So I got the job. Here's a story, never let anyone stop you from accomplishing your dreams!

It all started in 2010. Windows just crashed unrecoverably for the 3rd time in two years. Back then I wasn't good with computers yet so we got our tech guy to look at it and he said: "either pay for a windows license again (we nearly spend 1K on licenses already) or try another operating system which is free: Ubuntu. If you don't like it anyways, we can always switch back to Windows!"

Oh well, fair enough, not much to lose, right! So we went with Ubuntu. Within about 2 hours I could find everything. From the software installer to OpenOffice, browsers, email things and so on. Also I already got the basics of the Linux terminal (bash in this case) like ls, cd, mkdir and a few more.

My parents found it very easy to work with as well so we decided to stick with it.

I already started to experiment with some html/css code because the thought of being able to write my own websites was awesome! Within about a week or so I figured out a simple html site.

Then I started to experiment more and more.

After about a year of trial and error (repeat about 1000+ times) I finally got my first Apache server setup on a VirtualBox running Ubuntu server. Damn, it felt awesome to see my own shit working!

From that moment on I continued to try everything I could with Linux because I found the principle that I basically could do everything I wanted (possible with software solutions) without any limitations (like with Windows/Mac) very fucking awesome. I owned the fucking system.

Then, after some years, I got my first shared hosting plan! It was awesome to see my own (with subdomain) website online, functioning very well!

I started to learn stuff like FTP, SSH and so on.

Went on with trial and error for a while and then the thought occured to me: what if I'd have a little server ONLINE which I could use myself to experiment around?

First rented VPS was there! Couldn't get enough of it and kept experimenting with server thingies, linux in general aaand so on.

Started learning about rsa key based login, firewalls (iptables), brute force prevention (fail2ban), vhosts (apache2 still), SSL (damn this was an interesting one, how the fuck do you do this yourself?!), PHP and many other things.

Then, after a while, the thought came to mind: what if I'd have a dedicated server!?!?!?!

I ordered my first fucking dedicated server. Damn, this was awesome! Already knew some stuff about defending myself from brute force bots and so on so it went pretty well.

Finally made the jump to NginX and CentOS!

Made multiple VPS's for shitloads of purposes and just to learn. Started working with reverse proxies (nginx), proxy servers, SSL for everything (because fuck basic http WITHOUT SSL), vhosts and so on.

Started with simple, one screen linux setup with ubuntu 10.04.

Running a five monitor setup now with many distro's, running about 20 servers with proxies/nginx/apache2/multiple db engines, as much security as I can integrate and this fucking passion just got me my first Linux job!

It's not just an operating system for me, it's a way of life. And with that I don't just mean the operating system, but also the idea behind it :).

A while ago (few months) I was on the train back home when I ran into an old classmate. I know that he's a designer/frontend/wordpress guy and I know that he'll bring anyone down in order to feel good. I also know that he knows jack shit about security/backend.
The convo went like this:

Me: gotta say though, wordpress and its security...
Him: yeah ikr it's bad. (me thinking 'dude you hardly know what the word cyber security means)
Me: yeah, I work at a hosting company now, most sites that get hacked are the wordpress ones.
Him: yeah man, same at my company. I made a security thing for wordpress though so we can't get hacked anymore.
Me; *he doesn't know any backend NOR security..... Let's ask him difficult stuff*
Oh! What language did you use?
Him: yeah it works great, we don't get hacked sites anymore now!
Me: ah yeah but what language did you use?
Him: oh it's not about what language you use, it's about whether it works or not! My system works great!
Me: *yeah.....right.* oh yeah but I'd like to know so I can learn something. What techniques did you use?
Him: well obviously firewalls and shit. It's not about what techniques/technology you use, it's about whether it works or not!

That's the moment I was done with it and steered the convo another way.

You don't know shit about backend or security, cocksucker.

Today I was hired to pentest a company's framework. While getting directions on what needs to be tested I counted 4times the sentence:
"We are a multi-awarded company for our security, virtually nothing gets past our firewalls".

Most of the PCs had Win98

So I've been looking for a Linux sysadmin job for a while now. I get a lot of rejections daily and I don't mind that because they can give me feedback as for what I am doing wrong. But do you know what really FUCKING grinds my FUCKING gears?

BEING REJECTED BASED ON LEVEL OF EDUCATION/NOT HAVING CERTIFICATIONS FOR CERTAIN STUFF. Yes, I get that you can't blindly hire anyone and that you have to filter people out but at least LOOK AT THEIR FUCKING SKILLSET.

I did MBO level (the highest sub level though) as study which is considered to be the lowest education level in my country. lowest education level meaning that it's mostly focused on learning through doing things rather than just learning theory.

Why the actual FUCK is that, for some fucking reason, supposed to be a 'lower level' than HBO or Uni? (low to high in my country: MBO, HBO, Uni). Just because I learn better by doing shit instead of solely focusing on the theory and not doing much else does NOT FUCKING MEAN THAT I AM DUMBER OR LESS EDUCATED ON A SUBJECT.

So in the last couple of months, I've literally had rejections with reasons like
- 'Sorry but we require HBO level as people with this level can analyze stuff better in general which is required for this job.'. - Well then go fuck yourself. Just because I have a lower level of education doesn't FUCKING mean that I can't analyze shit at a 'lower level' than people who've done HBO.

- 'You don't seem to have a certificate for linux server management so it's a no go, sorry!' - Kindly go FUCK yourself. Give me a couple of barebones Debian servers and let me install a whole setup including load balancers, proxies if fucking neccesary, firewalls, web servers, FUCKING Samba servers, YOU FUCKING NAME IT. YES, I CAN DO THAT BUT SOLELY BECAUSE I DON'T HAVE THAT FUCKING CERTIFICATE APPEARANTLY MEANS THAT I AM TOO INCOMPETENT TO DO THAT?! Yes. I get that you have to filter shit but GUESS WHAT. IT'S RIGHT THERE IN MY FUCKING RESUME.

