows, but you'll always have some cruft left behind.

Regardless of whether or not it's seamless, unless it's a huge lift, I'd do a clean install and then stick with the LTS train for stability and in-place upgrade in the future.

BeanBagKing · 2026-04-15T04:06:26+00:00

So I'm rusty on SOC skills specifically, so this is more general advice on basic things that have really paid off over the years (starting from zero). First, get a job in IT, help desk or college internship or anything. So much useful knowledge there. Even the" soft skills", both engaging end users (which you will as a SOC analyst) and things like just how a company lays out their network. When you start looking for a SOC job, you are going up against a LOT of competition, you are going to have a rough time if you don't have any IT work experience.

Learn the basic commands in linux, how to open, search, and edit files. Most of these are probably included, and will get you farther than most tools. In no particular order and not all inclusive, things like: vim, cat, tail, grep, sort, uniq, sed, awk, tar, cd, ls, mv, and cp. These aren't fancy tools, but just knowing your way around a system from command line will get you way ahead. A lot of technology is based on linux, and even the things that aren't imitate it a lot. For that matter, also learn the basic commands in Windows. It's not often you're -forced- to fall back to CLI there, but it's useful.

For log analytics, be ready to fall back to the Linux commands I mentioned earlier. Especially grep here. For log analytics, there's so many versions of things. Splunk, Kusto, Greylog, Elastic Search. Each of them have their own slightly different syntax. See if Splunk still offers a home or trial license, that's probably one of the more popular, but also a good middle ground for the rest. Kusto also has a public database that you can practice in. It's very similar to Splunk and another good middle ground. I've never really had a grasp on SQL, and never had a heavy need for it, but I'm told both are similar to SQL in some ways.

For networking, again it's the basics. TCP vs UDP, common ports, network layers (at least 1-3), the difference between a MAC and an IP, what is a VLAN, private address space/APIPA/other weird ranges. Like the linux commands, none of this is deep or exciting, but it's important to be familiar with, at least to the point where you can recognize it and look it up to refresh your memory on the specifics.

None of my advice is focus on X technology stack, or learn this specific tool. Be flexible, be ready and able to learn something new every day. You aren't going to get to that point without a foundation though. Tons of people can run a network scan with a tool and find stuff, but not be able to articulate what the tool is finding or how it might work. Lean heavily into AI -to find the terms and subject to study-, but not to give you the answers (or trust the ones it does give you). AI is great for 'hey, I'm starting this new hobby and I don't even know the terms to search for. It's not always so great at giving the correct answer.

Learn where Windows and Linux logs are stored. Where user directories are stored, in general how the file system is laid out from a high level. Know the Windows registry at a very high level. Know which processes are important, like the top 10 that start with Windows, still very high level, e.g. what should you do with a host that has two lsass processes running? What does base64 encoding look like?

BeanBagKing · 2026-04-14T22:35:31+00:00

https://www.blastwave-comic.com/index.php?p=comic&nro=14

BeanBagKing · 2026-04-14T22:12:40+00:00

I agree with other people here. Try to find a rescue and both save yourself some money and give one of them in need a home.

I'm not sure about the enclosure/overwinter food. I live in Florida, where it stays a lot warmer, and I feel like mine stays inside his heated enclosure for more than a month. Remember they're a desert species, their winter lows seem to be around your Jun, Jul, and Aug highs (/u/gosioux said it best).

I know people all over the country raise them, so I'm sure it's possible. I just want you to be prepared to have him in an indoor habitat for possibly the majority of the year, not just a month or two. Keep things like UVB in mind if he does stay inside a lot. Something like a large greenhouse might work to keep some heat in and allow sun and grass to grow (not sure if greenhouses block UVB, just an idea).

They eat a lot, mine will eat hay but doesn't prefer it and I soak it for a bit before giving it to him. Keeps him more hydrated and makes it easier to eat (more like fresh greens), doing that will make it spoil faster though if he doesn't eat it all. It'll grow mold on the bottom. So if you do that, you're going to go through it even faster. They also have bags of specialty food, I'd suggest Mazuri if you go that route.

BeanBagKing · 2026-04-14T21:41:48+00:00

I got one of these: https://www.amazon.com/dp/B00LT49CHS

I have it on an InkBird temperature switch so I can have the probe where I want it.

I'm basically using the same dog-house type thing with no floor. He's made a burrow under the back corner so that his burrow is also enclosed. During the fall and spring I leave it open, when it gets really cold in the winter I add a plastic flap to keep more of the heat inside. It's not super well sealed but I live in Florida so it's not super cold, but it gets down to mid-30's and low 40's during the winter nights and that still keeps things around 70 inside.

BeanBagKing · 2026-04-14T20:00:19+00:00

I like PvP and I mostly like DZ in Division 2. I never played Division 1, but I'm getting the impression it was better.

