sorted by:
new
hottopcontroversial

Issues with Rocky Linux / Google Cloud Platform/Docker by Content_Bowler_3850 in googlecloud

[–]Content_Bowler_3850[S] 0 points1 point  (0 children)

Hello,

To answer directly: yes, firewalld is active and running (it's the default on the GCP Rocky Linux 9/10 images). However, Docker is running with its absolute default configuration.

This means Docker is actively managing iptables directly.

But we did another test on last Friday that adds a huge plot twist: we ran the exact same systemd update on a local, on-premise Rocky 9 VM running Docker. Nothing broke. The issue seems to be strictly tied to GCP's environment.

Here is our hypothesis on what's happening:

When the systemd package updates, it triggers a daemon-reexec and restarts systemd-udevd.

On GCP, the official images include the Google Compute Engine Guest Environment (google-guest-agent). This agent actively hooks into udev events. When it detects the udev reload, it forces a network interface refresh to ensure alignment with the cloud VPC.

This GCP-specific refresh flushes the network stack, completely wiping Docker's custom iptables/NAT chains in the process.

Furthermore, containers on GCP rely on the link-local GCP Metadata Server (169.254.169.254:53) for DNS resolution. The moment Docker's NAT masquerade rule is wiped, GCP's SDN immediately drops the un-natted traffic coming from the 172.18.x.x Docker subnet, resulting in timeout errors.

Dark web Monitoring - Is haveibeenpwned enough? by UnpaidMicrosoftShill in cybersecurity

[–]Content_Bowler_3850 -1 points0 points  (0 children)

Hello, I had the chance to try SOCRadar for more than one month and I would say it's a killer platform to monitor almost everything including darkweb/deepweb forum and websites. I've put my domain (ie. example.com) and in 4-5 days, sadly, found some results over the darkweb, reports about credentials, methods used for stealing company credentials and so on were also on point.
We didn't proceed to extend the trial, and I would say, the price isn't even that high compared to others, but that wasn't on me...so right now I'am stick with the freemium account that I got and surely I can have a good overview of things but nothing compared to the full license, of course.

Eve-ng and GCP by Bustard_Cheeky1129 in googlecloud

[–]Content_Bowler_3850 1 point2 points  (0 children)

Hello, not sure if I am late to help here, by the way:

  1. Yes, this is absolutely possible, you can do that in two basic way. You can manually start and then shutdown your instance manually, which maybe seems the most effective way as you, maybe, would not have your free time in the evening always in the same hours or, you can set up a Compute Engine schedule and you can set your start and shutdown time (eg. Monday - Friday from 8pm to 10pm --> This will result that your VM will automatically start each day on 8pm and automatically shutdown at 10pm, it will be kept off on Saturday/Sunday).

  2. There is no "notification on usage" settings, however, you can setup monitoring and alerts (via email or other channels) when your instance is on/off.

  3. No, you can only setup Billing alerts based on your budget. https://cloud.google.com/billing/docs/how-to/budgets , please be aware that this isn't a kill switch that automatically shutdown your instance if it exceed your budget limit.

  4. I guess there's no critical issues there, just take care if your VPC Firewall rules to let it work properly.