- 'Sorry but due to this role being related to cyber security, we can't hire anyone lower than HBO.' - OH SO YOUR LEVEL OF EDUCATION DEFINES HOW GOOD YOU ARE/CAN BE AT CYBER SECURITY RELATED STUFF? ARE YOU MOTHERFUCKING RETARDED? I HAVE BEEN DOING SHIT RELATED TO CYBER SECURITY SINCE I WAS 14-15 FUCKiNG YEARS OLD. I AM FAMILIAR WITH LOADS OF TOOLS/HACKING TECHNIQUES/PENTESTING/DEFENSIVE/OFFENSIVE SECURITY AND SO ON AND YOU ARE TELLING ME THAT I NEED A HIGHER LEVEL OF FUCKING EDUCATION?!?!? GO FUCKING FUCK YOURSELF.

And I can go on like this for a while. I wish some companies I come across would actually look at skills instead of (only) study levels and certifications. Those other companies can go FUCK THEMSELVES.

Citizens are advised not to use Firewalls on their devices or Networks, as there can be a fire threat from enabling those.

An active cooperation is expected from everyone.
Stay safe and have a nice day :)

The tech stack at my current gig is the worst shit I’ve ever dealt with...

I can’t fucking stand programs, especially browser based programs, to open new windows. New tab, okay sure, ideally I just want the current tab I’m on to update when I click on a link.

Ticketing system: Autotask
Fucking opens up with a crappy piss poor sorting method and no proper filtering for ticket views. Nope you have to go create a fucking dashboard to parse/filter the shit you want to see. So I either have to go create a metric-arse tonne of custom ticket views and switch between them or just use the default turdburger view. Add to that that when I click on a ticket, it opens another fucking window with the ticket information. If I want to do time entry, it just feels some primal need to open another fucking window!!! Then even if I mark the ticket complete it just minimizes the goddamn second ticket window. So my jankbox-supreme PC that my company provided gets to strugglepuff along trying to keep 10 million chrome windows open. Yeah, sure 6GB of ram is great for IT work, especially when using hot steaming piles of trashjuice software!

I have to manually close these windows regularly throughout the day or the system just shits the bed and halts.

RMM tool: Continuum
This fucker takes the goddamn soggy waffle award for being utterly fucking useless. Same problem with the windows as autotask except this special snowflake likes to open a login prompt as a full-fuck-mothering-new window when we need to open a LMI rescue session!!! I need to enter a username and a password. That’s it! I don’t need a full screen window to enter credentials! FUCK!!! Btw the LMI tools only work like 70% of the time and drag ass compared to literally every other remote support tool I’ve ever used. I’ve found that it’s sometimes just faster to walk someone through enabling RDP on their system then remoting in from another system where LMI didn’t decide to be fully suicidal and just kill itself.

Our fucking chief asshat and sergeant fucknuts mcdoogal can’t fucking setup anything so the antivirus software is pushed to all client systems but everything is just set to the default site settings. Absolutely zero care or thought or effort was put forth and these gorilla spunk drinking, rimjob jockey motherfuckers sell this as a managed AntiVirus.

We use a shitty password manager than no one besides I use because there is a fully unencrypted oneNote notebook that everyone uses because fuck security right? “Sometimes it’s just faster to have the passwords at the ready without having to log into the password manager.” Chief Asshat in my first week on the job.

Not to mention that windows server is unlicensed in almost every client environment, the domain admin password is same across multiple client sites, is the same password to log into firewalls, and office 365 environments!!!

I’ve brought up tons of ways to fix these problems, but they have their heads so far up their own asses getting high on undeserved smugness since “they have been in business for almost ten years”. Like, Whoop Dee MotherFucking Doo! You have only been lucky to skate by with this dumpster fire you call a software stack, you could probably fill 10 olympic sized swimming pools to the brim with the logarrhea that flows from your gullets not only to us but also to your customers, and you won’t implement anything that is good for you, your company, or your poor clients because you take ten minutes to try and understand something new.

I’m fucking livid because I’m stuck in a position where I can’t just quit and work on my business full time. I’m married and have a 6m old baby. Between both my wife and I working we barely make ends meet and there’s absolutely zero reason that I couldn’t be providing better service to customers without having to lie through my teeth to them and I could easily support my family and be about 264826290461% happier!

But because we make so little, I can’t scrap together enough money to get Terranimbus (my startup) bootstrapped. We have zero expendable/savable income each month and it’s killing my soul. It’s so fucking frustrating knowing that a little time and some capital is all that stands between a better life for my family and I and being able to provide a better overall service out there over these kinds of shady as fuck knob gobblers.

Damn firewalls.

I hate interviewing..

The first sentence of the candidate was, that he wanted to speak in english instead of german. Great start if you stated something else in the application.

And his english was even worse than mine.

And as expected from his tags in the application, he had a broad knowledge base. From IoT, LTE, node.js TCP, Java, Ruby, Python, to VLAN and firewalls.

Guess what, he had no in depth knowledge for the required job. Suprise!

Installed an SSD in my Linux box. Installed fresh distro, tried to log in via SSH on localhost. Didn't work. Tried like three times, turned off firewalls, restarted ssh servers, nothing.

Looked at username. Typo in username when setting things up. *facepalm*

Just spent the entire day of which should have been the start of vacation fighting off a second wave of ransomware on one of our production servers. Gandcrab 5.2 anyone?

Turns out an exploit in our MySQL daemon allowed some fucking Chinese hackermonkey to upload a trojan and remote execute it. Thousands of angry customers, me the only one available and able to fix shit and patch up firewalls and system.

And now I get the pleasure of working on what I should have been doing today, another fire that MUST be put out today.

Fuck you deadlines. Fuck you Chinese hackers. In fact, FML.

Despite common sense, I think technology is not making our lives easier. It's just build chaos on top of chaos.

Take server-side programming for instance.

First you have to find someone to host your thing, or a PaaS provider. Then you have to figure out how much RAM and storage you need, which OS you're going to use. And then there's Docker (which will run on top of a VM on AWS or GCP anyway, making even less sense). And then there's the server technology: nginx, Apache (and many many more; if, that is, you're using a server at all). And then there are firewalls, proxies, SSL. And then you go back to the start, because you have to check if your hosting provider will support the OS or Docker or your server. (I smell infinite recursion here.)

