Network and Security on the cheap

Networking security and monitoring on the cheap

Building a complex network scheme requires a lot of knowledge and experience.  It also requires a bit of insight and guesswork into what can and should be used.  Trying to do all this without budget is even worse.  You basically don't have any chance to do it correctly.  

Or do you....   

See, part of the problem is not knowing the tools are there in the first place.  And because the Internet is big into open source, you've got plenty of options once you become aware of what they are.  So that's what I'm going to try to deal with here.  Trying to build a defensible architecture based off spending the least amount of money as possible.  Saving the money on these tools allows you to spend that money else where.  Like in good firewall. 

Love them or hate them, here's my recommendations.  

Network monitoring - Paessler PRTG

Log Management - GrayLog

SIEM - OSSIM

Firewall -  Palo Alto

Patch Management - WSUS

Now, before I get yelled at...  

1) I don't deal with much of a web presence, so I don't have to fight with Web Application Firewalls.   I mostly deal with brick and mortar.  If you've got a web front end to deal with, I can't really help you.  

2) Palo Alto is expensive.  But it is awesome.  Money spent there is well worth the spend.   

3) PRTG is only free for 100 sensors.  100 is better than 0, which is probably what you are monitoring now.   And running a ping here and there is not monitoring.   Don't even pretend.   

Sure, many of these platforms are free.  But you will spend a lot of time in sweat equity.  Don't expect an easy time with setup and tuning.  Expect to spend a lot of time beating your head on the wall, trying to figure something out. 

The other part of this is do what everyone says to do, but no one does: document.  

Documentation is the untold glue that holds all these train wrecks together.  Spend a lot more time documenting than you think you should.  Because that first time you have to rewrite a script to get your Graylog server to accept traffic on the correct port, you'll wish you had.  Because you'll forget about that script, and reboot.  And because you didn't write it down, you'll have to figure it out again.  No fun.

Or when your Graylog setup script gets overwritten due to an upgrade.  Fun times.  Fun times.

Han Solo was right

Han Solo was right.

Short-circuiting your thinking

Seems like I've spent a lot of time thinking about my thinking.  Strange and interesting to say the least.  Anyways, I came across an interesting thought. 

Instead of trying to short circuit your thinking in the moment, come up with something to short circuit your thinking that has already been prepared.  It seemed like a simple idea. 

Because I couldn't stop the train wreck of thoughts going through my head during the process.  Without a lot of practice, it's almost impossible.  Especially if you've been conditioned to think in the wrong manner.  And most of my thinking has been in the wrong manner.  It's hard to say that, but yeah.  Most of my thinking has been flat out wrong.  And has been wrong for years. 

To say it's wrong is to have some sort of argument with the knowledge that I know the right way.  Which is completely untrue.  I spent years being conditioned to think incorrectly.  It was probably me that caused a bunch of it.  But I never stopped it.  To say growing up sucked was an understatement.  But that crap conditioned me to think incorrectly.

So how in the world am I going to solve this problem?  I'm going to try something new.  And if it doesn't work, I'm going to try something else.  If that doesn't work, I'll try again.  Because what I have been doing hasn't been working.  There's just too much mental baggage to get my brain going in the correct direction without a prepared answer.  Too many years of not believing I was worth a damn. 

But what you can do is right down what you want to believe.  And listen to it frequently.  Listen to it? 

Here's the cheating part.  Because it's so damn easy. 

Come up with your script.  Come up with what you want to be. 
Write it down.
And record it in your own voice. 
And then, play it back frequently. 

Try it for a month.  See what happens.

See, because you don't rise to the occasion.  You fall to the level of your training.  So you have to develop a new form of training. 

And the easiest way to train yourself is auto-program responses.

Try it for a week or two.  I'm pretty sure you'll love the results.

Real Life vs Video Game Life

I'm often struck in the vast difference between video game life and real life, especially when it comes to war.  I just finished reading "With the Old Breed" by E.B. Sledge.  As a real to life account of war, it it vastly different than what is experienced in the average video game.  The average video game throws amazing circumstances at you and you end up fighting constantly, effectively dying and retrying.  Video games are full of banzai charges and insane attacks.  It's the kind of stuff that makes for great movie scenes.  It's also things that were learned and quit.

By the time of the battles at Pellilou and Okinawa, the Japanese banzai charge had gone the way of the dinosaur.  It was an ineffective action when faced down by a bunch of entrenched Marines.  It was replaced with deep emplacements and disciplined fire.   That led to slow slogging battles battles where every inch of ground was a difficult struggle. 