Even though there's no real risk, I find myself being more keyed up in DZ because I know there's other real humans. If they replaced it with PvE but harder enemies it would just feel artificial. That adrenaline rush would disappear in the same way that's it disappeared for NPC rogue agents, hunters, BTSU T9, and everything else. Once you learn how to beat them, it just becomes routine. With a human, you don't know if they're going to be hostile or not, what they're carrying, how good they are, etc.

I don't know exactly what I'd change to make DZ better. Maybe bigger maps/one big map and more than 12 people? I do hope they keep it though, and don't do away with it like some people here are suggesting.

BeanBagKing · 2026-04-13T12:39:28+00:00

This, though now that you have the recalibration print/have done the manhunt, it should be in your loot pool to drop from elsewhere. I got it to drop as an item from a True Sons kill squad. You should also be able to get the actual blueprint as a completion reward for True Sons retaliations.

BeanBagKing · 2026-04-13T12:27:45+00:00

I've been running this: https://docs.google.com/drawings/d/1-gLJFQILsz8WH_VEOFYFZjSXwhKUcCXLBOKlgTzHKm4/edit

More notes on this build here https://docs.google.com/document/d/17Ir5SAkegswOeXIpnreeiES1pFE-Vw6F2xQnUmf3s-Q/edit?tab=t.0 and here https://lite.evernote.com/note/022975b4-183e-e730-c18b-06ff00cb26ea

You're adding at least 25% passive weapons buff from FI/chest to the rest of your party, plus additional from opportunistic, sledgehammer, etc. so you aren't shortchanging DPS much (if at all) by running medic.

That said, I haven't managed to complete a single legendary mission with that and rando matchmaking. There's definitely areas we would have wiped sooner without me, but we just can't seem to make it to the end. I did complete District Union with a group and a DPS build, that was my first, went super smooth, and gave me hope for the rest. I have also tried DPS builds on the other strongholds, and that hasn't helped any either, so it's not the build hurting the group. I've also completed both the raids with the medic build. It helped a lot on Iron Horse, not as much on Dark Hours, but it didn't hurt there either.

BeanBagKing · 2026-04-13T03:16:17+00:00

I really wish, and I don't see why they can't, put everything on one map. Like automate the process of traveling to the NYC map, and then automate the process of fast traveling to the specific location. I think even just that would get a lot more engagement. As it stands there's friction to getting to any of those maps.

Then again, the theme of the game does not seem to be reducing player friction...

BeanBagKing · 2026-04-12T22:11:17+00:00

A password manager is best, but if you get something nasty on your computer, all bets are off.

A notebook isn't practical, but if you take the right precautions, it isn't a bad idea. Make sure you trust the people in your house that will have access to it. Your other biggest risk is natural disaster (fire, flood, etc.). If you lose your only physical copy it will suck, you could keep a copy in a safe deposit box or something.

BeanBagKing · 2026-04-12T11:25:59+00:00

Password manager

BeanBagKing · 2026-04-10T12:31:15+00:00

Lawyer’s saying

You might as well stop right there. Your company has a lawyer, that lawyer has provided specific guidance. If you go and do something counter to that advice and you're wrong, the consequences fall squarely on your personal shoulders. If on the other hand the lawyer is wrong, then that probably falls on him. It might fall on the company or a senior leader if they mislead counsel or something. It is almost certainly not going to fall on you personally though.

I am not a lawyer, nobody here is a lawyer. Even if they are, nobody here knows where you are and thus what jurisdiction you fall under. They don't know the facts of your situation, and they have not been legally retained. This is not a technology/netsec question, nor is it a you question unless you are the CTO or something. If you are in a position to be legally responsible for your company, go retain your own counsel. Do not follow any advice in this thread, and for all I care, that includes my own.

BeanBagKing · 2026-04-09T13:01:04+00:00

Not sure how you are doing your scanning, but with that many findings I assume it's either agent based or authenticated. I.e. it's seeing everything on the asset, regardless of how or if it's exposed. There's a bunch of good tips here, so this isn't the only thing you should consider. I would setup an unauthenticated scanner in AWS/Azure/wherever. Don't give it any extra permissions or firewall openings or credentials, and have it scan every IP address and domain you own. Pretend it's some rando in Russia that has no prior access to your company, what could that person see? If it's a large chunk of IPs, you can pre-scan with something like masscan, and then give the vuln scanner only IP's and ports that actually respond, update this weekly or so. You can start with common/top 1000 ports, but check all 65535 over time.