Each of these moving parts come with their own can of worms in terms of configuration and security. A whole bible to read if you want to have the slightest clue about what you're doing.

And then there's the programming language to use and its accompanying frameworks. Can they replace the server technology? Should you? Will they conflict with each other and open yet another backdoor into your system? Is it supported by your hosting provider? (Did I mention an infinite recursion somewhere?)

And then there's the database. Does it have a port to the language/framework of your choosing? Why does it expose an web interface? Is it supposed to replace your server? And why are its security features optional again? (Just so I have to test both the insecure and the secure environments?)

And you haven't written a single line of code yet, mind you.

The ones who use it, what do you like or value about Linux? Why do you use it?

Before I answer, let me say that I am a noob compared to the rest of this community. I run Ubuntu because Arch was too complicated when I tried and bash scripts equal to frustrations for me. That's my knowledge level.

- I don't feel "observed" when using a Linux distro compared to Windows and macOS.
- Feel more connected to the open source thought and the free spirit.
- Feel like I can do anything I want. Learning new programming languages easily, trying out web servers, try and setup own website or mail server etc.
- Everything is accessible. Read something cool about docker? ALT+T to open a terminal and start up a docker container to try out.
- No Internet browsing for software, like googling "Firefox download english".
- Sometimes forces me to learn about the workings of a computer, like networks, servers, routing, firewalls, bootup sequence etc.
- So many great command line tools. Want to find out quickly who owns a website? Want to query a specific DNS server? All possible within 5 seconds!

All in all using Linux feels like watching a documentary while using Windows is more like watching a dumb comedy show where I can turn my brain off, but get more stupid after a while.

protecting my computer from wannaCry be like .

!rant
Just helped one of my professors set up a nginx load balancer with https, rate limiter, firewalls and everything from scratch. It feels so amazing to be able to put all the stuff I learn at work to practice.

Speaking of.. What in your opinion would be an appropriate way to warn someone about security problems, like db passwords in git?

I once came across dozens of extremely sensitive services' infra accesses: alibaba/aliexpress, natuonal observatories, gov institutions, telecomms, etc. I had dozens [if not hundreds] routers' and firewalls' credentials along with addresses. I tried one to confirm validity - it worked. I wanted to warn them but did not want to get in trouble.

If it were servers, I'd set a motd or append some warning messages in .profile. But not sure how to do it for non-server devices

what would you do? How would you warn them?

P.S. Deleting that record was a smart move, buddy ;)

p.P.S. Sorry, wrong category... Can't edit now :(

Here's something I'm sick of seeing: server software documentation that doesn't fully list what ports they are using. Too often I've read things like this: "AcmeServe uses ports 400, 8001, and 8002". Great, but why are you making me guess if those are TCP or UDP?

And sometimes it's: "AcmeServe uses ports 400 (UDP), 8001 (TCP), and 8002 (TCP)". Soooo, which ones do I port forward? Are you really going to make me have to use netstat -a to find out?

I can't understand the mentality behind that. They obviously realise you need to setup firewalls, but they half-arse it by only telling you the port numbers but not the protocol and/or if they're inbound/outbound.

Please, list what protocol the port is and if it's listening or outbound. Oh, and consider also mentioning where the port numbers come from in your config files, so I don't have to go playing a guessing game with a bunch of XML files should someone have overridden the default port numbers.

The most crazy issue I've fixed was caused by a TCP behavior which I didn't know, called the "half-closed connection".
There was a third-party application installed on a production server which called a LDAP server for retrieving users information. During the day we had several users using the application and all worked fine. During the night, when the application was not accessed, something happened and the first call to the application in the morning was stuck for about 5 minutes before returning a response. I tried to reproduce the issue in a testing environment without success. Then I discovered that the application and the LDAP server were located on two different networks, with a firewall between them. And firewalls sometimes drop old connections. For this reason network applications usually implement a keep-alive mechanism. Well, the default LDAP Java libraries don't set the keep-alive on their connections. So, I found a library called "libdontdie", which force the keep-alive on the connections. I installed the library on the server, loaded it at the startup and the weird stuck behavior in the morning disappeared.

Why do windows users keep installing those bloated anti viruses and firewalls that just slow the hack of their system when windows essentials is enough with near to no impact

Those are the same people that got their system full with malware

I code. I'm not a network or security admin. Did you even read my resume before hiring me? It says "math degree then data analysis then programming degree" Subnets, firewalls and security certs are not my areas of expertise. Given enough time, could I stumble through? Probably. But I'd probably come up with something worthy of mocking on networkadminrant.

So the company I work at is moving to a new location. We are a small company, so we were all talking about potential problems with the move - network, internet, firewalls, access to servers and so on. Us trying to cover all possible scenarios.

Our CTO looks up and says: “or we could just cross our fingers and hope for best”.

WTF🤯

Now I also experienced the corporate IT - hell.
I'm an apprentice at a small but branch of a fairly big company.
We get a fuckton of guidelines from our IT-HQ, plenty of them outdated.
We can't even decide how to configure our firewalls our self, but get them preconfigured from the HQ.
They micromanage us so hard, we can't even put a switch in a room, without having to arrange that shit with them.

Yay Google + leaked info!!
New old news again :P

Come on people if you want something to be safe you DO NOT I repeat DO NOT send it to someone else's computer. That's it. Fuck firewalls fuck av fuck it all.

Just started learning Docker. The thing that seemed complex a week ago has started to unwrap the wonders it holds. Hope to make it work to ease up some of the team's deployment headache. Though there were hurdles related to firewall, company intranet, network antivirus, domain sharing etc. But managed to resolve it today.

I've spent so many years not coding, I could never get over the initial hump, which was definitely a mistake. Mistakes are fine, we all make them. The best thing is to learn from them. On the plus side I've learnt firewalls, Web hosting. Windows domains, Azure cloud, virtual machines etc etc, skills which are hopefully very useful for Dev to have. I look forward to joining the ranks of skilled developers. If you are interested in development but are afraid to take the leap. Just go for it, start to learn and play with it. My recommendation for anyone looking for a starting point is a Udemy course called "The Complete ASP.NET MVC 5 course". I'm not affiliated in any way or advertising it. I just think it's brilliant and you get to the fun stuff really quick. You will start with the basics of getting and setting up visual studio. Also. If anyone could recommend other very good courses they know of I would appreciate it

I deployed docker on a VPS a few weeks ago as a sort of learning experience since I haven't really worked with containers much before. Today I learned that docker doesn't like firewalls.

