Update Oct 26, 2018

CISSP Update

I purchased the CISSP test engine from BOSON and a few books from Amazon a few days ago.  The books are:

Sybex 8th Edtion CISSP Study Guide

Sybex 2nd Edtion CISSP Practice Tests

11th Hour CISSP Study Guide

 

I got all of these based off of the /r/CISSP subreddit and told Angela that I was going to be buying some things.  I feel that, based on what I have read that these are really the core of what I need to know and based on previous experience the BOSON tests are amazing.  I was a little perplexed because the two Sybex books were on ‘sale’ as a bundle for $20 more than if you bought them separately.  Weird, but whatever.

 

I finished up audio book from Shon Harris on Business Continuity Planning this morning on my way to work.  The next section I’m going towards is Cryptography.  I usually listen to them to and from work and go on a walk in the evening.  Normally I get about an hour a day on work days.

 

I’ve also taken one BOSON test so far.  At first I wasn’t doing great, but then kept going and was about 70% the about half way in.  I ended up scoring 68% which for the little bit that I’ve studied so far I’m impressed with.  I would have been happy getting ~60%.  I read the two chapters that I scored lowest in from the Exam Cram 3rd edition I have at work to refresh the areas I scored the lowest in.

 

Right now I’m going through Sari Greene’s course from safaribooksonline and so far it’s been pretty good.  The concepts she explains make sense, but she has a very different delivery style from Kelly Handerhan.

 

I’ve also thought the last few days about going back and getting a Masters Degree from WGU.  I looked at the course outline for their Cyber Security Program and thought that if I get CISSP and OSCP that would be something like 60% of the program, so I might as well.  This thought came to me after I spoke with Josh who got a MASSIVE promotion leaving Verizon.  He said the increase in salary came, in large part, to him having a Masters Degree.

 

Oh and I had my co-worker use the VPN I set up for the very first time today.  She said it was ‘very cool’.

 

 

Free CISSP videos on cybrary finished

Last night I finished the free course on cybrary by Kelly Handerhan.  It’s the more up to date of the two that are offered – 8 domains vs 10.  At first I started taking copious amounts of notes, then more watched them and took notes on things that I didn’t know before or stood out to me or were good examples.  I’ve previously got my Network+, Security+ and CCNA and it built on a lot of those things, but parts on software I was soft on so learning that made sense.

 

I have the 3rd edition of the CISSP Exam Cram at work that I’m using, but I’m considering buying the 4th edition.  There’s also the 11th our CISSP that was recommended on the r/cissp subreddit that was highly recommended as well.  I’ve download an mp3 audio course by Shon Harris onto my phone that I will listen to on my way to and from work.  I know I don’t get as much as the specifics while listening as I would watching or reading and taking notes, but it does add value and in a way it helps more get concepts down and ideas solidified.

 

I’ve got more video material than I know what to do with – literally almost a hundred hours of video I can watch.  So what I’ve decided to do is after I’ve finished a book or two, then start taking BOSON tests and start filling in the areas I’m weak in or don’t understand with videos, google, other books and questions.  I think that way I can maximize the time that I’m spending and focus on the areas I’m weak instead of spending too much time watching videos and reading things I already understand.  When i was getting my CCNA, I decided not to take tests until I was done with 2 video courses and 2 books and while I went through a lot of material, I realized afterwards I didn’t understand certain areas very well or would ‘zone out’ when I was watching a video or reading something I already understood.

 

There’s another book at work that I’m going to use, I just need to borrow it.  I can’t remember which one it is off the top of my head, but it’s pretty thick so it might be the official study guide.  I’ve already talked with Angela about taking time to study and she’s on board with it and will give me the time I need to get this (hopefully) knocked out by the end of the year/very first part of next year.  From there I’m not 100% sure what I’ll do next, but the OSCP seems like it would be fun to do – hard, but fun.

OpenVPN at work

I got OpenVPN setup at work so I’m able to remote in.  It works well on Windows, but I’ve run into some DNS quirks on Linux.  There are options to pass into the client.ovpn file so when the connection is open or closed it runs a script that makes it work and I haven’t looked into it enough to work finish it.  Besides, I don’t think anyone here runs Linux as their native OS so I haven’t spent too much time looking into it.

 

I ran into an issue with the firewall to start with.  We use Shorewall and I haven’t had very much exposure to it, so I had Hardy show me what happened.  When we made the change…. and it broke the internet for about 10 minutes.  He made an unrelated change and it got it back working again. (Don’t want to say what it was, but it was unrelated to the line I added opening up the service).   After some experimenting, I realized that the port was closed, which was weird.  Then I remembered that I opened the TCP port, but OpenVPN was running on the UDP port.  I went into Shorewall and made the change and it started right up.

 

This will be nice because currently getting around the network from the outside is a little cumbersome and if people are using the VPN to do work things from home, we can close some of the ports that have been open previously.

