knoxa2511's comments

knoxa2511 | 2 years ago | on: Xzbot: Notes, honeypot, and exploit demo for the xz backdoor

Sysdig released a blog on friday. "For runtime detection, one way to go about it is to watch for the loading of the malicious library by SSHD. These shared libraries often include the version in their filename."

The blog has the actual rule content which I haven't seen from other security vendors

https://sysdig.com/blog/cve-2024-3094-detecting-the-sshd-bac...

knoxa2511 | 2 years ago | on: Ask HN: What did you buy or considering buying this Black Friday?

best life enhancing product i've gotten recently

knoxa2511 | 2 years ago | on: Privacy is priceless, but Signal is expensive

All things considered. Pretty impressive how cheap it is to run given the adoption of the Signal.

knoxa2511 | 2 years ago | on: Cisco Acquires Splunk

https://github.com/falcosecurity/falco

Like snort, but looks at system calls.

knoxa2511 | 2 years ago | on: Google “We have no moat, and neither does OpenAI”

I'm always shocked by how many people don't view branding as a moat.

knoxa2511 | 3 years ago | on: Golden Gate Bridge construction – and indignation (2012)

I'm pretty surprised to see all this bridge hate. I use the bridge multiple times a week to mountain bike or surf in north bay. I picked my spot in the city in part because of it's proximity to the bridge.

knoxa2511 | 5 years ago | on: SaaS Needs a Single Point of Purchase

The cloud providers are trying to solve this problem - more and more of our customers are purchasing through the marketplace. It allows them to drive down spend commitments to AWS, GCP, etc - it's a pretty good experience all around and enables usage based pricing + easy collections. Which is something all startups hate dealing with.

knoxa2511 | 5 years ago | on: America’s ‘Fried Chicken War’

Hard Knox is pretty great

knoxa2511 | 7 years ago | on: The rise and fall of the skills gap

Factfullness, one of the best books on Bill Gates summer reading list covers "the gap instinct"

Factfulness is . . . recognizing when a story talks about a gap, and remembering that this paints a picture of two separate groups, with a gap in between. The reality is often not polarized at all. Usually the majority is right there in the middle, where the gap is supposed to be.

To control the gap instinct, look for the majority.

Beware comparisons of averages. If you could check the spreads you would probably find they overlap. There is probably no gap at all.

Beware comparisons of extremes. In all groups, of countries or people, there are some at the top and some at the bottom. The difference is sometimes extremely unfair. But even then the majority is usually somewhere in between, right where the gap is supposed to be.

The view from up here. Remember, looking down from above distorts the view. Everything else looks equally short, but it’s not.

knoxa2511 | 7 years ago | on: Kubernetes on Google, Azure and AWS Compared

I've worked with 200-300 K8s customers and 30-40 openshift customers.

On K8s I typically see somewhere in the low 20s as the number of pods per node.

Openshift I'll see high 20s or low 30s as the average number of pods across most openshift customers. But we're seeing some crazy numbers for some larger enterprise customers. 100,400,2500 pods per node. This seems to be driven by the way openshift is licensing

The latter is an absolute nightmare to support, and they seem to have trouble organizing internally as well.

knoxa2511 | 7 years ago | on: Ask HN: Did any Show HN posts turn into successful startups?

Sysdig - https://news.ycombinator.com/item?id=7524144

Raised 68M last week, 100+ total overall - https://sysdig.com/press-releases/sysdig-closes-series-d-fun...

knoxa2511 | 7 years ago | on: Ask HN: Which companies have the best engineering culture?

I've always been impressed with the work coming out of etsy. Statsd is a great example - https://github.com/etsy/statsd

knoxa2511 | 7 years ago | on: Amazon EKS – Now Generally Available

Are docs available yet? The pages aren't working for me.

- https://docs.aws.amazon.com/eks/latest/userguide/what-is-eks...

Same with getting started guide - https://aws.amazon.com/getting-started/projects/deploy-kuber...

knoxa2511 | 8 years ago | on: Learn from your attackers – SSH HoneyPot

Reminds me of this Fishing for Hackers post https://sysdig.com/blog/fishing-for-hackers/

knoxa2511 | 9 years ago | on: Ask HN: What's your favorite HN post?

Fishing for Hackers: https://news.ycombinator.com/item?id=7705443

knoxa2511 | 10 years ago | on: Show HN: Canal – Policy based networking for cloud native applications

The big news here is at CoreOS Fest Berlin they announced that Calico and Flannel were combining projects to create Canal. The Canal project will be managed by a company called Tigera https://www.tigera.io/

Sorry, still probably early on the github page for Canal (Tigera). I'll see if I can find the slides online from the presentation today.

knoxa2511 | 10 years ago | on: Ask HN: Who is hiring? (May 2016)

Sysdig | Remote, Davis & San Francisco, CA

Our company offices are in San Francisco and Davis, CA, but our employees are based around the world. Many positions are available with the option to work primarily remotely.

What: Think of sysdig as strace + tcpdump + htop + iftop + lsof + awesome sauce. With state of the art container visibility on top.

If you want to know more, here are some blogs about using sysdig that went viral on HN in the past few months.

- https://news.ycombinator.com/item?id=11590146

- https://news.ycombinator.com/item?id=11159411

Roles: https://sysdig.com/jobs/

- Frontend Engineer

- Backend Engineer

- Linux/Systems Engineer

But regardless of your focus, if you are passionate about what you do and you are passionate about what we’re trying to do, just drop us an email at [email protected].

knoxa2511 | 10 years ago | on: Troubleshooting Kubernetes: How container metadata changes your point of view

Hi Kamilash! You need to have an agent installed on each physical node where kubernetes is running in the cluster. Let me know if you have any other questions!

knoxa2511 | 10 years ago | on: Tcpdump is amazing

Have you used sysdig? https://github.com/draios/sysdig

Its creator was one of the guys behind wireshark. They're pitching sysdig as strace + tcpdump + htop + iftop + lsof + ...awesome sauce.

They have csysdig which is similar to tshark

knoxa2511 | 10 years ago | on: ASK HN: Where can I find SQL datasets to practice

http://imdbpy.sourceforge.net/ Here's a great way to get the IMDB datasets, also http://www.imdb.com/interfaces