Kilala.nl - Personal website of Tess Sluijter

Unimportant background
Login
  RSS feed

About me

Blog archives

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

> Weblog

> Sysadmin articles

> Maths teaching

Dick would have enjoyed this: new addition to the lab

2021-07-29 14:45:00

A stack of servers and a phone

Last week was awesome! It was the last Friday before summer break, so I decided to move the class on Vagrant and Docker forward. This would give my Linux+ students a few cool things to play with during their holiday!

Next to that very fun day, one of my colleagues at ITVitae also gifted me a piece of old gear: a lovely, 2009 Apple XServe 3.1. Dick would've loved that, what with us both being Apple-geeks.

The drives were wiped, so I've found a way to image the MacOS 10.11 installer onto one of them. Aside from that: it has dual Xeons like my R410 and R710, 3x2TB of disks (one of which will move to the R710 for my lab) and 24GB of RAM.

This baby might be noisy and a bit underpowered, but it'll make a great Docker-host to complete my lab. Awww yeah!


kilala.nl tags: , , ,

View or add comments (curr. 0)

Not renewing my CEH

2021-06-23 15:27:00

Over the past decade or two, I've put in a lot of study-time to garner certificates for continued professionalization. Some of'm I'm really proud of, some were fun or cool, some were frustrating and some were just "meh".

EC Council's CEH (Certified Ethical Hacker) is one of those "meh" certificates, where my biggest motivation for continued renewal was the dreaded HR-checklist. EC Council have a great marketing department, that's ensured that "CEH" is on many corporate security job requirements.

That's the only reason why I kept paying my annual dues. Never because I'm proud of it, or because I feel it adds to my profession, always for the market value. 

Not any more. 

Between recent social media muck-ups, between debatable practices and mediocre professional value, I've decided to stop sending my money to ECC. 


kilala.nl tags: , ,

View or add comments (curr. 0)

Failure is a great teacher

2021-06-20 21:19:00

A few weeks ago I noticed that my Win2012 trial licenses are no longer tennable: a big change to my homelab is needed! Since then I've worked dilligently on a few projects, all happening in parallel.

That's a lot of stuff going on!

As the title of this post says: failure is a great teacher and boy did I have a lot of failures! 😂

For now there's too much to sum up in great detail, so I'll get back to the deets later. For now, some stuff I ran into:

After a weekend with lots of hard work, my AD domain is stable and usable again. All GPOs work again, the syncing between DCs works, the DFSR for SYSVOL works again. And the migration of the issuing CA to 2019 has also completed, with hosts being able to auto-enroll and validate certs again. 

There's so much more to do though! Thank ${Deity} for my Jira boards!


kilala.nl tags: , , ,

View or add comments (curr. 0)

CompTIA Pentest+: objectives comparison between PT0-001 and PT0-002

2021-06-01 19:08:00

It's a bit late, but people studying for the Pentest+ PT0-002 beta exam can probably use a list of all the differences between versions 001 and 002 of the objectives. I reckon the list could also be useful for students who want to give it a shot in October / November, because very few study materials will be available. 

I've done a quick cross-reference of the objectives documents (also linked below), to make an Excel / CSV with the differences between the objectives. Careful, they're probably not 100% on the money.

CompTIA trainers get a licensed document that does a better job at explaining the differences, but we can hardly share that, right? My comparison document was made the hard way, literally cross-matching both objective documents. Hence why I may have made a few mistakes.

The official objective documents:

And here's CompTIA's official blog about the two exam versions.


kilala.nl tags: ,

View or add comments (curr. 0)

Dynamic DNS and a discovery about Unifi equipment

2021-05-29 21:07:00

It's odd that I've never had much of a use for dynamic DNS solutions, but now that I'm testing VPN to my homelab I've also taken a look at AFraid's FreeDNS

So far I'm enjoying the late 90s, early 2000s look-and-feel of their management interface. It's endearing!


kilala.nl tags: ,

View or add comments (curr. 0)

Homelab rebuild needed

2021-05-29 20:39:00

Well darn. The "slmgr -rearm" trick will no longer work, after renewing the trial licenses on my WinSrv 2012 boxen a few times. This means I'll have to rebuild my Active Directory and Certificate Services infrastructure on short notice. Better yet, it's time to do something with my/our partnership contract with Microsoft, to get official licenses for Win2016. 

Oddly, Nicola's instructions on making the iDRAC6 remote console work on MacOS now fail for me. The connection that worked a month ago now reliably fails as "Connection failed". 

Luckily, Github user DomiStyle is awesome! They've prepared a Docker container that runs the iDRAC connection software and makes two local ports available: 5900 for VNC and 5800 for the web interface. It's excellent!


kilala.nl tags: , ,

View or add comments (curr. 0)

Know your limitations, even if it's "too late"

2021-05-27 10:55:00

I don't know if my old classmate René is still reading along. If he is, he'll nod approvingly and think to himself: "told you so". :)

I feel very heavy-hearted, because I feel that I’m letting a few awesome people (Stephen, Thomasina, Rick B. at CompTIA) down. 

I'm backing down from teaching the Pentest+ TTT. It seems that I’ve been harboring a lot of stress, piling on way too much for myself, without really noticing it. To make sure that I can still pay full attention to my family, my primary customer, my students at IT Vitae and my own studies, I have to drop this responsibility.

I was very much looking forward to helping CompTIA with Pentest+, but right now it would not be a smart thing to continue with.


kilala.nl tags: , ,

View or add comments (curr. 0)

DevChamps "Extreme Automation" training

2021-05-17 06:56:00

After completing PDSO's CDP (Certified DevSecOps Professional) two months ago, I was left wanting more. More CI/CD, more pipelines, more automation. That's when, via-via, I met Andrey Adamovich via LinkedIn. Andrey works with a collective of DevOps trainers, to teach his XA: Extreme Automation training.

To sum it up: I was looking for a little extra fun, to expand upon what I'd learned in the past two years and the price was right at €700 for a three-day training with all the labs neatly arranged for students. 

To summarize my impressions:

Would I recommend Andreys class? Yes, especially to folks in my shoes (security engineer) who need a quick introduction to modern-day IT infrastructure.

As to what I've learned during class? Well, Ansible and Docker weren't new to me, but that's perfectly okay. Terraform was very nice to get to know better, while Packer and Kubernetes were eye-opening. 

My biggest take-away is that I'm behind the times on modern-day infrastructure. This class has helped me recognize some of my bigger knowledge-gaps, which means I can now address them. 

My first order of business in my homelab should be to attempt a complete rebuild, using Packer to create golden images and using Terraform to drive VMWare ESXi, instead of using Vagrant. From there on out, I should try to use my Gitlab instance together with K8s and Docker to run many of my services. Luckily I have two Dell servers for my lab, so I can repurpose an old laptop as Terraform+Packer box while using the smaller Dell to first test-run my configs. 

The sad part is, as Andrey mentioned halfway through day 3: he expects that within a few years many apps and services will move to a server-less model, like Lambda or Azure Functions. That means that >60% of what we learned in XA will become much less useful. 


kilala.nl tags: , ,

View or add comments (curr. 0)

Older blog posts