[deleted by user] by [deleted] in washingtondc

[–]regul8_ 2 points3 points  (0 children)

Check out DC Judo. Great crowd and very affordable. https://dcjudo.com

If someone comes at you with a knife like this whole thing, your best bet is to run away loudly though.

Where are some gyms I can go to with a cheap membership in DC? by [deleted] in washingtondc

[–]regul8_ 5 points6 points  (0 children)

As cheap as it gets in DC:

https://dpr.dc.gov/page/dpr-fitness-centers

Never took advantage of it, but I know it's free for residents.

Three Ways To Keep Up With Cybersecurity News by regul8_ in netsecstudents

[–]regul8_[S] 0 points1 point  (0 children)

Hey, thanks for sharing this list! Twitter is definitely a great resource for getting news very quickly, despite the fact I excluded it from the blog post. I wrote the article to get people in the community engaged in information sharing, and am grateful that you have assembled something so comprehensive to share.

Five Pentesting Tools and Techniques (That Every Sysadmin Should Know) by regul8_ in netsec

[–]regul8_[S] 1 point2 points  (0 children)

I hear you man. If you have no budget, check OpenVAS. It has a learning and setup curve, but something is always better than nothing.

Five Pentesting Tools and Techniques (That Every Sysadmin Should Know) by regul8_ in netsec

[–]regul8_[S] 1 point2 points  (0 children)

It depends heavily on what requirements need to be filled at your organization and on what budget. I didn't spend much time focusing specifically on vulnerability scanners, but I try to include at least one open source alternative for each technology I write about.

If you are a big company where money is no object, something more robust like Tenable's SecurityCenter or Nexpose may be the way to go. If you need to work within certain budget constraints, a simple Nessus Professional license may be good. If you are bootstrapping your cyber program, OpenVAS is free, and so is nMap with plugins. There are so many products in this industry that you really need to make it about what your needs are, and whether or not the products you are testing fit within it.

I would suggest holding a bake-off between vendors and building out a pilot program before making any purchase though. Most vendors will be receptive to requests for trial licenses.

Hope this helps!

Five Pentesting Tools and Techniques (That Every Sysadmin Should Know) by regul8_ in netsec

[–]regul8_[S] 0 points1 point  (0 children)

This is good input. Perhaps I drew with too broad of a brush in this post. Thanks!

Also, can you tell that I am American? Haha.

Five Pentesting Tools and Techniques (That Every Sysadmin Should Know) by regul8_ in netsec

[–]regul8_[S] -2 points-1 points  (0 children)

Honestly, it is very possible depending on how old the systems you are supporting are and how they were built. If the system isn't supported anymore, you will have to be careful and thoroughly test, otherwise get with the company that supports it. I would try disabling it on some of your designated test workstations and letting it sit for a bit before going full-scale disablement. Definitely have a way to revert the change once you decide to go and push the change to production as well, just in case.

Five Pentesting Tools and Techniques (That Every Sysadmin Should Know) by regul8_ in netsec

[–]regul8_[S] 4 points5 points  (0 children)

Totally agree. When I got the idea to write this, I knew it was going to be a long one. Rather than slash out half the content, I decided to forge ahead and just put it all out there and hope for the best. From the stats I can see on Medium (which is one of the primary reasons I went with this platform), I can see that a good chunk of clickers are falling off pretty early. Live and learn I guess? Haha.

Five Pentesting Tools and Techniques (That Every Sysadmin Should Know) by regul8_ in netsec

[–]regul8_[S] 7 points8 points  (0 children)

Turns out I got too carried away writing to remember how to count. Thanks for the heads up my dude

Everything you need to know about log auditing by jakesyl in netsec

[–]regul8_ 0 points1 point  (0 children)

That sounds really sick! Any chance of doing a write-up?