Author: mark_user

4-Hour Smoked Pork Ribs
Preparation
- Remove skin from back of ribs.
- Liberally coat ribs with apple cider and dry rub.
- Place ribs in pan. Cover pan with plastic wrap and place in frig 2 hours of time.
- In mean time, soak wood chips in water.
- Add coals 1/2 hour ahead to get grill temp to 250-275 deg.
Cooking Instructions:
- Place ribs on grill and cook for 2 hours. Add 1/2 wood chips @ the start and 1/2 @ 1 hour.
- Wrap ribs in aluminum foil. Add apple cider and cook for 1 hour.
- Remove foil and place ribs back on grill. Add BBQ sauce. Cook for 1 hour.
Keep ribs moist, spritz with water, or place pan on top coals and add water. Add charcoal every 30 minutes during cooking!

1 chimney = 300 deg with Chargriller Drum Barrel grill
October 15, 2024
Beer Can Chicken
Ingredient

4-5 lb chicken

Rub chicken skin with oil inside and out. Sprinkle with salt, pepper, and spices. Add butter under chicken skin. Place chicken on a can. Place can as far as possible from coals. Turn chicken every 15 minutes. Spritz skin, with water, to keep moist. Place a pan on top of coals and pour in some beer or water for added moisture.

Cook at 350 deg for 1 1/2 hour until 170 deg.
- 1 chimney = 300 deg for drum barrel Chargriller, about 1 1/2 chimney.
- 1 chimney = 450 deg for Weber, about 2/3 chimney.
October 15, 2024
Regulatory, Compliance, & Security Frameworks
Introduction

In the modern information age, there are numerous laws which affect the collection and storage of digital data. These laws often reference security standards that define specific methods of collection, the manner of storage, and other requirements that companies must follow. These regulations and laws are typically industry specific.

The primary purpose of these laws is to create a base line of rules for companies that collect data on consumers. They outline security protocols that must be followed to keep data safe. For example, a customer’s username and password must be encrypted.

These rules are collectively known as security frameworks, security standards, regulatory & compliance requirements, among other names.

Common governing laws
- GLBA (Gramm, Leach, Bliley Act) – Financial data.
- CFPB (Consumer Protection Financial Bureau) – Financial data.
- HIPAA (Health Insurance Portability Accountability Act) – Medical data.
- GDPR (General Data Protection Regulation) – European consumers.
- PCI DSS (Payment Card Industry Data Security Standards) – Financial data.
- ISO 27001 – Information Security Management Systems. – Federal data.
- FIPS (Federal Information Processing Standard) – Cryptography guidelines.
- FERPA (Family Educational Rights and Privacy Act) – Educational records.
Top cyber security frameworks (standards)
- NIST Cyber Security Framework (NIST CSF 2.0) – Most common.
- CIS Center Internet Security (Critical Security Controls).
- PCI-DSS – Payment Card Industry Data Security Standards.
- SOC2 – Systems and Organizational Controls. (Cert Pub Accountants).
- ISO 27001 – Information Security. Generally for Fed Agencies.
Best security practices (basic outline)

Each framework will provide exact details, but there is a lot of overlap. Here is a general list of what to expect.
- Governance & Risk
  - Maintain a risk assessment list. Update annually.
  - Establish a cyber security governance framework (NIST CSF 2.0 or CIS).
  - Ensure policies are written and enforced.
  - Establish supply chain risk management program.
- Identify & Access
  - Implement MFA, 12 character & password rotation.
  - Delete unused accounts.
  - Just in time access for elevated roles.
  - Written job descriptions & RBAC permissions.
  - Limit number of global administrators, no local administrators.
- Network & Infrastructure
  - Subnet the environment properly.
  - Conduct an annual firewall review.
  - Enforce internet filtering for end users (DNS filtering).
  - Create a golden image for new hosts.
  - Asset management (maintain a list of assets). Include cloud assets.
- Endpoint & Data Security
  - Create an approved software list.
  - Patch and vulnerability program.
  - Endpoint Protection (virus software, XDR/EDR).
  - Data Protection & Encryption (enforce at rest and in transit).
  - Application security (scan your code, pen testing).
- Continuous Monitoring & Response
  - Centralized logging & SIEM.
  - Integrate threat intel feeds & monitoring for zero day.
  - Make an incident response plan. Test with table top exercise.
  - Employee Training – phishing simulation.
- Business Continuity & Compliance
  - Backups & Disaster Recovery Plan
  - Application security testing.
  - Compliance mapping. Ensure controls meet SOC2, PCI, HIPPA, etc.
  - Executive reporting & metrics. (risk dashboard, audit results, etc.)
October 15, 2024
Copy Files to S3 Using AWS CLI Tools
Introduction to the AWS CLI

There are three methods to upload and download data to Amazon Web Services. You can use the command line (CLI), AWS SDK, or the S3 REST API. In this article, we will explore the command Line interface, and the most common commands to manage an S3 bucket.