Or, to be more specific, it adds rules to iptables that are applied prior to ufw rules, allowing external connections that I really didn't want to allow. If I don't explicitly specify that a port is to be published only to localhost, then it punches a hole through my firewall without telling me.

Which means that all of my containers running behind an nginx reverse proxy that auto-redirects to HTTPS... were also accessible directly via HTTP.

I'm... trying to think of a reason why this kind of default behavior was a good idea, but I'm drawing a blank.

Fucking Docker.

Anyone have any experience with setting up firewalls? Seems like I'll have to do that at the new office, but man, I ain't got no clue.

I fucking despise default open firewalls! Just let me define what I can do and block everything else. I don't want to play whack-a-mole networking by havin to close so many goddamn holes! If I ever see any router doing that again, I swear Mccarthy will think the communists won from all the red from blood!

AHHHHHHHHHHGGGH

I HATE VPN SETUP

- Trying OpenSwan
Installing open swan on a Debian machine.. setting up the config.
Restarting openswan. Syntax error. No syntax error to be found.
Different tutorial.. it starts! Try to connect.. I can’t connect. Look at the logs. No errors.
Tcpdump. My traffic is coming through.. all fine.. try to connect again.. it works! (Nothing changed!)
Try to ping somewhere else.. no connectivity.
Try to ping an IP in the same network.. works fine. So I have connectivity, just no internet.
Spend an hour finding out about traffic directions of which no one seems to know what they really mean.
Boss tells me to stop using openswan because it’s deprecated and replaced by strong swan..

- Strongswan
Reinstall Debian machine, install strongswan. Copy openswan config. Oh, they’re incompatible? Look up strong swan config, and the service starts.
Connect to the VPN.. it works! Again, no internet, just connectivity in the same network. Spend 2h debugging the config, disable firewalls everywhere, find an ancient bug in the Debian package related to my issues.. ok, let’s try compiling from source.. you know what, let’s not. I’ll throw this Debian machine away and try something completely different.

- pfSense
Ok, this looks easy enough! Let’s just click through the initial setup, change some firewall rules, create an L2TP VPN with a simple wizard.
Try to connect to VPN. First, it times out. Maybe a firewall issue? Turn off firewall.. ah, something happens now. I get an error message right after trying to connect to the VPN. Hmm, the port doesn’t even get opened when I enable the firewall.. this implementation seems a bit buggy.. let’s try their OpenVPN module.

Configure OpenVPN. Documentation isn’t that clear.. apparently a client isn’t actually a client but a user is a client.. ok, there’s a hidden checkbox somewhere.
Now where do I download my certificate? Oh, I need a plug-in for that.. ok, interesting. Able to download the certificate, import it, connect and.. YES!!! I can ping! But, I have no DNS..
Apparently, ICMP isn’t getting filtered but all outbound ports are.. yet the firewall is completely disabled. Maybe I need outbound NAT? Oh. There’s no clear documentation on where to configure it. Find some ancient doc, set it up, still no outbound connectivity.

AHAHAHAHHHHHHHHHHG

Then I tried VyOS. I had a great L2TP VPN working in less than 15 mins. Thank you VyOS for actually providing proper docs and proper software.

AWS Contractor

I've been putting a web application together that I'm looking to have published on AWS. Not having too much experience with AWS, I am looking to hire a contractor. I've had a number of quotes from different AWS admin's ranging from $40 an hour to $200 an hour, from 1-days worth of work to 2-months worth of work!

I'm not really sure what to make of it or to whom to trust. I believe they’re using my ignorance to overcharge me. I've listed my requirements below, could you guys use your professional experiences to let me know what you think is reasonable charge and where best I could find someone to help me.

My application is a US shopping website where people can set up an online shop and upload their products and maintain an inventory of the items.

This is what I’m looking for setup and configuration with the following two areas:

1) AWS SYSTEMS…

* AIM - Set up my server admin users.

* EC2 - Web Hosting.

* RDS - Fast DB.

* SES - To send emails.

* S3 Buckets - Uploaded image hosting.

Route 53 - I don’t know but someone said I should have this.

* Elastic Load Balancing - For, well, load balancing.

2) SCRIPTS…

* A script that would back up the database once a day and save it to a private S3 Bucket.

* A script that will run once a day that calls an internal API, and POST a query to it.

* A script that runs once every 90 days, to refresh the SSL using ZeroSSL.com

Is there anything that I've missed such as security systems, firewalls, auto scaling and CDNs?

The quotes that I've received arranged from $320 to $64,000. I know I am being abused because of my ignorance. I would never overcharge someone because the customer doesn't know the efforts of the work. I hope someone here can help to understand the efforts needed and can tell me the true cost.

Thank you

FUCK APPLICATION LEVEL FIREWALLS!

So i cam online today, thought already lets open the shitty outlook webmail client. Holy crap .... thats way to much mails. Many of them are missed teams messages. So i open up teams and holy crap. Like every third dev in my company send me a message screaming "gitab is not working!!!".

Yesterday i updated it so imediately get in panic mode - what the shitty hack have i done?!

So yeah gitlab seems to be working just fine, everything is speedy and responsive, so i call one of my fellow devs and ask him whats wrong? And he is like oh yeah there comes a ldap error saying timeout or something.

I try to login with active directory. Works like a charm. Try another account, same problem?!

Google the problem, search gitlab tickets. Nope there is no open bug or sth. like this.

So alright lets call the network guy. "Yo, can you check if there is something ldap-like getting blocked to the gitlab server?" - He is like oh yeah damn like almost every damn request is getting blocked. Ah wait, there was an firewall update yesterday too. Yeah ldap is no longer ldap. BLOCK THAT SHIT!

