Fox'Say!
CICyber Info
•Created by Fox'Say! on 8/9/2023 in #❓︱support-requests
Snort Struggles: How to detect the FTP service name?
3 replies
CICyber Info
•Created by violet on 7/27/2023 in #❓︱support-requests
hello i'm violet how can i learn cybersequrity
Hi @violet. I asked a similar question and Weet was really helpful in getting started. I took his suggestion andstarted with TryHackMe and I have been learning a lot.
https://discord.com/channels/543652415870730240/1113239214264426597/1113239214264426597
3 replies
CICyber Info
•Created by Fox'Say! on 7/24/2023 in #❓︱support-requests
OSI Model Layers Question
But I get now that Layer 1 is the most basic as in hardware and Layer 7 is where it all starts in the software.
or
Layer 7 is the first point of contact for the sender and the last for the receiver, and Layer 1 is the first point of contact for the receiver and Last for the Sender
5 replies
CICyber Info
•Created by Fox'Say! on 7/24/2023 in #❓︱support-requests
OSI Model Layers Question
This really helped! Turns out I didn't really get exactly how it worked. I think I was confused about starting on layer 7 and going down, and maybe I didn't quite realize it went in reverse on the other side?
5 replies
CICyber Info
•Created by Fox'Say! on 7/12/2023 in #❓︱support-requests
What are these Linux Commands doing?
Thank you, I spent so long trying to figure that out. It was just wrong 🙄
8 replies
CICyber Info
•Created by Fox'Say! on 7/12/2023 in #❓︱support-requests
What are these Linux Commands doing?
Can I ask if, at a glance, you know what 1ndex.php is? Is that the same thing as the directory index, which I think all Linux directories have? If that's correct, I thought Yara calls went
yara **<rulename>**.yar **<filename_being_scanned>**.
yara 1ndex.php file2/file2.yar - call from inside file2 directory.
Do I have the syntax backwards? And if I do, how does yara know where 1index.php is? Maybe it just runs by default in the current folder?
https://medium.com/@haircutfish/tryhackme-yara-room-d279ccb5cbb3#:~:text=Answer%3A%20yara%201ndex.php%20file2/file2.yar8 replies
CICyber Info
•Created by Fox'Say! on 7/12/2023 in #❓︱support-requests
What are these Linux Commands doing?
Thanks, that helps a lot.
I found a guide. I'm still learning Linux and they touched on a few of the commands, but I don't think the course taught me how to use & string together all the commands you need to get the answers...which would explain why this was weirdly difficult.
https://medium.com/@haircutfish/tryhackme-yara-room-d279ccb5cbb3#:~:text=Based%20on%20the%20output%2C%20what%20string%20within%20the%20Yara%20rule%20did%20it%20match%20on%3F
8 replies
CICyber Info
•Created by Fox'Say! on 5/30/2023 in #❓︱support-requests
What do I need to do to land a job in an SOC as a relative beginner?
I think this is the goal, work myself into a place that makes a lot of $ without tying me down physically too much. I'm not sure what busting my ass/lateral moves look like yet, but I can put in the work. I'm a decent presenter/public speaker and good at communicating with non-techies in layman terms, so maybe that'll help too. I might eventually want to try my hand at deep learning or AI or something of that sort, and I know Python is nice to know for SOCs so it'll be good either way.
Let me know when/if the CTF is happening, and I am all ears for recommendations! And I would certainly be grateful if you reached out to some hiring mangers. I've still got a bit to go, but I'm getting up to speed quickly. When you're learning, is having an idea who you want to work for a good idea, in general?
22 replies
CICyber Info
•Created by Fox'Say! on 5/30/2023 in #❓︱support-requests
What do I need to do to land a job in an SOC as a relative beginner?
This looks great, lol and going to vegas for a test wouldn't be terrible. How important is a Splunk certification in your opinion?
22 replies
CICyber Info
•Created by Fox'Say! on 5/30/2023 in #❓︱support-requests
What do I need to do to land a job in an SOC as a relative beginner?
22 replies
CICyber Info
•Created by Fox'Say! on 5/30/2023 in #❓︱support-requests
What do I need to do to land a job in an SOC as a relative beginner?
@weet Just wanted to ping you real quick
22 replies
CICyber Info
•Created by Fox'Say! on 5/30/2023 in #❓︱support-requests
What do I need to do to land a job in an SOC as a relative beginner?
No worries. And I'd love to see your Splunk environment if you have time! I've listened to a few Cybr podcasts with Bob Salmans - he heavily pushed Security Onion as a homelab environment, but most of the jobs I've seen posted (in the limited searching I've done) appear to specifically request Splunk experience. Does Security Onion do something that Splunk can't do?
I Also took your advice with TryHackMe and I'm going through the Pre Security Section to fill in the gaps - currently, my game tentative plan as I feel this out is:
1. Race through TryHackMe learning as fast as possible
2. Learn (or at least look into) how to start making a portfolio demonstrating what I know/learned & my activity, and possibly/eventually a social media presence of some sort. At minimum the homelab is going in the portfolio.
3. Set up a home lab of some sort (once I better grasp networking/SEIM & what a homelab is)
4. Perhaps this is the point where I can reasonably apply for jobs?5. Possibly get certificates while I figure out what else to do and/or learn next.
Otherwise, I'm not sure how important it is to figure out what company I'd like to work for at this stage, I just know I want to be a WFH Team Blue guy at this point. SOC I salaries are admittedly less than I hoped based on the TryHackMe pages, but it seems like there's plenty of opportunity for SOC II and branching out to other areas.
22 replies
CICyber Info
•Created by Fox'Say! on 5/30/2023 in #❓︱support-requests
What do I need to do to land a job in an SOC as a relative beginner?
That's awesome! (And my SOC monitored world events and evaluated potential threats to our sites & personnel, and we were often the first point in the incident response chain. For instance - my team was monitoring the Covid outbreak in China for a while and knew it was probably going to be a big thing at least a week before it was announced. It was a fun job!)
So now I have some very basic comprehension of cybersecurity jargon, some resources, and a better (though still not terribly clear) vision of what I need. Thankfully, I appear to be looking at a mountain of data and resources, but I'm rather lost as for how to climb it. In terms of goals, what I know is:
1. I want to land a job in SOC ASAP.
2. A major goal is to work remotely relatively soon (I'd like to travel)
3. I believe I'd like to work in blue team defense. Possibly in incident response - I have enjoyed jobs that were "on call," so to speak, until I needed to put out fires or take fast action. But realistically, the first priority is to get in the door as soon as possible.
So I guess my question is: If I want to go from where I am now to an SOC as soon as possible, how should I plan my step-by-step route from here to there?
I don't want to info dump too hard, but I can share what resoruces I've found so far if that's helpful - they're also in here where I'm keeping track of this learn-to-SOC project: https://bra.in/9q5eGV
The Try hack Me site looks great, maybe even a full road-map to SOC competency?
22 replies