Macphisto's comments

Tons of weird/fun stuff. Emacs is generally my primary tool.

- I work in Incident Response and use emacs and orgmode as a second brain for case notes. I log commands in orgmode and try to build my notes to make sure the investigation is a repeatable.

- For a good while I was using emacs/gnus as my email client. It wasn't without its warts but compared to Outlook it was glorious.

- I needed something to distract me during chemotherapy sessions so I wrote an NTFS MFT parser in emacs-lisp. It was a super dumb project but I'd been ages since I'd read through Carrier's file system forensics and it was good exercise.

- For a time I was using emacs and the emacs lisp request library to track bitcoin payments made in suspected extortion cases. It was fun to map until the transfers hit bitcoin tumblers then it my laptop basically lit on fire.

Every day for a large portion of the day. I use an org-capture template which lets me capture tasks and I keep all my notes in those tasks including proof-of-concept code, etc. I capture and schedule meetings through the same template which pre-populates things like space for a list of attendees, the agenda, after-meeting notes, and action items which become todos. I even track the amount of time I spend on each so I can fill out my timesheet as I'm in a field where we maintain billable work, etc.

All this to say it's a very flexible system and lends itself well to keeping notes.

The long and short of it is Zeek(used to be call Bro) provides session based analysis whereas wireshark is primarily packet based. With a few exceptions, they both generally do the same thing but in different ways. Zeek is at the bones, an event-based engine with a scripting language (think node-js but from the 80s!) - the scripting language is actually what provides the logs generated by Zeek.

One key aspect of Zeek is that it can be deployed within a network to passively generate logs. As an incident response consultant, the few times I've worked with a client with Zeek logs, our ability to answer some critical questions in short order was increased dramatically! Back in my Sysadmin days, I used to run Zeek (when it was called Bro) to provide network logs for security review but also for general network analysis.

You can definitely run a pcap capture by wireshark through Zeek. you'd run `zeek -r <yourpcap>` and you'll end up with some lovely TSV separated logs in your current working directory!

Full transparency: I'm not part of the Zeek team, but I did author the original Zeek scripting guide for them back in 2012 or so. For my money, the Zeek team is building some of the better network appliances and detection/logging capabilities available.

Nice utility!

Just a note:

28: exit("`curl` is requrired. Please install it")

org-mode is the gateway drug for emacs and in my opinion, one of the things that makes emacs great. A user, Carsten Dominik had a need for someone, hacked some elisp and it grew into something awesome. It's still one of my favorite pieces of software.

For browser-based authentication I use lastpass.

For servers, encryption keys, or really anything I want to keep safe but available to myself, I use Emacs, Org-Mode with org-crypt, and Dropbox. Any Org-Mode header tagged with :crypt: will be encrypted against my gnupg key.

Actually that's the strange thing. She's learned not only the specific funny quotes but she uses them in situationally-correct instances. When crashing two cars together, "Buckle your sphincters!". When I pull her out of the tub and she can't see because her massive amount if hair is in the way, "My lawyer will hear about this!" When she wants to make us laugh she puts both her claws up in the air and goes for a Zoidberg scuttle.

I've had to defend the fact that I let a three year old watch Futurama many a time. Mostly to people who would rather I show things like Dora (I don't like my kid yelling at the TV) or movies like The Little Mermaid (truly horrific from viewpoint of relationship modeling). Admittedly sometimes my kid walks around quoting Bender "Ass Ass Ass Ass Ass!" and it might one day get sent to the Principle's office but she also admires female star ship captains, recognizes hard work (fry and the holophoner), and naturally distrusts cephalapod doctors. There are a lot more issues I hope she can start to pick up like the value of friendship, that math is awesome and to never be without your doomsday device "for duck huntin'!"

Sorry for the tangent.

When my Daughter was born (now three) my wife insisted that I and everyone who has regular contact with her focus on her hard work and not simply say "you're soo smart!". It's tough to make that association but I think I've seen actual results from it. My daughter is about three weeks into ISR swim classes and I can see her shift into her "hard working" face even when she's a little upset or crying. She knows that she has to work hard (show visible effort) at staying calm or calming quickly or trying new things if she wants her reward (her favorite thing in the world: Futurama). It's one of the few developmental guidelines my wife has laid down and I've come around to see it as the most important because to be frank I didn't learn that lesson until WAY too late.