After 10 minutes of figuring out what shitty type is detected by the firewall and what needs to be whitelisted to make it fucking work again it seems to work.

But ha no, there is another update rolling on, so same shit like 15 minutes later.

Now it seems to work and i have to inform every damn fcking developer that it works again. And yeah alright you sent a mail, but fuck it, i will call you though! So yeah just answering calls, mails and chat messages. Like why the fuck cant you read your mails like a damn normal person?!

Hey everyone! So for my final year project, I have to make a firewall game to help people understand about firewalls. Any ideas on how I can start?

I first try to figure out why I really want to build this and (if the project is intended that way) why someone would use it.

Then I strip the idea down to its bare minimums so I know what I should build for it to be of any value.

And then I start building until I no longer think it's worth working on the project.

For instance:

I am kind of surprised to see that in a world where cloud and apis become more and more leading, there isn't really a commonly accepted and flexible api management platform.

There are some cloud based platforms out there that can be configured using some interface but why is it like that? Surely you aren't going to deploy multiple versions of your core with different platforms right?

That's where my latest project comes in. I want to create an on-prem api management platform which you configure to work with your api during development. Then you can deploy it to any infrastructure alongside your core api.

This way you:

- are not bound to a specific cloud
- don't have to worry about security and firewalls
- get user management and rate limiting for free

I will probably create a collab for this once the platform is mature enough.

I gotten through 3 of the firewalls!!!

Symfony 4:

I created a firewall with a user provider and everything was great for a year and a half.
I needed a second firewall with a different user provider for my REST API.

Being stateless, the rest api firewall didn't need the refreshUser method so I didn't bother doing anything inside but returning user (without noticing how my original class was built or the official documentation which apparently says I need to throw an exception if this isn't the right user provider for the user in the session).

I was having a problem with my main firewall after that point because I assumed it would only use the relevant user provider, but even though my API firewall only applied to a specific host/pattern, the user provider for that firewall was still being used. If it had run the supports method first, it wouldn't have done that even with my initial mistake. Frankly, I don't know why there is a supports method if it's not being utilized for this purpose...I saw supports() is used for the rememberme functionality, but seems inconsistent not to use it everywhere.

Not only should Symfony be updated to check the supports() method, but I also think it should only loop through user providers for the current applicable firewalls. Since we define a user provider per firewall, I think that would be the natural way for it to work. Otherwise why even define a user provider on the firewall if it's just going to try to use them all anyway?

Furthermore, in the case of a stateless firewall, requiring the refreshUser method via the interface seems strange.

can anyone educate me more about computer networking as a career?
Routers , protocols , network towers, 4g/5g , internet, firewalls, wired/wireless etc , these must be part of some kind of decent job i guess? (I mean there are those guys who just know how to install these in people's systems and then there are guys who are researching and learning about these systems).

- What is the job opportunity? how and when can we start a career there?
- How difficult it is to reach telecom giants like cisco, at&t , airtel, google fiber etc ?
- How interesting is the work there?
- what programming knowledge should we know or we will be learning about?
- How stable is the career there?

I have heavily customised my windows and my firewalls were down, I had taken ownership of some files and in that process some virus got itself stuck onto System32/logonUI.exe
I was unable to use defender as every option was greyed out.
Every time i logged into windows the process ran itself.
Tried booting Windows Defender Offline but it gave BSOD.
Tried sfc scan and it showed that windows was unable to restore some files for which integrity check failed.

On restart i was unable to login as I was sent back to password screen right after giving a password.

Fixed it using safe mode and blanking password through net user.

Had a very deep sleep after cracking it.

Recovering Investment Losses with GearHead Engineers Cyber Security Services

In today’s increasingly digital financial landscape, investors face growing threats from cybercriminals targeting everything from brokerage accounts to blockchain-based assets. For individuals and businesses alike, falling victim to a cyberattack or financial scam can be devastating. Fortunately, firms like GearHead Engineers, known for their advanced cybersecurity services, are stepping in to help investors recover losses and, more importantly, prevent future breaches.

The Rise of Cyber-Investment Threats

As digital platforms have become the norm for managing investments, they’ve also become a prime target for hackers. Common threats include:
* Phishing scams that trick users into revealing login credentials.
* Ransomware attacks on financial firms.
* Malware that siphons personal and financial data.
* DeFi and cryptocurrency hacks exploiting insecure smart contracts or user wallets.
The financial implications can be enormous, especially when assets are stolen, trading accounts are compromised, or confidential investment strategies are exposed.

GearHead Engineers: A Cybersecurity Partner for Investors

GearHead Engineers specializes in protecting financial data, systems, and transactions with comprehensive cybersecurity strategies tailored to modern digital investment environments. Their services include:
* Threat Detection & Response: 24/7 monitoring of systems to identify unusual activity before it becomes a serious threat.
* Incident Forensics: In the event of a breach, GearHead Engineers conduct thorough investigations to trace the source, identify vulnerabilities, and assist in recovery efforts.
* Asset Recovery Support: While not a financial firm, GearHead can coordinate with law enforcement and digital forensics specialists to trace stolen digital assets, especially in cryptocurrency-related incidents.
* Security Audits & Penetration Testing: Preemptive testing of platforms and networks to find and fix security holes before hackers do.
* Cyber Insurance Advisory: Guidance on cyber insurance coverage and how to maximize your protection and potential reimbursement in case of a loss.
Real-World Application: Turning Loss into Learning
Clients who’ve suffered financial loss due to cyber incidents often find that working with cybersecurity experts like GearHead Engineers is a turning point. Not only can the firm help assess whether any funds are recoverable (especially in crypto and digital asset cases), but it also strengthens the client's defense moving forward.
By implementing robust firewalls, multi-factor authentication, encryption, and behavioral analytics, GearHead Engineers empowers investors to take control of their digital financial security.

Conclusion: Proactive Security is Smart Investment Strategy
Recovering from a cyberattack is never easy, but it’s possible—especially with the right partners. GearHead Engineers brings a unique blend of technical expertise and practical support to help victims of cyber fraud bounce back and secure their future. For investors, engaging in strong cybersecurity isn’t just risk management—it’s a smart investment in itself.