You don't see much of that in video games.  It's all blind charges and insane maneuvers as your bullet sponge avatar heroically destroys an obviously inferior enemy.  It's a sad blight on humanity.

I once thought of a movie to describe real war.  It would have been called Guard, and it would be four hours long in real time.  No quick cuts, no exciting scenes.  You have three people standing in a guard tower watching a mobile populace move through their day to day lives. 

It would have been the most boring movie known to man.  But then it would have been the most accurate war movie ever.  Just by observing you would learn the wonders of high intensity anxiety and tension.  It would have been beautiful. 

But then, I've never been a screen writer.  Or much less a story board person.  It would have been interesting. 

The general answer is that real life is not video games.  And that's about all there is to it. 

Financialness, or not

I've read a lot of financial books.  They all say pretty much the same thing.  The ideas are all pretty much the same.  Each one has a bit they think is different.  But at least a bunch of them realize what they're saying is not unique. 

Short answer: buy things that make money while you sleep. 

That's pretty much it.

Big shocker.  But yeah, that's it.  The path to that answer is always different, but it's roughly the same regardless of what choice you make.  Many will suggest you start buying that thing while you are still in debt.  Others will tell you to get out of debt first.  Others will tell you to use debt.  But it's all the same: buy something that makes money while you sleep.

Continue buying things that make money while you sleep until you make enough money to where you don't need to work, and then you are rich. 

Could be businesses.  Could be stocks.  Could be bonds.  Could be houses. 

So, before you read your next financial book go look for something you can buy that will make you money while you sleep.   Because that's what the financial book is going to tell you anyways. 

The only difference is when and what method. 

Truthfully, I was thinking of a longer version of this article.  It seemed like a good place to go in to the differences between Robert Kiyosaki, Dave Ramsey, Mr Money Mustache, and Suze Ormann.  But it's pretty much the same thing over and over again.  A lot depends on where you are in your journey and your risk tolerance. 

From Kiyosaki, I learned that you should have multiple plans.  From Ramsey, I learned the psychology of getting out of debt.  Mr. Money Mustache provided an end game idea.  Suze Ormann didn't teach me all that much. 

Stuff and Nonsense

Things are moving right along.  Except they really aren't.  Because although I've been doing a lot of things, I've been doing a lot of the wrong things.   Too much time has been spent solving problems that really aren't problems. 

I find that happens a lot in life.  A lot of time gets spent on things that don't really take you anywhere.  And the things that do end up taking you somewhere seem so inconsequential that you almost ignore them.  

I guess what I'm saying is that the real success in life is not the busy work you continue to do. 

It's the project you don't have time for. 
It's learning something you didn't know.
It's writing the book you've always wanted to write.

And in the end, those things are the ones that really matter.  But they are also the things you will spend the least amount of time on.

Because they are big, and scary, and consequential.

And it's much easier to watch youtube cat videos than it is to do real work.

Or browse through Pinterest.

Or watch TV.

Or read blogs.  

Or read the 15th book on a subject.

Because what you really need to do is put in work.

And that's hard.  Especially when there are so many places to go look for the perfect way to do something.  

want to

Friday, I was at a store, listening to the people talk as I worked.  I was installing cellular backup devices.  But that's of little consequence to the story.  Anyways, one of the people in the store was talking about how they didn't want to go to work.  In the end, the person did show up to work.  I guess that's good.

But my real thought about this: when did coming to work become a question of something you want to do? 

I guess back when I was young, I had that possibility that I could have called in for work out of not wanting to go.  Back then, I didn't have paid time off.  No vacation.  If you wanted time off, you didn't go to work.  But you didn't get paid when you didn't show up. 

Getting paid has always been my interest in going to work.  If I didn't need the money, I simply didn't work.  That was just the way it was. 

 Work has never been something that I let the words of "want to" into my vocabulary.  It was simply a matter of "you are going".

"Want to" never entered the equation.  

Hardgaining part 2

This the followup to something  I wrote about being a so-called hardgainer. These are the scrawny guys who can't seem to put on weight. 

I've found it's pretty simple.  But the simplicity is confusing.  See, all you have to do is eat more. 

But the average hardgainer generally knows about when to quit.  As a general rule, I used to average about 2,000 calories a day.  I never gained weight.  

See, gaining strength and weight is not really about lifting weights.  You can spend a considerably shorter amount of time lifting weights than you do eating. 

Eating is a 3-4 time a day action.  You have to do this every single day. 

In comparison,

Yeah, 3 exercises a day.  And only 7 times in a month. Lifting is a considerably smaller amount of time.  Yet there are still obvious gains. 

