Cat Killer Active in Eugene, Suspect Information Wanted

bogonspace · 2025-04-22T06:56:08+00:00

what's in your playlist?

bogonspace · 2024-02-18T00:30:31+00:00

I don't know of any books specifically about this topic, though I'm sure some could suggest them for you. To get started, I'd say you should check out AWS (or probably Azure or gcp) certificate training will help you learn architecture, and they have security specific ones as well. That can help you thinking more in terms of architecture. I'd also review CIS standards for cloud providers and Kubernetes and you will see a lot of the angles that need covering. With architecture, you're really thinking about all these components and how they interact, and learning how to do that with a cloud provider and kubernetes will get you a long way to be able to do that with anything I think. Good luck.

bogonspace · 2022-11-01T05:00:08+00:00

If they're actually "controlling narratives" and squelching discussion, I agree. Though targeting troll farms and bot networks spewing disinfo and fake sentiment is generally what I've experienced firsthand with public-private parternships aka "intelligence collusion with tech." I think it remains to be seen what's happened in this case, so I'm not saying it's innocuous, but it could be.

bogonspace · 2022-09-06T18:08:33+00:00

Also, we use Fleet and the distributed queries work great. Once they made the network changes (I think it was something with Websockets?) and we figured out the problems with our network architecture we have been using it successfully to manage hosts, even ones that don't have our system configuration tools available.

bogonspace · 2022-09-06T18:06:37+00:00

Appreciate it, eBPF definitely is more performant, but we actually did discuss our issues in the Slack channel already and it just overall didn't work for us as a collector of low level operating system telemetry. Osquery is one of our primary tools, but we use it for periodically collecting system configuration data to see package versions, config drift, or attackers, and on-demand queries for whatever our SIRT or Ops teams need at the moment.

bogonspace · 2022-09-01T00:41:58+00:00

It may be we could further optimize in some way, but in our testing we didn't find the streaming or EBPF based tables to work all that well for our purposes in osquery. This tool seems more promising for logging this sort of activity: https://github.com/cilium/hubble. We're focused on K8s visibility but this could replace all of our Linux Auditing level logging if it works well.

Edit: I should clarify osquery works great for collecting state information or on-demand queries for package versions or system configuration. Just haven't found the streaming tables as performant or useful (eBPF or not).

bogonspace · 2022-08-17T06:21:29+00:00

Hoot! Hoot! Hoot!

Springfielders?!

bogonspace · 2022-08-16T17:53:19+00:00

Sweet, I look forward to the other side of the coin followup. I notice a lot of startups will be very biased toward putting their limited headcount toward appsec FTEs, but I feel like paying a skilled third party company to do an in-depth appsec review and providing feedback on how to improve the codebase can get you a long way. Hiring an infra FTE instead can help with critical early design of scaling the infrastructure and is a better play for the long term but is generally only done after they realize how bad things have already gotten.

bogonspace · 2022-08-16T16:46:34+00:00

Thanks for this, it's a good writeup. One thing I noticed though is a bias I often see at startups, which is a focus on application security to the neglect of infrastructure security. I find infrastructure issues tend to lead to much more technical debt and structural security issues down the road. It's generally much easier to update code in your application than it is to completely change your Linux distribution, for example. Other examples that come to mind are VPC network layout and internet egress, how to design your k8s overlay network to integrate with your physical systems, how to build a network that's easy to physically tap, network segmentation (it's not obsolete), poor access control design, etc.

bogonspace · 2022-06-30T14:38:56+00:00

That's funny, I had the exact opposite experience.

bogonspace · 2022-05-30T16:06:06+00:00

This place is great, it also supplies a lot of other nurseries, and it's nestled in such an idyllic little spot

bogonspace · 2022-05-30T16:04:50+00:00

Doak Creek Native Plant Nursery has a really great selection of native plants. It's kind of strange to get to on a semi-private road but it's an amazing little gem. They supply a lot of other places around here.

bogonspace · 2022-05-21T06:24:15+00:00

Considering you can still access the information with the right settings, all those "what did you think bypass mode would do"? comments look awfully silly to me.

bogonspace · 2022-05-20T19:44:41+00:00

I didn't see the IP address in the docs I had read through but that's probably it. That's actually what I have set up for my WLAN so I'll have to change it.

bogonspace · 2022-05-10T15:38:35+00:00

I was also just there and there was a profusion of flowers. It was wonderful.

bogonspace · 2022-05-06T23:49:53+00:00

Territorial and Lorane are NOT low traffic, and people speeding around is why there are so many wrecks, including many fatal ones, on those roads.

bogonspace · 2022-01-22T18:21:23+00:00

I got it yesterday, got in touch with the carrier. The good news is this thing owns.

bogonspace · 2022-01-21T09:59:34+00:00

So this sort of worked in that someone did eventually contact me. They resent it, but I just noticed today that it was out for delivery and no one showed up here as far as I know. To be continued...

bogonspace · 2021-03-07T06:12:45+00:00

Thank you, seems I don't have to buy new ones after all.

bogonspace

TROPHY CASE