 

***** UPDATE *****

It looks like installing OpenVPN broke Hardy’s Sophos client so that would be two things I broke in a day!  We fixed it by looking at the running services in the background, stopped the ones with ‘OpenVPN’ in them, then Sophos starting working again as normal.  During the install OpenVPN wanted to install over Sophos which was weird too.

Work update

Here’s the real reason why I was wanting to update my blog, to jot down a few things that I’ve been working on at work (and at home).

 

I found out that the CISSP can be taken if you have less than 4 years if you go the ‘Associate’ route.  On paper you have the CISSP, but not really a full CISSP.  I noticed this when I was set this link by my boss and said that it would be a good idea to get what I could in the “IAM Level II” group.  I then reached out to A.J. McQuay who I used to work with at Interface who confirmed that you can get it, and it’s not a full CISSP.  He also said that of the ones listed, the CISSP would probably be the best.  So I’ve got some material online and a book from work that I’m going through and learning that.

 

The other thing that I’ve been working on was setting up OpenVPN at work.  I have since wiped everything because I’ve decided to go another route, but I got OpenVPN set up on an Amazon instance, tunneled to it, authenticated automatically or with a password.  I was asked to set up 2FA so one of the steps was to get something like WikID working, which I did, but only set up OpenVPN to authenticate locally (which worked) and then realized I’d need to set up Radius or LDAP set up first – not local authentication (there might be a way, but it would be better with one of the first two).  I’m pleased with progress on it because I hadn’t ever done anything with an OpenVPN server or anything like that, but was able to get something going.  I hadn’t set up 2FA either, but was able to get that going as well, although I didn’t read through all the documentation so when I got to the LDAP part I decided to then replicate it on my local server here and not pay for AWS usage since I got the VPN part down.  I set that up first to make sure that it was working and it was easier to make sure it was by checking my IP address and if it was different then I knew it was working.

 

Lots of good stuff that I’m working on and getting exposure to.

Phew!

I thought I would update a few things that I’m working on at work and I noticed that I was given the general ‘apache setup page’.  I remembered that I updated my lightsail image (didn’t create a backup…. doh) and thought I’d lost everything.

 

I looked around their support page to see if there was anything related to the error message that I was getting (port already in use) and I wasn’t able to use the ‘ctlscript.sh restart apache’ command to get it going again.  I thought of a few things I could do:

  1. Forget everything and start over.  Not a big deal, since I haven’t updated this in forever
  2. Let it be for a while and the idea would come to me
  3. Spin up another lightsail VM and see what the difference is and go from there

 

I decided to go with option 3.

 

Long story short, after poking around, I made some comparisons.  On my machine, when I got the processes that matched apache, I got this:

bitnami@ip-172-26-5-148:~/stack$ ps aux | grep apache
root 1280 0.0 0.6 71584 3084 ? Ss 18:48 0:00 /usr/sbin/apache2 -k start
www-data 1282 0.0 0.6 426340 3164 ? Sl 18:48 0:00 /usr/sbin/apache2 -k start
www-data 1283 0.0 0.6 426404 3224 ? Sl 18:48 0:00 /usr/sbin/apache2 -k start
bitnami 2095 0.0 0.1 14224 944 pts/0 S+ 18:48 0:00 grep --color=auto apache

 

On the test bitnami image, when I did the same command, I got this:

bitnami@ip-172-26-7-99:~$ ps aux | grep apache
root 2232 0.1 5.7 206708 28896 ? Ss 18:43 0:00 opt/bitnami/apache2/bin/httpd.bin -f /opt/bitnami/apache2/conf/httpd.conf
daemon 2237 0.0 2.4 813180 12032 ? Sl 18:43 0:00 /opt/bitnami/apache2/bin/httpd.bin -f /opt/bitnami/apache2/conf/httpd.conf
daemon 2238 0.0 2.4 878716 12020 ? Sl 18:43 0:00 /opt/bitnami/apache2/bin/httpd.bin -f /opt/bitnami/apache2/conf/httpd.conf

Well, they formatted differently on here (one was the web ssh and the other was a terminal.  I’m not going to bother fixing it for now.

 

The solution was to kill all the apache processes, then start them up with the command

/opt/bitnami/apache2/bin/httpd -f /opt/bitnami/apache2/conf/httpd.conf

I’m guessing that apache kicks off and runs with the default httpd.conf file which points to /var/www/html and the lone index.html file inside of there.

 

 

 

********************************************************

Update

I moved the /etc/apache2/apache2.conf to /etc/apache2/apache2.conf.old and replaced the original one with the httpd.conf file from /opt/bitnami/apache2/conf/httpd.conf.  I then ran the ‘ctlscript.sh start apache’ and it restarted it just fine.

Turns out the fix was pretty simple, just telling apache to point to where the rest of the files were.  Guess I won’t be running ‘yum update’ for a while now.