My average weight in the last month has gone from 135 to 140. 

Granted, that's not a colossal gain.  But it's considerably better than what it used to be.  5 pounds in a month, and it only took an extra 1,000 calories a day. 

Essentially, eating is the primary thing you need to work on in order to solve your problems with gaining weight.  You don't need to spend more time in the gym.  You need to spend more time in the kitchen.

It's going to be uncomfortable eating all that food.  Sucking down another protein shake sucks.  You end up feeling bloated.  It's not fun.  But it's what you're going to have to do. 

Remember: 3-4 meals a day, and add another 1,000 calories a day.  My average went from 2,000 to 3,000.  And that resulted in a one month gain of 5 pounds. 

100 things

So I'm reading a book by Tony Robbins.  It's Awaken the Giant Within.  The book by Bill Gates was temporarily kicked to the curb.  I'll pick it back up after this book. 

One of the things Tony Robbins says is that we spend our time chasing pleasure and avoiding pain.  The best way to solve a problem is to associate so much pain with the idea that you never perform that action again.  

Sounds kind of vague.

I merged that with something from John Maxwell.  He was talking about not liking yourself.  If you have a problem with liking yourself, write down 100 things that are good about you.  Don't stop until you get to 100.

So, I decided to combine that with Tony Robbins.

Take some problem you want to solve.

Write down 100 reasons or effects of not getting that thing.  Start building a giant catalogue of the pains you are going to feel if you don't accomplish your goal.

At the moment, I'm doing this on computer.  Paper would probably work to. 

But write at least 100 items.  And write them out in full sentences.  No vagueness. Be very specific.

I'm very hopeful for this idea.  Let's see how it works. 

Snowball

Finished reading The Snowball: Warren Buffet and the Business of Life. I think I'd give it a 6/10.

It wasn't a bad book, it was just way too in depth some times.  The book is a door stop, and the information flows liberally at times and with great intention.  So much so that certain sections seem to get bogged down in the finer details of everything that happened to be happening at the same time.  It's a strange bit of craziness. 

Anyways.

Warren Buffet was always a little strange.  He was the kid that had six jobs and was rich before everyone knew what rich was.  He really was. Which is possibly why he ended up becoming as rich as he did.  I guess his major obsession was simply making money.  And with a bit of the right knowledge and a lot of luck, he made a lot of it. 

My primary takeaway on this book is that you need to find an obsession and work towards the end of that obsession until it leads you down a path.  Could be a good path, and it could be a bad path.  It's simply a path.

Buffet worked essentially on concentration throughout this entire life.  Those parts that were important to him, he followed deeply.  Everything else he ignored. 

Things not follow from Warren Buffet: his personal life.  His personal life was flat out strange.  His obsession with various women that he wasn't married to caused all sorts of strangeness in his life.  His disregard for his kids during their formative years also seems to have been critical. 

It that category, he fit in with other visionaries I've read about.  John Boyd comes to mind.  Anyways, I'd say the book is worthy of reading.  Just be prepared to donate a lot of time to it.  I dropped the book half way in (shortly before the Furniture Mart section) just simply due to the large amount of detail.  Part of that detail simply took away from the flow of the book.  

Next up on the list...  Boone. 

Automation

I've been trying to automate more stuff.  Most recently, I used AutoIT to delete 4000 pages of fake assets.  So that was a great win.  I set the system to show 200 pages per item, and yet there were still 4000 pages.  When an import would fail, the system would create 65,536 new assets.  Do that 12 times and you end up with 800,000 assets.  That have to be deleted.  Manually.

Of course, if we were running the on-premise version of the software you could use a simple SQL command.  But we migrated off to the cloud.  So that was out of the question.

If you can't do it with SQL, then it's time to do it with some other method. 

Now, with 4,000 pages of stuff, at about 1.5 minutes per page deletion it would have taken me 12.5 work days to get rid of the fake assets.  Not happening. 

In the end, it took me about 4 hours.  30-45 minutes to write the original script.  Then another 3.5 hours dealing with crashes of the script to make tweaks.  Granted it was just a bunch of web page clicks, but sufficient time prevents those failures.  The main thing was adding time between the clicks. 

Click one button.
Wait 2 seconds.
Move to another location.
Click.
Wait 2 seconds.
Click. 
Wait 4 seconds.
Wait a minute.
Start script at line 1.

I wish I could have written a better script.  But I haven't become good enough at that.  So the scripts I end up writing are generally very specific to the computer being used.  Exact screen coordinates and what not. 

Anyways.  Enough of automation. 

Just realize: repetitive IT work can often be automated.  It just takes time and effort.  And documenting the large behaviors.   