The maximum size of a file that you can upload by using the Amazon S3 console is 160 GB. The maximum bucket size is 5TB. You can not use s3api on files uploads larger than 5GB. Command line tools can achieve upload speeds greater than 7 MB’s. But, you can go even faster if you turn on acceleration. It is not recommended because an additional cost will be incurred.

Common switches
- –dryrun = test what files would be uploaded, prior to running command.
- — summarize = include a total at the bottom of the output.
- — human-readable = show files sizes in Gb and not Bytes.
- –output text = format the output on separate lines
- –content-type=text/plain = Tell aws the upload data is text data (not video or other).
- –recursive = show full file path
- –exclude – leave out certain files.
- –include = include certain files.
- –delete = this flag is needed to remove any files.
- –meta-data = Use this flag to upload custom data like the true MD5 hash
List contents of a bucket
```
aws s3 ls s3://bucket1/directory1/directory2/ --summarize --human-readable
```
Copy a single file

If the file is large, the cp command will automatically handle a multi-part upload dynamically. If the full path is not present, it will create it automatically in the s3 bucket.
```
aws s3 cp ~/test.txt s3://bucket1/dir1/dir2/ --human-readable 
```
Copy multiple files from a local directory

There are two commands that can be used to copy multiple files. Use sync or cp with the –recursive switch.
```
aws s3 sync ./test/May s3://bucket1/May/ --human-readable --summarize
```
OR
```
aws s3 cp ./test/May s3://bucket1/May/ --recursive --content-type=text/plain
```
Copy only files with .sum extension
```
aws s3 sync ~/dir1/ s3://bucket1/dir1/ --exclude '*' --include '*.sum' --dryrun 
```
Copy a directory and exclude two files
```
aws s3 sync ~/dir1/ s3://bucket1/dir1/ --exclude 'file1.txt' --exclude 'file2.txt'
```
October 11, 2024
Run a Script using Windows Task Scheduler
Begin

By default, a task will only run when a user is logged in. If you want to run a task after hours or over night, you will need to select “run whether the user is logged in or not” and “run with highest privilege’s”, so it runs in admin mode. Finally, you will need to add the user to the local admin group.

Some blog posts will say, you still can get a task to run if a regular user is not logged in. You can add the user to the local security group policy under “logon as a batch job” by going to secpol.msc, security settings, user rights assignment, logon as batch job, and add the user. I tested this multiple times and could not get this method to work when attempting to run a PowerShell script. Perhaps, this only works for true batch scripts.

Let’s assume, I want to run a PowerShell script every hour of every day (i.e. 24 x7). First, check if your user is a local administrator. Go to Computer management, system tools, local users and groups, administrators. Verify he is included.

Run the task scheduler and select create a task.

General Tab

Configure the Name, User account, Run whether the users is logged on or not, and Run with highest privileges, as it needs to run in admin mode when the user is logged out. Next, select Configure for Windows 10.

Triggers Tab

Select to run starting at 1:00 PM, every hour, and verify the task is enabled.

Action Tab

The script must be stored under the local user’s profile to get it to execute!! i.e. C:\users\username\tasks\yourscript.ps1.

Program: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Argument: -nologo -ExecutionPolicy Bypass -windowstyle Hidden -file C:\Users\user1\scripts\report.ps1

Common PowerShell arguments are:
- -NoProfile, meaning do not load the users profile (use when you have custom setting in the script).
- -ExecutionPolicy Bypass, means allow the script to run with no conditions (i.e. it is not signed).
- -Windowstyle Hidden, means do not display the PS window.
- -nologo, means to suppress the PS copyright info when PS starts (provides a cleaner process).
- -file /path/filename.ps1, enter full path to your script.
Conditions Tab

Make no changes.

Settings Tab

Make no changes. Do not enable “if task fails. then restart”. If your password expires, it will keep locking your AD account.
October 11, 2024
Split Text Data into Columns Using Microsoft Excel

Split out data from Excel

A common task to perform is when you have data in a text file and you need to copy and paste the data into excel and then split the date into columns. Unfortunately, when you do this it will put all the date in a single column. You have to then split out the date into columns using the below method.

Process

Highlight and copy date from notepad.

Paste data into excel. All data will be pasted into the first column only!

Select data, text to column, delimited, and then next.

Select the items you want to use as separators, usually tabs and spaces. Then hit next or finish.

October 10, 2024