this post was submitted on 13 Dec 2023
11 points (100.0% liked)

cybersecurity

3295 readers
26 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Enjoy!

founded 1 year ago
MODERATORS
 

Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.

top 8 comments
sorted by: hot top controversial new old
[–] [email protected] 6 points 11 months ago

Reviewing the CIS recommended hardening config for Windows Server. Just realized that you shouldn’t just look at the failed controls but the ones that passed too. One control when enabled actually passes command line entries into the audit log in plain text, so that includes passwords.

[–] [email protected] 6 points 11 months ago (1 children)

My research grant was funded. Now the hard part- executing with the goal of getting year 2 funding.

Also going crazy because everyone wants their risk reports before the holiday. As if they’ll even get read before vacations start.

[–] [email protected] 2 points 11 months ago

Congrats on getting funding, that’s awesome!

[–] [email protected] 4 points 11 months ago (1 children)

Trying to find a suitable WAF for AWS EKS. Any suggestions?

One of the teams has a cluster built with the nginx ingress which uses classic load balancers. Shifting them to the AWS ingress (which uses ALBs enabling our AWS WAF to apply) looks like it’ll be massively expensive due to the blow out in load balancer costs - but it gets us a WAF we already use across everything else. Other option is to find a WAF specifically for EKS and shift all clusters to that.

[–] [email protected] 2 points 11 months ago (1 children)

So native AWS WAF isn’t viable because of costs?

[–] [email protected] 2 points 11 months ago

My preference is for the native AWS WAF as we already use it. The rub comes from how the cluster is architected which would mean we’d have an ALB ingress per application - the prohibitive cost is purely the extra ALBs that would be created. Though I literally just heard it’s not going to be as bad as initially forecast so ¯_(ツ)_/¯

My original curiosity was if any of the K8s specific WAFs are any good, for example Prophaze.

[–] [email protected] 3 points 11 months ago

Trying to get started with reverse engineering and binary exploitation by following this guy. My brain hurts, but in a good way!

[–] [email protected] 3 points 11 months ago

Well just got done with fixing a few annoyances in some of my github utils and added a few things. Overall been pretty busy... I think.