Not for you

I've come to the realization that most of the things I see are not for me.  It's a sad situation where the advertisements just simply aren't what I need or want. 

See, I'm a scrawny white male.  I'm not trying to lose weight.  I'm in relatively decent shape.  I'm not really into the "lose 10 pounds quick" and go with the flavor of the month HIIT workout.  I've done enough of that.  Practical strength type stuff.  Except there's no comparison and no feeling of going anywhere.  No progress.  I can't look at a number and see any improvement. 

Is this thing going to improve me?  What are my starting metrics?  What about ending metrics?

See, being a hard gainer is something that alienates you from the rest of the world.  Take a look at the most recent information from MyFitnessPal.  Which is basically a site for fat people trying to get skinny.

Not for skinny people trying to gain weight.

"Healthy" always means lose weight.  "Unhealthy" always means gaining weight.  And that's wrong.

Why is it that every time I gain weight (which is my goal) the system tells me nothing?
Why does the system declare how great it is when I lose 2 pounds since my last weigh in?  When you are trying to gain weight, a movement in the scale downwards is a failure.

And the system asks "are you trying to lose or gain weight"?

Maybe the submit feedback thing will actually work and cause MyFitnessPal to fix their system.

I think I'll finish with something I heard from Jocko Willink.

Don't count on motivation.  Count on discipline.

more c-store stuff

Went back to looking at Hong Kong after reexamining a previous entry.  I picked an area in Kowloon and wandered around and found a gas station.

More Google Maps, by the way.  So, from a c-store point of view this is kind of interesting.  Also, the other thing that adds to my complexities... What we're looking at is a 5 dispenser station crammed into a small space. This location has several single grade dispensers which don't seem to exist in modern America. 

By comparison, in the central US you have 3+1 and 3 dispensers.  That would be..
3 grades of gas off of 1 hose
1 grade of gas off of 2nd hose

Or

3 grades of gas off of 1 hose.

In comparison, these look like

1 grade of gas off 1 hose
1 grade of gas off a 2nd hose
1 grade of gas off a 3rd hose

I'd guess Gilbarco, but I'm just guessing.  I can't see well enough, and the shape doesn't look modern/futuristic enough to be Wayne. 

Now, the secondary part of my observation. 

I'm used to wide open terrain and gas stations in the middle of open spaces.  Stations shoved into small spaces are different.  They strike me as a bit weird.  It's an open territory birth thing. 

Now... 

Moving to the inside is my thing.  I'm more of an interior control person than an exterior.  Pump technicians have a tendency to be farmed from plumbers (at least in the US).  Smart pump techs become point of sale techs.  Me?  I'm an IT guy that got into pump controllers.  The d-box is the end of my knowledge (most of the time).

Anyways.  

In the process of wandering around this location, I found a couple of 7-11s.  Both of those were non-fuel locations. 

Non-fuel c-store locations are minimal in my part of the US. 

The difference between a fuel and non-fuel location is very small.  A couple pieces of CAT5 and a distribution box.

Another random thing I noticed... (I think I started on Liberty Street).  The area seems to have a lot of animal doctors. 

Hardgaining... or when eating has to become a hobby.

I'm decided to gain weight this year.  I'd like to hit about 160.  I haven't broken 140ish in 5 years.  So it's going to be interesting.

I started working on gaining weight today.  And I realize it's going to be a pain. 

See, that's after dinner.  And that's just to break even.  I've got probably 3 hours before bed before bed and I have to eat another 1500 calories just to break even.  Eating has to become a hobby at this point.  From what I've heard and read, the real answer is eat like a cow. 

In general, I'm following the ideas presented by Starting Strength.  Mark Rippetoe is the only person I've heard that has produced a decent reasoning behind what they were doing.  He's also got an article about the novice effect.  One of his suggestions was to drink a gallon of whole milk a day.  The reasoning makes sense.  You need to increase your caloric intake a lot.  You need to eat about 6,000 calories a day and lift heavy weights three times per week.

That sounds great...  but eating 6,000 calories is a lot.  It took a lot for me to get to 3,000 calories.  Making it to more than that is going to be interesting. 

But then I've always followed complex programs that promised maximum gains without fat.   But then came the answer from Mark Rippetoe.  Basic answer was you can't have it both ways.  If you want to get bigger and stronger, you've got to eat a lot and lift heavy weights.  Spend six months gaining weight and strength.  You can drop those extra few pounds later.  It's worth gaining the strength and muscle mass now. 

So it's now time to make eating a hobby.  Let's see if I can make it past 2 gallons a week this week.