Small follow up - asked about bag recommendations like a month ago and went with the recommendation from Nasan@sopuli.xyz - Mystery Ranch Catalyst 26l - been really happy so far.

I’ll look into it! Appreciate it, Cheers

Gotcha - makes sense. appreciate it.

It may be a little late, but do you enjoy cybersecurity? - Chasing ghosts, scrolling through endless lines of logs, fending off threats, responding to incidents in high-stress situations, fighting for budgets, clients and colleagues who just don’t care, being the “bad guy” in meetings, and so on.

I’ve only been there a few months, but there’s no light at the end of the tunnel. I’m pretty sure it has something to do with my environment, but I can’t see myself doing this for a long time.

I am pretty sure one of our consultants has this Osprey Comet. Looks decent! Wow, the Technonaut looks more like a travel bag than an everyday carry, and man, 400 bucks? And I thought my Veto Pro Pac was expensive.

It seems that I have to drive more often to the office again. Any bag recommendations? What is your favorite brand/ model?

So, let’s assume that you are in an international company and the first and only security person. What are your first steps and projects? It is like really vague, but I’d assume like a SIEM, inventory of the network and all devices, backup situation, maybe even honeypots?

What are your high-prio things that every company should have? Is there even a framework for it?

Feeling kinda lost and I hope you get some guidance in the right direction.

Testing a few CTF platforms to learn more about pentesting. It is interesting, but the learning curve is quite steep.

Currently using HedgeDoc for taking notes, but it is lacking some features, so I am trying to find and host some alternatives and compare them. And I hope I can find some time to play with my Flipper Zero…

Learning things about Wireguard and implement it to secure my internet facing servers.

Yeah, after more testing, we can say that the second IPStunnel was the issue. Re-worked the route over a single tunnel and the whole 100 Mbps are available again. Users are happy, I am happy. Even tho a little bit frustrating.

Thank you for your input!

Ping - Update 2 @Avian_Carrier@infosec.pub @jharrison@infosec.pub @SgtKetchup@infosec.pub

Ping - Update 3 @Avian_Carrier@infosec.pub @jharrison@infosec.pub @SgtKetchup@infosec.pub

Yeah, notifications are really unreliable here. I’ve got another window for more stress test today. Going to post update later, or tomorrow. Focus on MTU/MSS

The ISPs are slow to answer if there is no active outage. Will take some time anyway.

Packets are dropped in bot directions. I am currently looking through the pcaps and will do another stress test later - got another window. MTU/MSS is the prio today.

Good points and thank you for your input. What kind of TaskManager do you use? Any system, or just simple list?

Do you know https://logseq.com/ ? - I think it is considered an alternative to Obisidian. Had been using it for a while, was great, but it was almost too much work to organize everything.

Haven’t found my perfect solution. The current goal is get everything together and see what I really need. Most likely a single .md file that I can encrypt and sync in my machines, but not sure yet.

I am currently trying to organize my notes. The old ‘system’ is a pain, and getting everything centralized makes it easier to find things. Notes, snippets, bookmarks, and so on.

Thank you for the AMA.

Do you regularly feel overwhelmed? - Keeping up with the sec news and patch accordingly, firewall/ips and endpoint alarms, logs, meetings, and more. It shouldn’t be the case, but it seems that everything in security is prio 1.

EDIT: and being the party pooper and saying no to everything, bc people do not think about security.

Added the Update 2. Still some things to do, but we know a little bit more now. Feedback and questions are still welcome.