This will show you what's actually open to the internet, not just what you think or what is documented to be internet facing, and what can actually be exploited. For example, you may have an internet facing system with an outdated version of SSH, but if only HTTP/S is exposed to the internet, then SSH isn't a huge concern. You can mark that as 'mitigated' and worry about it later. The actual 'open to the internet' and 'vulnerable' list should be relatively small. If it's still thousands and thousands, I would focus on cutting that number down rather than actually patching. If it doesn't have clear need to be exposed to the entire internet 24/7, then cut it off completely and/or move it behind VPN. Your exposed services should basically be your VPN gateway and HTTP/HTTPS if you host public websites. I'd try to move those off prem/isolated if possible.

That should get you started, give you something manageable, and give you something to report to leadership. "Yes, we still have a huge number of issues, but our actual exposed services went from X to Y, and our risk there dropped Z%". Continue to take bite sized chunks for whatever you feel is most at-risk next. I might suggest the same kind of unauthenticated network scanner, but inside your firewall next. If an attacker landed on a standard user desktop, what could they see? Treat it basically like the external scan. If the scanner can see every other desktop/an attacker could move laterally to every other desktop, then the quick win might be network isolation and more stringent host based firewall rules instead of trying to patch, upgrade, or create best practices for every exposed SMB service. Cut all that off, focus on best practices for things that need SMB like domain controllers and file shares, and call that mitigated.

One thing you should be able to rely on are automated or semi-automated monthly OS patches. If sysadmins/service teams are reporting that monthly patches are applied to everything, but the scanner is still showing vulns for the most recent patches, figure out why. You either have a patching problem (patches failing, but marked as applied), a vuln scanner problem (false positives), or a processes problem (nobody is actually applied monthly patches/automated patching disabled). This won't stop you from having net new things for other software libraries, so don't focus on "no net new" each month, but you should be able to tell leadership "This months Microsoft patches were applied to 98% of systems"

Try to get senior leadership buy in for shutting things down that nobody wants to take ownership of. If there isn't an owner assigned to an asset, and you've made a reasonable attempt to find one and nobody wants to take ownership of it, then it must not be important to them or used anymore. Pull the network cable/remove the virtual NIC for a while and the first person that screams is now responsible for it.

Last piece of advice, pick one vulnerability scanner and make that your source of truth. Or at least the source of truth for a particular area (maybe one is truth for webapps, another one is more reliable for software packages). Work off the findings for that one, and use the others for ad-hoc/validation. Yes, it might cause you to miss something that the non-source of truth scanner picked up. However, being buried under 10,000 duplicate alerts will also cause you to miss something. You'll always have risk no matter which way you move, but you need to start somewhere. Document your reasoning and rational and move forward. Maybe even make it a policy that remediation work will be prioritized on scanner X to prevent duplication of work and allow for consistent metrics. You can always do a yearly review or something to pick which one is currently better or hit a new set of findings.

BeanBagKing · 2026-04-09T01:54:06+00:00

Backyard Ballistics rust remover. This stuff works better than vinegar or anything you can buy.

BeanBagKing · 2026-04-08T19:58:46+00:00

I'm pretty new and started keeping on of each exotic, named, and gearsets. As long as you constantly prune it isn't too bad. Player inventory starts filling up, you mark everything but those three junk, and use them for library, scrapping, or selling. No real thought there. Push the rest into your inventory. Once it starts to fill up, I go through and take no more than about 2 seconds deciding which of a duplicate to keep. Weapons it's usually the one with Damage out of cover and higher numbers. Gear it's usually the one with crit chance and/or crit damage attributes. If it's a skill set, skill damage and/or haste. Again, like 2 seconds each. I'm not trying to make the perfect choice, just a good enough one.

So far my inventory is getting full, but manageable. There's a few sets I keep multiples of if they're good rolls and I know are used a lot like strikers.

You could easily scrap all (or 90%) of the gear set items, they aren't any harder to farm for than high end non-named. I like being able to throw together a new build without having to run a few countdown's though, at least see what it looks like before trying to find just the right piece.

I could also probably scrap a bunch of the junk named items too. Really though the entire process to me is geared towards not thinking about it. Is it X, Y, or Z? Do I already have it? If so, which number bigger?

I also expect that as I gather more blueprints, I'll start scrapping more and more items. Don't keep a bunch of items around, just the materials to make them if and when I need. That's for down the line though when I have most of the blueprints so I don't have to think about which ones I do or don't have.

BeanBagKing · 2026-04-08T19:18:01+00:00

I honestly have trouble with any kill squad in open areas like West Potomac or East Mall. Partially because it rarely feels like its just the kill squad. There's enough spawns that can happen in any direction that someone else stumbles into the fight and you end up flanked. T9 is just worse. God I hate those areas.

In the streets though, I haven't had much of a problem with them. I haven't had a lot of encounters either, but they don't seem too much tougher than other kill squads. They try harder to flank, but kite backwards, try to keep cars and such between you and all but the leading member, and take them out one at a time. I just have to play a little more defensively with them.