Testing new server deployment in test env all works, then production it all breaks down. Network didn't allowed the right traffic. Took me whole week to find that out. Until some networking engineer said, you know there is a firewall between those networks?

Storytime - The Prometheus tales - Part III (I think..).

Updated the node definitions on the old node today, just to keep it up to date. nothing fancy.

I went to the new node and and checked the setup again. I already had roughly 120 node definitions onboard for testing purposes.

so all firewalls should have been configured the right way, so that the wee one might celebrate the marriage with the rest of the gang finally.. and then went with "puppet YOLO" on the new node. added every fkn node definition to the new setup.

every node turned out just to be fine.

except for 137 little InstanceDown alerts (out of 600+).
it's a good thing, that the little fella can send mails to me, myself and I only for the time being.

so debugging. again. but at least it's not a problem related to prometheus itself, because the connections end with a timeout on the related nodes. should be more like a firewall fubar.

we will see.

BEWARE OF THE PITFALLS OF THE CRYPTO WORLD, HIRE FAST SWIFT CYBER SERVICES.

I fell victim to a crafty scam, but just when I thought all hope was lost, FAST SWIFT CYBER SERVICES emerged as a beacon of light. For a fact, bitcoin is true and is the future of world currencies. I have been using it until I lost 7 BTC in the hands of unregulated brokers. In the wake of losing my monies to these sham investment brokers, I found myself in a state of panic and despair. Fortunately for me, an old friend who previously worked with my uncle referred me to FAST SWIFT CYBER SERVICES. I participated in an in-depth consultation to understand the details of the theft and the extent of the loss I suffered. They created a customized recovery plan that met my specific needs using their extensive knowledge of blockchain technology and forensic investigative skills. With their sophisticated and robust technological firewalls, my case was investigated and FAST SWIFT CYBER SERVICES were able to recover my stolen crypto in less than 72 hours. Working with FAST SWIFT CYBER SERVICES was a transformative experience, not only did they recover my stolen funds, they also demonstrated a level of professionalism that exceeded my expectations. I appreciate them for their help and I wish to recommend them to everyone caught up in systemic scams. Please contact FAST SWIFT CYBER SERVICES for your swift recovery.

E-mail. fastswift@cyberservices. com
Whats-app: +4670-449-7301

HOW TO RETRIEVE STOLEN BITCOIN HIRE ADWARE RECOVERY SPECIALIST

WhatsApp info:+12723  328 343

Website info: http s:// adware recovery specialist. com 
Email info: Adware recovery specialist (@) auctioneer. net 
Telegram info: http s:// t.me/ adware recovery specialist1
The clinking of kibble bowls and staccato slap of paws against linoleum usually serve as background to my days. That day, however, our animal rescue's crypto wallet, our financial lifeline that covered all sorts of spay surgeries and emergency parvo treatments, was more bare than a dog park during a thunderstorm. A phishing attempt, disguised as a donation receipt for a "kind benefactor" (spoiler: their kind was stealing $215,000), had cleaned us out. Trigger panic: volunteers huddled around one computer, adoptive kittens blissfully batting at keyboard cables, and me Google-searching can you repo a cat? Enter Sarah, our expert volunteer who codes firewalls by day and plays with stray kittens by night. She slid a sticky note across the desk: ADWARE RECOVERY SPECIALIST. They're like the animal control of crypto scams. Desperation eclipsed skepticism. I emailed them, half-expecting to receive a bot response. Instead, a guy named Marco replied in minutes: Send us the transaction hash. We'll hunt. As it was, phishing our crypto was simpler than stealing steak from a pack of wolves. ADWARE RECOVERY SPECIALIST crew dissected the attack with the precision of a vet neutering a tomcat. The robbers had channeled donations through privacy coins and decentralized exchanges, a digital shell game designed to lose us in the noise. But ADWARE RECOVERY SPECIALIST engineers? They followed it down like bloodhounds to a money laundering fund masquerading as a "charity DAO (their paperwork riddled with typos like "helping puppys since 2023 beginners).
Ten days later, Marco called: Check your wallet. I refreshed, expecting another error message. Instead, our balance flashed green, back to the cent. The shelter erupted, a din of barks, meows, and one intern crying into a Chihuahua's sweater. The scammers' wallets? Frozen faster than a stray in a blizzard.
 ADWARE RECOVERY SPECIALIST didn't save dollars; they saved futures. That $215,000 bought a terrier's spinal fusion, shots for 47 shelter animals, and a whole year's supply of that excellent kibble our old dogs negotiate not loving. Our online wallet now has more security than a porcupine has quills, and Sarah's now officially Director of Not Getting Hacked Again. If your nonprofit's funds ever disappear into the ether of cyberspace, don't bawl into the garbage can. Call the ADWARE RECOVERY SPECIALIST . They'll treat your case like a patient in critical care, no matter how many paws are on the keyboard. Just maybe hide your keyboard from the kittens first.

DIGITAL TECH GUARD RECOVERY / FASTEST CRYPTOCURRENCY RECOVERY EXPERT

WhatsApp: +1 (443) 859 - 2886
Email @ digital tech guard . com
Telegram: digital tech guard . com
Website link: digital tech guard . com

