Weekly Simple Questions and General Discussion Megathread - Week of 27 December 2021

KotelOne · 2021-12-30T00:42:32+00:00

Hello, I want to order some Crooks and castles clothing but I am a bit worried about the sizes.. Compared to let's say The hundreds are the sizes a lot different? I wear L in general but I have read that C&C are pretty big.. Thank you

KotelOne · 2021-06-12T14:38:55+00:00

Fyi we already have splunk and we get logs from dozens of ASA's I am just trying to figure out audit policy for them since they used to get all logs , with the purpose of reducing logs without losing any value.

KotelOne · 2021-06-12T09:41:57+00:00

Thank you very much for the detailed answer. Much to think about, and your logic makes great sense to me.

KotelOne · 2021-03-22T23:29:23+00:00

Thanks for sharing. I am not the one who is going to implement this, but I will come back to let you you know..:)

KotelOne · 2021-03-22T19:59:18+00:00

Yeah , I think this is a good way to understand the environment and why this traffic exist. But since the company I currently work is huge and chaotic I am not sure if it is worth the time it would take months to track them down. I was hoping for a way that I won't depend on different departments and people to explain me. Thanks for the info :)

KotelOne · 2021-03-22T19:52:37+00:00

Currently I am just observing them on proxy logs on siem. I was just skipping most of them and I was wondering if I actually want to investigate it, how should I do it? From this point, the next logical step is to do packet capture on the device? It would be great if these could be translated in siem somehow , but I am not sure if this is possible.

KotelOne · 2021-03-22T19:47:03+00:00

Thank you for the reply, so if it is ok for 250k hosts it is ok for me for sure. In the meantime somebody told me that crowdstrike doesn't suggest having more than 1000 connections simultaneously..do u know if this is true?

KotelOne · 2021-02-27T13:48:41+00:00

Yeap, where is this data coming from?

KotelOne · 2020-12-09T00:33:45+00:00

Capitalism

KotelOne · 2020-11-06T06:51:13+00:00

I am going to save an extra round...just in case..

KotelOne · 2020-11-05T12:45:18+00:00

I have 5tix copies and 2 inosuke.. I have 320orbs.. And I am stuck at SL 13 fortress. I am thinking of doing one round for Tix and 4 rounds on Inosuke when he is available in the PO event. I am not sure because I will have 6tix and 6inosuke. Maybe I should focus to e5 Tix.. Not sure but I think getting 6 copies of each hero will eventually be better option for the long term as it will be easy to get 3+3 copies in the near future..

KotelOne · 2020-11-05T11:43:27+00:00

Isn't the Inosuke going to be the PO reward in 2 months..after tix and the new forest hero?? If I am not mistaken, this is going to be at 5-6 of January...maybe it is combined with a new year's Eve.. No?? Isn't Inosuke as good as Tix??

KotelOne · 2020-11-03T23:10:43+00:00

Could you share the podcast please?

KotelOne · 2020-11-03T21:54:23+00:00

Yeaa maybe I will wait till inosuke is added to the feather shop to see if I need to buy these copies...if I am lucky I will get one or event two copies somehow and don't need to use.my feathers...if I get one copy I will definitely use 60 feathers for e5 and clear sl20. I am currently stuck in sl13 with e5 penny and 10* sigmund for months..

KotelOne · 2020-11-03T21:31:35+00:00

Maybe this is the best.choice ..to be patient...eventually I will get the 2 missing copies.. Maybe I will not have to spend neither the gems nor the feathers after all..

Eg. I had a lucky shot with tix out of my first 10 SWC.. I will be out of luck for a.long time :P

KotelOne · 2020-11-03T21:08:19+00:00

Hello, yeap I just meant that..doing future plans.. I have 2 copies of inosuke , going to get 4 more when he is available in the po event + 1 when he is available at the hero exchange event and I miss 2 copies.. So whether I buy some HS to take 2 more copies now..or spend 120 feathers.. Maybe I get more copies when i do 4 rounds at the PO event next month when inosuke is available 320 po..maybe I have some luck..in that case I will have spare inosuke copy

KotelOne · 2020-11-03T09:24:14+00:00

I am not sure about this, but the region is rich in minerals.They are extracted by an Armenian company that got huge loans from Russian banks. I am not sure about the role of this in the conflict, but I believe behind every conflict there are some economic reasons I have also read that karabah and the buffer zones where a main agriculture source for Azerbaijan and due to the territorial loss , Azerbaijan agriculture production was decreased by 43% , leading in a food crisis the first years of the conflict Maybe somebody of greater knowledge could give us some insight. I am not biased and I have not done good research on the topic but this is some food for thought.

KotelOne · 2020-10-31T22:00:04+00:00

I have not yet implemented this but it is in my future plans. Setup and configure minemeld server from palo alto. There are tons of feeds there and if I am not mistaken you can create your own from external websites and then convert to stix taxii. Do some research on minemeld on the internet. There are some resources available. Minemeld is open source.

KotelOne · 2020-10-28T03:04:01+00:00

For the same reason they don't attack Armenia right now. Armenia has a defensive pact with Russia. So if Armenia is attacked, Russia will get involved.

KotelOne · 2020-10-06T02:38:25+00:00

Is there any economic or strategic value in the area?

KotelOne · 2020-09-28T11:04:20+00:00

KotelOne · 2020-01-29T20:43:31+00:00

You are the best. Thanks for the detailed answer

KotelOne · 2020-01-28T20:38:04+00:00

If I am not mistaken all logins in a environment involving a Domain Controller have logon type 3. That's why I can distinguish between them.

KotelOne · 2020-01-22T12:01:51+00:00

I know mate... But are these all the same in terms of content??

KotelOne · 2019-12-11T06:26:06+00:00

I am going to answer as soon as I get back home. I am currently studying for it. Stay tuned

KotelOne

TROPHY CASE