• 3 Posts
  • 21 Comments
Joined 9 months ago
cake
Cake day: March 1st, 2024

help-circle
  • Yes, and thank you for your interest in helping. Appreciated! After an update, I will eventually reboot. When doing so, the options in the gear at the Gnome login will be

    • Gnome
    • Gnome Classic

    Both of these options are X11. I verify this with $ echo $XDG_SESSION_TYPE and see X11. When Wayland is working, the Gnome login will show four session types:

    • Gnome
    • Gnome Classic
    • Gnome on X.org
    • Gnome Classic on X.org

    I haven’t been able to locate a log file where something looks relevant to the decision made at boot for XDG, Wayland, or X11 that chooses one over the other. It’s just as though Wayland stops being an option. 3 or 4 updates later, I’ll have Wayland back again - but no idea why it comes and goes. My caveman intuition tells me it happens around nvidia updates, but I haven’t kept strict notes on that.







  • I disagree! They can be great options, inexpensive and reliable. My current home server is a Dell r620 with xeon CPUs, 64gbs of RAM, and 2 terabytes storage in raid 5. It serves several vms, a mix of Windows and Linux. More than enough for many home set ups. Boots the os off a 16gb flash card. Cost me $185. Thing has been a tank.

    I bought two short L brackets from home Depot, and have it hanging flat against the wall. It’s been fabulous.




  • Looking for cert guidance!

    I’m a late-40’s life-long IT guy, working as a cybersecurity architect / deputy CISO for a state govt agency the last few years. I have my CISSP and bachelor’s in IT mgmt from WGU.

    I have access to free microsoft classes & cert tests through my employer. Thinking about going back and getting some certs. Does it make sense to do the security certs in order?

    SC-900, SC-100-200-300-400, AZ 500

    Or am I overthinking it and I should just jump in and try a test to see how I do?





  • I could use a resume review.

    I’m a security architect in the public sector, state government. I started as an entry level sysadmin around 2000. I’m being strongly encouraged to apply for the CISO position here. I’m 46, and currently lead a team of 3.

    Every time I apply for the private sector, including lower level jobs, it’s crickets. If I apply for govt work, I get people banging on my door.

    How do I get a resume review, or someone to point out what I need to make the jump from govt to private sector?


  • Always love these kinds of questions, and love how you are working to build this community.

    I work for a government agency as a deputy ciso, and I’m putting together a decision package for legislature to request new staff. I’m looking for five new members of my team, which would slightly double our size. It’s a very long process, which involves a lot of capacity planning, reading strategic plans and tying it to things other people have talked about, demonstrating work bottlenecks through metrics from our soc, and leveraging relationships and capital Goodwill that I’ve built over the last couple years.

    Cross your fingers for me.




  • t every company should have? Is there even a frame

    I was the lone security person there for a bit. Now there’s 4 of us. I broke it down into two risks:

    service / system outage data breach / loss

    The way I approached shoring up defenses was with specific activities each week:

    vulnerability remediation audit & compliance incident response governance & policy security awareness program

    It might help to think of things in a maturity model. Putting in a SEIM is a big job, and maybe more appropriate for when the security program at your org has matured more. What you can do is spend time working on the other stuff - what’s your endpoint protection? What compliance requirements do you have? How’s your inventory & asset management? What’s policy look like? Do your AD accounts all make sense? What’s the password policy? Do you have any old service accounts?

    Picking little stuff allows you to make progress, and gets you ready to move to the bigger things. A mentor once told me to use a checklist (for life in general, but applies to cyber):

    1 Did they ask you for help 2 Do you have it to give 3 Have you done enough for now

    Good luck!


  • Usually labeled as P series.

    This is how I do my home system, Dell r710xd I believe. I bought it used via craigslist and I think it came from the local power company. In the States we have government surplus sites that have stuff cheap.

    You can mount a rack mount system vertically on the side of the wall, hanging down with a couple of shelf brackets.