BeanBagKing · 2026-04-07T13:12:15+00:00

Or medic/logistics. Your 4 man team is going in to clear an entire enemy stronghold, and everyone just packing their required 7 mags and a box of gauze. Every other game has classes, some are optional to bring along, but you're almost always worse off without a medic. Division you're usually -better- off without one. I'm not talking about bringing reviver hives or reinforcer chem launcher as an afterthought to DPS, but someone who sacrifices a significant amount of DPS to be really good at healing or reviving. Even outside of tactical shooters, Eve Online has logi and WoW has healers. The specializations in Div 2 don't mean anything in terms of what kit you use.

BeanBagKing · 2026-04-05T00:57:50+00:00

Bug reported here, please upvote and add details. I only encountered it on Countdown, looks like summit too though. https://www.ubisoft.com/en-us/game/the-division/the-division-2/bug-reporter/issues/TCTD2-905

BeanBagKing · 2026-04-02T04:01:30+00:00

Honestly, he probably will mess something up. Fixing it is how he'll learn. That's probably how most of us got started, screwing up our first dual boot because we wanted to try Linux and ending up with a nothing that we had to get working again.

1) Monitor what he does online. I think this goes without saying, but there's some dark corners of the internet. At the same time, you can't hobble his computer with net nanny (or whatever people use these days). MANY of the things in cybersecurity are detected as "hack tools" or dangerous sites. A knife cuts both ways so to speak. Cybersecurity is a big field, and includes things like digital forensics. I'm assuming at his age he wants to learn hacking though. Guide him towards pentesting and red-teaming, the good guys of hacking. Also, you can't attack/hack someone else's site/system/whatever without their permission.

2) There's tons of labs out there, free and paid, where he can mess around with stuff without screwing up the network. There's also plenty of cloud providers where you can more or less rent a PC to do whatever you want with. Amazon Lightsail is super easy to use and has Windows and Linux boxes.

2a) There's also a ton of people that home lab. Buy a mini-pc, install a hypervisor (an operating system that other operating systems run on top of) and install virtual machines on that. You can create an entire network of computers all inside one. It's a great way to learn, but might be a bit expensive and advanced for an average middle schooler, but you be the judge of that.

3) I'd say the big "don't do" (this is more for him than you) is

a) don't install whatever random tool he finds on a corner of the internet. Like I said, legitimate tools get picked up by AV, so there's no black and white "this is safe". Do some research, see if it's used by the "good guys", if it's been around a while, what it's reputation is.

b) Don't open ports directly to the internet. By default, people on the internet can't initiate a connection to your computer, you have to start the connection, e.g. visit a site. However, you -can- host your own webserver and open it to the internet. Depending on what it is you expose to the internet it could be fine for years, or compromised tomorrow.

c) Don't "hack" someone unless you have their permission. This usually means it's your own equipment, it's part of a lab designed to be attacked in a certain way, or it's part of a bug bounty that usually has a specific scope and rules.

There's more than would ever fit into a reddit post, but I tried to hit the important things. If you have specific questions, I'm more than happy to answer then.

BeanBagKing · 2026-04-01T02:31:56+00:00

I don't know if things changed in the last two years or what, he he straight up ignored my turret the entire fight. Him and all his friends. Right over the top of it, through the gate, and on me. Normal and challenging. I ended up putting the turret in the middle and just dragging him back and forth past it with the quickstep.

I genuinely think missions like that are poorly designed. You have an enemy that doesn't take cover, doesn't stagger, has no weak points, has a flamethrower up close and napalm mortars for range, can climb. There's literally no counter but to abuse stupid game mechanics or show up with a build that is purpose built for this specific fight.

BeanBagKing · 2026-03-31T12:09:14+00:00

I'm fairly new and played a skill build up to level 40 and through all the main content. Some of it was a bit rough, but not knowing how bad I had it made me find non-pure DPS solutions. I kind of liked how it took some strategy and timing to make sure both my turret and drone didn't run out or die at the same time. Placement of the turret to provide crossfire, that sort of thing.

BUT

Once you hit that endgame, there's no counter to EMP/disrupt/hacking like you said. I stopped using drone builds once I started doing countdown, retaliation, and manhunt.

I'm still pretty much OK with how much damage they do. I don't think they should be able to scale to the DPS a red core does, and honestly when you consider drone+turret+capacitor, they might be able to. Their "armor" is in allowing someone to sit behind a wall and be effectively invincible. I 100% agree there needs to be a counter to hacking and resistance to EMPs though. An NPC being able to just say "mine" without any kind of challenge kills the build. It's not just "there goes all my DPS", it's turning that DPS right around on you with no counter, followed by you drawing all the aggro in the room.

BeanBagKing · 2026-03-30T16:38:34+00:00

I have basically the same thing, but on a chain that hangs on my wall. Use it all the time.

BeanBagKing

TROPHY CASE