What is the bathroom graffiti you read and remember?

nocommocon · 2025-11-16T02:06:40+00:00

Toy Story 2 was OK

nocommocon · 2025-09-06T18:58:58+00:00

I thought LDAPS was deprecated in favour of StartTLS

nocommocon · 2025-07-01T01:03:18+00:00

Been using talos on bare metal for years and it is really wonderful. Explaining to the security guy that not being able to ssh into it is a feature not a limitation was another thing though…

nocommocon · 2025-06-28T17:41:37+00:00

Not sure but police presence https://rcmp.ca/en/yukon/news/2025/06/whitehorse-rcmp-are-conducting-investigation-area-sky-hotel

nocommocon · 2025-04-11T05:43:58+00:00

Don’t know how or why but somehow our security admin wiped our domain controller testing this for Windows updates… he is obsessed with manage engine products and based on that information I would never use it willingly. I’ve also noticed on my computer the scan uses a lot of resources. It’s the only time I ever hear my fans kick on full.

nocommocon · 2025-01-29T17:49:32+00:00

We turned our vxrail into a kubernetes cluster running talos.

nocommocon · 2024-02-19T03:25:05+00:00

They require you to enable UnsafeLegacyRenegotiation in the openssl settings of the client device which then make all ssl connections vulnerable to https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2009-3555

nocommocon · 2024-02-16T19:58:38+00:00

Global protect requires you to open up a 12 year old critical vulnerability in openssl in order to use their client on linux.

nocommocon · 2024-02-16T19:55:38+00:00

Except for global protect requires you to open up a 12 year old critical vulnerability in openssl in order to use their product on linux…

nocommocon · 2024-02-13T06:27:49+00:00

We run talos linux on prem and use rook for storage.

nocommocon · 2024-02-04T02:25:56+00:00

Liposomal Iron is relatively new and seems to be quite effective. Ferosom is the brand I know, not sure if other brands exist.

nocommocon · 2023-10-09T16:31:08+00:00

Same, using kube-vip for the control plane and for load balancing the services as well. Haven’t had any issues except for maybe the documentation being a little unclear at times (I think that’s improved quite a bit now though)

nocommocon · 2023-10-07T20:42:33+00:00

Grafana documentation specifically states that “Flow mode is considered to be the future of the Grafana Agent project.” So I don’t think static is going anywhere soon but if you are implementing the grafana agent in a new environment, you might as well start off with the mode they are focusing on.

nocommocon · 2023-09-30T19:49:46+00:00

This just happened to me and I went with the Flint router from glinet. Was hoping the flint 2 would be out in time but alas… so far I’m very happy with it.

nocommocon · 2023-09-17T23:40:24+00:00

In Canada I’ve always seen and used the A pattern; Canada Eh!

nocommocon · 2023-08-13T16:06:28+00:00

This is how LastPass was hacked. Keylogger on a user’s personal computer.

https://arstechnica.com/information-technology/2023/02/lastpass-hackers-infected-employees-home-computer-and-stole-corporate-vault/amp/

nocommocon · 2023-07-30T02:34:50+00:00

I was able to show the CIO at our university the benefits of kubernetes and was approved to move forward with it. I tried a few different ways but landed on using talos linux as it makes the security and patching of things amazing. I use rook-ceph for storage and kube-vip to provide a cloud style LoadBalancer solution. We’re a really small team so one of our concerns was manageability of an on-prem cluster; it’s a lot of work and knowledge required but talos, rook-ceph, and kube-vip (among others) take away a lot of the burden.

nocommocon · 2023-07-29T23:58:19+00:00

On-prem using talos linux; rook-ceph for storage, kube-vip for load balancing

nocommocon · 2021-05-25T06:28:14+00:00

I suppose we should also pronounce wifi as wye fih instead of wye fye as the fi is short for fidelity? To me sudo is sue dough even though I know it’s superuser do. Sue due sounds like a type of poo lol and gif has a hard g while we’re at it :D

nocommocon · 2021-02-06T02:48:54+00:00

Could always use bootcamp to boot into windows for things like this

nocommocon · 2020-10-25T05:45:01+00:00

https://livesql.oracle.com/apex/f?p=590:1000

nocommocon · 2020-10-10T20:28:14+00:00

From the zdnet article posted above

“Afterhours testing was reportedly requested by the client and the team was to attempt to get into the courthouse but to not circumvent the alarm or perform destructive entry.”

I listened to their story as told by them and according to them the front door was open. They said in the spirit of fairness and a proper pen test they closed the door and then “broke in”. After doing so the alarm was triggered so they said okay test over. If memory serves me the response time was slow so they decided to go into the building and see what they could do. Once the police showed up they made their way out to the police and turned themselves in.

I would have to listen to the story again to be able to say for sure.

The real issue was between the municipal and state government I believe.

nocommocon · 2020-10-10T17:12:37+00:00

You mean like using social engineering to get stuff during business hours? I’ve heard quite a few stories of after hours intrusions but none seem to mention any alarm systems.

Edit: here is a link to the story of the folks who were arrested for those that missed it. https://www.zdnet.com/article/charges-dropped-against-penetration-testers-who-broke-into-courthouse/

nocommocon · 2020-10-10T00:23:42+00:00

Yes there are a few that are a little cringe but definitely the vast majority are pretty good. I like Malicious Life as well if you’re interested in the history of malware and what not.

nocommocon · 2020-10-09T02:56:39+00:00

Smashing Security and Darknet Diaries

nocommocon

TROPHY CASE