De-Coder’s Ring

Consumable Security and Technology

Month: April 2017

Amazon Linux – Java 1.8.0 for Elasticsearch 5.3

April 20, 2017 / / 0 Comments

Quick note, and it’s not too hard, but took a few minutes to remember.

Amazon Linux comes with Java 1.7.0 installed. I wanted to upgrade to 1.8.0 for Elasticsearch 5.3

 

Awesome!

 

Not Awesome

Just yank out 1.7.0

If you need both installed, maybe an old piece of code needs 1.7.0 and all your other stuff can deal with a global default of 1.8.0,   update your legacy apps to specify the JAVA_HOME environment variables to the real location of java-1.7.0, and update the global system like this:

Had I not removed Java 1.7 already, I’d have 1.7 and 1.8 in that list to choose from.

 

 

I Spy on You

April 18, 2017 / / 0 Comments

I spy on you, it’s my job.  

I build tools that monitor your computer network.  

They will get installed at your employer and because of that, we have 100% visibility into what you’re doing on your network…. and you should be glad!

Cybersecurity is a hard ‘thing’.   It’s a constant arms race for new exploits, new tool kits to take advantage of those exploits and new defenses on how to stop those exploits.  It’s not a new game, and the game will never go away.  The rules are pretty simple.   There are people out there who want to impact your computer network.  Then, there are people who try to defend your network.   Pretty straight forward eh?

The attackers have various reasons they want to attack.

  1. Personal education, figuring out how to break things
  2. Bragging rights, so they can seem cool in their dark circles
  3. Theft, stealing your personal/customer/employee data 
  4. Reward, getting paid to attack, corrupt, encrypt, etc

Why I need to Spy on You

In order to understand what’s going on, we need 100% visibility into a network.   We need to see how data flows.   Need to see how address lookup (DNS) works.  Need to see what web sites are visited, URLs and files are loaded.    Is your computer talking to a known bad web site?  A  known exploited file got downloaded?  We need to log everything.  It’s like CSI..   but network forensics.

…  just remember, I don’t care how much time you spend on Facebook.  I don’t care about your, eh, OTHER online browsing habits, as long as they don’t infect your computer!  

 

 

Career Goals: Long Long Term

April 12, 2017 / / 0 Comments

An idea that really rings in my head is around long term planning.   The context I typically hear it is in when dealing with personal finances, but I think it applies to career goals as well.

Immature, and eventually/continually broke people constantly talk about how to spend their money.  “Thank God it’s Friday, Oh God it’s Monday”.    The check comes in, and it goes right back out.   All decisions are made for the short term.  How much payment on a car can I afford?  How much is my check this week so I can go out this weekend.

This type of thinking will kill any chance of long term wealth building….  but that’s not the point of this post.   The point is, it applies to your career, income, job, etc as well.

Most people I know think about their current job.  There are two sides to that..  how to do the best I can, and how can I get by without being two miserable.   (that’ll make for another blog post later).

The question that’s missed is “Will this job get me to the job I want in 5-10 years”

I’m constantly thinking about “What’s next”.   ( I hope Aharon doesn’t read this wrong, lol, I like him)

What’s your 5 – 10 year goal?   Are you actively working to get there?   Read books, meet people doing what you want to do, look into applicable education.

My career field is fantastic.  I’m very glad to enjoy what I do day to day.  I get to leverage computers to keep people safer.  I use lots of technology to monitor and protect your computer network and personal data.

10 years from now?

I’m a fan of work.   I’m a fan of flexibility.  In 10 years, I’ll own my own technology firm of some sort.  What kind of tech company, you ask?   That’s where I get stuck.  So many options, and I don’t know how to narrow it down yet.

  1. Continue to monitor the cybersecurity industry, and try to find a need to fill by building a product (or services company)
  2. Build a technology integration service.  Lots of R&D, making tools work together, after all, that’s my favorite thing to do
  3. General technology consulting.  Strategic consulting, not necessarily hourly contracting kind of thing.. but, who knows

Lots of ideas, lots of options.

What do you see me doing?   What do you see YOU doing?

(( Seriously, Aharon, I’m not going anywhere anytime soon ))

(( Fine, here, I’ll show my loyalty.. check out what we’re building at Perch Security!!! ))

Slow Down: Wrong Cables

April 7, 2017 / / 0 Comments

I made a bone head move this week.   I went onsite to a new customer, who we love, to install a new network sensor.  It’s been a crazy hectic few weeks with the growth we’re having @ Perch Security, but that’s not really a valid excuse.  I’m owning up to my mistake, and reflecting on it.. thankfully, our customers are super cool and they get it.

Normally, I label our sensors for easy installation.

Dang, look at that sticker

That way, our customers know which port to plug into their management network, and which port is going to be watching their mirror/span/tap.  The installation went well.  The sensor was talking to my cloud.  The problem was, the sensor was only seeing broadcast data.  No typical network traffic (HTTP, SMTP, etc.  see:  post ).  Obviously it was a mirror configuration problem.  After all, if the sensor has an IP address and can talk out, the management port CAN’T be plugged into the mirror port.  It’s not my problem, it’s the switch!    (Uh oh, bad assumption right there, it turns out).     I would have known that, if I had the right ports plugged into the right ports on the switch.   Ugh.

Of course, this time we had a lot of new things

  • New hardware build, so unfamiliar with layout of the back
  • No stickers (cause it fell off in transit, argh!)
  • No indicator on the back of the sensor to which port is which

All of these things were in place because I was rushing around like a dying chicken.  That’s a thing, right?

Now it’s time to reflect.   How do I set us up for success going forward?     I have instructions.  I have labels.   I have the know how to do it all.

I just need to slow down.  Slow down.  Slow down.

(( Thank you for reading my self reflection for the week.  If you don’t hire me some day because of this post, that’s OK.. I ain’t perfect  ))

 

© 2018 De-Coder’s Ring

Theme by Anders NorenUp ↑