The scent of freshly brewed espresso and vintage Led Zeppelin records should have been my retirement anthem. But I was hunched over a computer in my still-under-construction vinyl record cafe, screaming at a blockchain explorer as if it just ridiculed my acoustic session. My life savings, $430,000 worth of Bitcoin, carefully earned over a decade of writing alt-rock ballads for car commercials, vanished into thin air. The culprit? Some smooth "investment manager" who'd promised me "Taylor Swift-level returns" on crypto staking, then bailed faster than my band's 2008 reunion tour.  The scam was a cringe symphony. Guy had a LinkedIn profile dotted with adjectives such as "Web3 maestro" and "DeFi virtuoso," an autotuned elevator jazz playing website, and a contractual loophole big enough to drive a tour bus through. I signed over access like a groupie handing over backstage passes. Poof. Gone. Money. My café's espresso machine sat in its box, accusatorially. My spouse said I needed to "get a real job again." Even my dog gave me the side eye. Enter my drummer, Chad, a guy who had escaped a festival pyro tragedy by jumping into a kiddie pool. He texted me: "Bro, look at Digital Tech Guard Recovery. They're crypto Roadies." I pictured a group of pierced hackers in black hoodies, blowing gum and cracking firewalls. Good enough.
Digitals crew followed the scambot's trail with the ferocity of a producer hunting for the perfect bassline.
The crook had routed my Bitcoin through privacy coins, obscured wallets, and exchanges located in countries that I couldn't spell. Their engineers stalked his path like a creep watching a pop star's concert tour schedule, in cooperation with Interpol and a Cypriot bank used also as a hub for meme stocks. As it turns out, my "maestro" had become careless, stashing money in a wallet associated with a failed NFT venture named "Aping for Jesus." Typical. Sixteen days later, my wallet beeped. Balance returned. No taunting, only a curt email: "Scammer's assets frozen. Your money's back. Buy better speakers." I blasted "Eye of the Tiger" through the café sound system, shocking a hipster with oat milk. The espresso machine finally came online. Digital Tech Guard Recovery didn't just restore my cryptocurrency; they wrote the encore for my midlife crisis. My café exists today, littered with grail-worthy records on the walls and a tip cup emblazoned "ETH accepted." Chad's no longer on the espresso machine, but he's got free coffee for life.
If your cryptocurrency is ever swindled by a cyber rockstar, don't go into existential tailspin. Call the Digitals. They'll turn your faceplant into a victory lap. Just maybe screen your "maestros" harder than your band's setlist.

Building Fortresses, not Firewalls: Ethical Hacking Meets Software Development

In the digital age, security is no longer an afterthought; it's the bedrock upon which our online world rests. Yet, traditional security measures often resemble fortresses – imposing, but vulnerable to unseen cracks and tunnels. To truly safeguard our systems, we need to think like the enemy, like the nimble figures scaling those walls: ethical hackers.

Enter the exciting realm of DevSecOps, where ethical hacking practices are woven into the very fabric of the software development lifecycle (SDLC). This proactive approach is akin to building castles with security in mind, each brick meticulously laid to withstand even the most cunning siege.

Why Ethical Hacking in SDLC?

Imagine developing a critical piece of software, only to discover a gaping security hole after launch. The damage could be catastrophic, exposing sensitive data and eroding trust. Ethical hacking flips this script. By integrating penetration testing, vulnerability assessments, and threat modeling throughout the SDLC, we proactively hunt for weaknesses before they can be exploited.

Think of it as a friendly sparring match, where the ethical hacker throws their best punches to expose vulnerabilities, allowing the development team to fortify the software's defenses. This constant testing and refining leads to robust, secure systems that can withstand real-world attacks.

Benefits of DevSecOps:
1. Reduced Costs and Risks: Early detection and patching of vulnerabilities are far cheaper than dealing with a full-blown data breach.
2. Improved Software Quality: Security becomes an inherent part of the development process, leading to more reliable and trustworthy software.
3. Enhanced Brand Reputation: Demonstrating a proactive approach to security builds trust with customers and stakeholders.

Putting it into Practice:
Integrating ethical hacking into the SDLC requires a cultural shift. Developers, security professionals, and testers need to work together seamlessly, sharing knowledge and fostering a collaborative environment. Here are some key practices:
1. Threat Modeling: Identify potential threats and attack vectors early in the development process.
2. Static and Dynamic Code Analysis: Use automated tools to detect vulnerabilities in code.
3. Penetration Testing: Simulate real-world attacks to uncover hidden weaknesses.
4. Security Awareness Training: Educate developers and other stakeholders about security best practices.

Tools of the Trade:
A plethora of tools empowers ethical hackers and security professionals in their quest for a more secure digital world. Some popular options include:

1. Kali Linux: A distribution packed with security tools for penetration testing.
2. Burp Suite: A web application security testing platform.
3. Metasploit: A framework for developing and executing exploit code.
4. Wireshark: A network traffic analyzer for identifying suspicious activity.

The Future of Security:
As technology evolves, so too must our security practices. DevSecOps, with its embrace of ethical hacking, is at the forefront of this evolution. By building security into the very fabric of software development, we can create a safer, more resilient digital world for everyone.

Remember, in the ongoing battle against cyber threats, ethical hackers are not the enemy; they are our allies, the architects of digital fortresses that stand strong against the shadows. So, let's embrace DevSecOps, sharpen our ethical hacking skills, and build a future where security is not just an afterthought, but a fundamental principle.

I encourage you to explore the world of DevSecOps and ethical hacking. Whether you're a seasoned developer or just starting your journey, there's always more to learn and contribute. Together, we can build a more secure digital future, one line of code and one vulnerability patch at a time.

Do you have any questions about DevSecOps or ethical hacking? Share your thoughts and experiences in the comments below!

Berkshire ITS Limited: Comprehensive IT Solutions for Your Business and Home

At Berkshire ITS Limited, located in Maidenhead, UK, we specialize in offering a wide range of IT services tailored to meet your personal or business technology needs. Whether you require computer diagnostics, expert IT consulting, managed IT services, robust cybersecurity services, or on-site IT support, our dedicated team of professionals is here to help. With years of experience in the IT industry, we ensure that your systems are always running at their best, secure, and well-supported.

Computer Diagnostics: Quickly Identifying and Fixing Issues
When your computer slows down or encounters issues, it can disrupt productivity and cause frustration. At Berkshire ITS Limited, we offer comprehensive computer diagnostics to identify the root causes of any technical problems you may be facing. Our expert technicians use advanced diagnostic tools to analyze your system, pinpoint any issues, and provide efficient solutions to get your devices back in optimal working condition. From software errors to hardware failures, we tackle all types of problems to ensure your systems run smoothly.

IT Consulting: Tailored Solutions for Your Technology Needs
Every business and individual has unique IT requirements. That’s where our IT consulting services come in. At Berkshire ITS Limited, we offer strategic guidance on how to improve your IT infrastructure, streamline operations, and make the most of your technology. Our experienced consultants work with you to understand your specific goals and challenges, recommending customized solutions that enhance efficiency, reduce costs, and improve overall system performance. Whether you need advice on upgrading your network, implementing new software, or planning long-term IT strategies, we’re here to help you navigate your options.

