Counter point, set the ‘swappiness’ lower than the default 60. I’ve set mine to 30 and the system boots a lot faster. You could research and consider 10-20.

100% agree, that is a “totally for fun” exercise

For added funs run an SSH tarpit to fuck with the attackers, something like endlessh.

Yeah look that was the front page of the repo talking about how it has C/C++ and Fortran code, sorry for not reading the docs and finding out that yes they still use C/C++ and Fortran code in the form of OpenBLAS which is a dependency… f2py is just a method of doing the following:

F2PY facilitates creating/building native Python C/API extension modules that make it possible

• to call Fortran 77/90/95 external subroutines and >Fortran 90/95 module subroutines as well as C functions;

• to access Fortran 77 COMMON blocks and Fortran 90/95 module data, including allocatable arrays

from Python.

Correct me if I’m wrong here but if you’re implementing an api for one programming language to talk to another then that means you have 2 programm-

I wake up as a lizard. The meaning of kernels, subroutines and programming languages is already fading. I realise the rock I am lying on is slightly in a shadow and move into the sun. Might eat a bug later…

It provides:

• a powerful N-dimensional array object
• sophisticated (broadcasting) functions
• tools for integrating C/C++ and Fortran code
• useful linear algebra, Fourier transform, and random number capabilities

Not according to the repo I sourced from your message.

Got introduced to the phrase “your tongue was in the wrong spot in your mouth”, for something that can’t be reproduced.

Not defending windows 11 in any way, but on install, when you get to the “login to your microsoft account” screen, if you open command prompt (ctrl + f10 i think) and open the network utility - type ncpa.cpl, then you can find and disable your network adaptor. Close cmd and the network utility and click back. It will ask you to create a local user.

I’ve done this a couple of times and it hasn’t forced me to create a Microsoft account yet (I use a lot of windows vms). If this no longer works on win11, apologies, it used to.

Run it in your head, find the edge cases yourself, fix the bug… weakling.

Or do what I do in real life which is patch in new bugs and even a security flaw or two.

I’m thinking data entry for threat hunters, and integrations with our other platforms apis but I couldn’t say anything specific. SSDs are a good shout, I might have tried setting it up with hdds if you hadn’t said.

Did you find it easier to add connectors in seperate docker containers or within the main octi container?

It feels like there’s a pretty high ceiling for this platform and the data you can generate. Do you find it easy to create good data? Do you have any habits?

I’m pretty keen to learn so feel free to answer what you can.

Not who you asked, but did you ever hear of Valiant and their kernel level anti cheat.

This is not a 1:1 comparison but anticheat software running in the kernel has the ability to monitor all other processes due to its permission levels. It can monitor all scheduled tasks and infer from that information.

Drivers need similar access but for different reasons, they need access to os functionality a user would absolutely never be granted. This is because they interface directly with hardware and means when drivers crash, they generally don’t do it gracefully. Hence the BSOD loop and the need for booting windows without drivers (i.e. safe mode) and the deletion of the misconfiguration file.

Really don’t care much about my cv. This program is a great way to learn about the STIX protocol so no idea what you mean about “no actionable skills”. STIX is an interesting information sharing method, the program is well designed to educate the user on it and seeing the format it imports and exports data will teach me a buttload.

More to the point, maybe could you be less cynical and share some advice. I’m not going to flex my qualifications cos they’re mediocre but I’ve got smart people around me who just don’t know this particular program and I’m interested to hear from those who do.

Do you run this program at work or at home? Have you learned anything interesting from using it? Are there avoidable mistakes I could not repeat from hosting it? Answers to those questions would be very useful.

I dont see myself doing too much configuration with connectors to begin with which brings some of the difficulty down. I was asking to see if others run anything similar in their home configuration. I’ve met people who run MISP from home before so it sounded feasible to me.

I was also looking for the community aspect of this, I already knew they had a docker-compose config. I wanted to know who had attempted this before and what they’d learned, that sort of thing.

Eyyyy, I’m on Mint!

My bad, what linux distro you running?

Nice try Microsoft, I still don’t like your monthly “small” ui changes that hide the features I use and add extra “get copilot now” buttons

Been working on a malware analysis tool called AssemblyLine 4. I’m trying to set it up to collect artifacts from an s3 bucket and trigger alerts if malicious

Pretty sure it is, might just be their grammar.

I read it as “Godot, or DirectX (which my aim hallucinated is a game engine)”

git commit -m “if this doesn’t fix it I’m looking up availabilities at my nearest maccas”

Relevant xkcd

I did that last Christmas but the very next day, it gave it away. This year, to keep me from tears I’ll deditate it to something special.