zyx2k - Network

Content warning:The generosity of a thoroughly decent person / Ukraine.I'm going to share a short story from the last fortnight about an...

Content warning:The generosity of a thoroughly decent person / Ukraine.

I'm going to share a short story from the last fortnight about an interaction I had which really highlights just how awesome the #infosec industry can be.

A few weeks ago, I was conducting a pen test against a Government client at their premises. Now if you know UK Government, you'll know a lot of their kit can be old, and they often try to squeeze as much assurance work into the shortest timescale to save money . I was presented with 20 firewall configs to review which hadn't been communicated in the original scope (I was expecting 4). No problem though, lets make this happen.

My immediate problem was I had no tools at all that could parse these old (very large!) configs into something sensible without spending some time coding something up. So a quick search pointed me to an older tool that hasn't been maintained since 2017. #Wallparse. I grabbed the exe and installed it. It ingested every one of the configs for me, giving me a lovely visual representation and made the reviews very rapid by comparison to the alternatives I was facing that day. I had used a trial license at the time.

Impressed with it and its applicability to the job and wondering how to get a license as I am sure it will come in useful again, I contacted the admins from the email address on the 2017 website, not really expecting any response.

Well I did get one, and not the one I was expecting. James D contacted me with a 1 year license and asked for no money for it, rather that I donate to a charity supporting Ukraine, if I could, or at least offer a prayer.

It really touched me what James D had done, so I calculated what proportion of my fee would be for the hours I spent reviewing the firewalls and donated that, and a bit more, to Unicef this morning.

I don't know who James D is, or why they stopped developing their tool, but their generosity has truly made my month.

Content warning:Netflix spoiler. Maybe, probably not. I'm likely more excited by trash TV than most people.New season of Warrior Nun...

Content warning:Netflix spoiler. Maybe, probably not. I'm likely more excited by trash TV than most people.

New season of Warrior Nun on Netflix. OMG.

An under rated rollercoaster of a show. Bring it.

Content warning:Programming humourPython infested

Content warning:Programming humour

Python infested

Took my dogs on a 12 mile ruck through the Wye valley today. I think they might be broken. Never seen them sleep so deeply...

Took my dogs on a 12 mile ruck through the Wye valley today. I think they might be broken. Never seen them sleep so deeply 🤣🤣🐕🐕

Content warning:Linux tech and info security/hacking. Mild rant, no swearing just airing.Arghhhhh. Linux. So good, but such high...

Content warning:Linux tech and info security/hacking. Mild rant, no swearing just airing.

Arghhhhh. Linux. So good, but such high maintenance if you're like me and mess about with things. Another rebuild tomorrow to try to shoehorn several coding platforms all running different dependencies, virtual machines, pen test tools et al. It will last 3 weeks before things start to break again. But I wouldn't do tech any other way.

Not sure if a bug on the server api or a bug in the droid app, but I'm getting the same notifications multiple times today @jerry I love...

Not sure if a bug on the server api or a bug in the droid app, but I'm getting the same notifications multiple times today @jerry

I love getting follow notifications (follow me hint hint) but the same notification every 3-10 seconds for hours on end seems buggy. Only started tonight.

Stories in signal?What relevance does this have to a secure messaging app? Utter nonsense. #signal Going the way of #telegram. I can't...

Stories in signal?

What relevance does this have to a secure messaging app? Utter nonsense. #signal Going the way of #telegram. I can't think of a single person who'd want this.

Random #dog content.

Random #dog content.

@thecontractor knows all about this 🤣🤣🤣🤣

@thecontractor knows all about this 🤣🤣🤣🤣

I feel this is an important PSA. Regardless of the platform and regardless of whether I'll use it or not, I always register my handle.

I feel this is an important PSA.

Regardless of the platform and regardless of whether I'll use it or not, I always register my handle.

I have a lot to do. Book travel and hotels for next week, get one app pen test and a chrome plugin code review report out.But I've had a...

I have a lot to do. Book travel and hotels for next week, get one app pen test and a chrome plugin code review report out.

But I've had a lovely day doing absolutely nothing. No regrets.

Missing being here right now. Soon. #sailing #yacht

Missing being here right now. Soon. #sailing #yacht