Managed IT Services: Hassle-Free IT Management
Managing your IT infrastructure can be time-consuming and overwhelming. Our managed IT services provide proactive support to ensure your systems are always running efficiently, securely, and without interruption. We offer end-to-end IT management, including network monitoring, software updates, data backups, and troubleshooting, all designed to prevent problems before they arise. With Berkshire ITS Limited’s managed IT services, you can focus on your core business operations while we handle all aspects of your IT management.

Cybersecurity Services: Protecting Your Digital Assets
Cybersecurity threats are a growing concern for businesses and individuals alike. At Berkshire ITS Limited, we offer comprehensive cybersecurity services designed to protect your sensitive data, systems, and networks from online threats. Our team implements cutting-edge security measures, including firewalls, encryption, antivirus protection, and regular vulnerability assessments, to safeguard your business or home network from cyberattacks. We also provide security training and awareness programs to help users recognize potential threats and avoid common pitfalls. Trust us to keep your digital assets secure with our expert cybersecurity services.

On-Site IT Support: Fast, Reliable Assistance at Your Doorstep
Sometimes, issues require a hands-on approach. With our on-site IT support, Berkshire ITS Limited ensures that you receive immediate, professional assistance at your location. Our technicians are ready to visit your home or business to resolve technical issues in person, from hardware repairs to network setup and troubleshooting. We pride ourselves on providing efficient and friendly support to get you back up and running as quickly as possible. Whether you need help with computer setup, network configuration, or solving an urgent IT issue, our team is there to offer the personalized service you need.

Why Choose Berkshire ITS Limited?
Expert Technicians: Our certified IT professionals are highly skilled in computer diagnostics, IT consulting, managed IT services, cybersecurity services, and on-site IT support.

Customized Solutions: We understand that each client has unique needs. That’s why we provide tailored IT solutions to meet your specific requirements and help you achieve your goals.

Proactive IT Management: With our managed IT services, we ensure that your systems are monitored and maintained to prevent problems before they impact your business or personal productivity.

Comprehensive Support: From routine IT maintenance to urgent support, we offer a wide range of services designed to keep your technology running smoothly and securely.

Contact Us Today

Business Address:
Vicus Wy, Maidenhead SL6 1EL, United Kingdom
Contact Number:
+44 208 050 5101

IS Technology: Your Trusted Partner for Small Business Support and IT Services

In the modern business landscape, technology plays a crucial role in driving efficiency and success. For small businesses, managing technology and staying ahead of IT challenges can be overwhelming. At IS Technology, we are here to provide expert small business support and IT services to help your business thrive. Located at 12 National Ave, Fletcher, NC 28732, we offer tailored solutions designed to meet the unique needs of small businesses, enabling you to focus on what matters most—growing your business.

Why Small Businesses Need IT Support
Small businesses often face unique challenges when it comes to technology. With limited resources, it’s crucial to make the most of your technology infrastructure while minimizing downtime and security risks. IS Technology specializes in providing small business support that empowers your company to run efficiently, securely, and seamlessly. Our IT services are designed to help you:

Reduce IT Costs
Outsourcing your IT services to a trusted provider like IS Technology can save your business significant costs compared to hiring a full-time, in-house IT team. With our flexible support packages, you only pay for the services you need, when you need them.

Stay Competitive
In today’s digital-first world, small businesses need to leverage the latest technology to remain competitive. Whether it's cloud computing, advanced cybersecurity, or efficient networking, we provide the tools and expertise you need to stay ahead of the curve.

Improve Efficiency
Technology should simplify your business operations, not complicate them. Our small business support services ensure that your IT services are optimized for maximum productivity, reducing downtime and streamlining your workflows.

Enhance Security
Cybersecurity is critical for small businesses that handle sensitive customer data and financial information. IS Technology offers robust security solutions that protect your business from potential threats, ensuring that your information is safe and your systems are secure.

Our IT Services: Tailored for Small Businesses
At IS Technology, we offer a wide range of IT services specifically designed to meet the needs of small businesses. Whether you’re looking for a comprehensive IT support package or specialized services, we have the expertise to provide solutions that fit your business requirements.

Managed IT Services
Our managed IT services are designed to provide proactive support, ensuring that your systems are running smoothly 24/7. From regular software updates to monitoring your network for potential issues, we handle everything so you can focus on growing your business.

Network Setup & Support
A strong, reliable network is essential for business success. We provide network setup and support to ensure that your business's technology infrastructure is seamless and scalable. Whether you need help setting up a new office network or optimizing your existing setup, we’ve got you covered.

Cloud Solutions
Cloud computing offers flexibility and cost savings that traditional IT infrastructure simply can’t match. We provide cloud solutions that allow you to store and access your data securely from anywhere. With our help, your small business can benefit from enhanced collaboration, seamless data sharing, and reliable disaster recovery.

Cybersecurity Services
Small businesses are often targets for cybercriminals due to their perceived vulnerabilities. At IS Technology, we provide advanced cybersecurity services to safeguard your business against cyber threats. Our services include firewalls, antivirus software, encryption, and security audits to protect your data and systems from potential breaches.

Tech Support & Troubleshooting
When technical issues arise, you need reliable tech support to minimize downtime. Our team is available to troubleshoot problems quickly and efficiently, ensuring your business is back on track in no time. Whether it’s hardware malfunctions or software issues, we’re here to help.

IT Consulting
As a small business, you might not always know which technology solutions are best for your needs. Our IT consulting services provide expert guidance to help you make informed decisions about your technology investments. Whether you need advice on upgrading your infrastructure or choosing the right software for your business, we offer tailored recommendations that align with your goals.

Why Choose IS Technology for Small Business Support?
Tailored Solutions for Your Business
At IS Technology, we understand that every small business is different. That’s why we provide small business support that is customized to meet the specific needs of your business. We take the time to understand your goals and challenges, and we design IT services that align with your objectives