Open in app

Sign in

Write

Sign in

My Accidental Security Training

Mark McWiggins
3 min readOct 16, 2024

© Mark McWiggins 2024

I had been trying to bring up a web server for weeks …

I had this working without issue before we moved but after we moved into this house about a month ago, I began to have all these weird problems with the web servers, including:

Apache

Caddy

lighthttpd

Flask

I had just settled on Flask for what I was doing and I started to get this weird error:

024–10–09 05:13:36,483 INFO: Press CTRL+C to quit

2024–10–09 05:13:36,485 INFO: * Restarting with stat

2024–10–09 05:13:36,676 WARNING: * Debugger is active!

2024–10–09 05:13:36,677 INFO: * Debugger PIN: 126–272–900

2024–10–16 01:34:46,507 INFO: WARNING: This is a development server. Do not use it in a production deployment. Use a production WSGI server instead.

* Running on http://127.0.0.1:5000

2024–10–16 01:34:46,508 INFO: Press CTRL+C to quit

2024–10–16 01:34:46,509 INFO: * Restarting with stat

2024–10–16 01:34:46,776 WARNING: * Debugger is active!

2024–10–16 01:34:46,879 INFO: * Debugger PIN: 138–218–162

I struggled like this for a couple of weeks and then finally figured it out: I was looking at the wrong level.

It looks like this:

Oct 16 01:36:49 cloudy-1717049581157-s-2vcpu-2gb-sfo2–01 vmunix: [87507.112913] [UFW BLOCK] IN=eth0 OUT= MAC=f2:56:59:a2:6d:5a:fe:00:00:00:01:01:08:00 SRC=45.79.132.41 DST=178.128.191.203 LEN=44 TOS=0x00 PREC=0x00 TTL=243 ID=54321 PROTO=TCP SPT=39589 DPT=25100 WINDOW=65535 RES=0x00 SYN URGP=0

Oct 16 01:37:13 cloudy-1717049581157-s-2vcpu-2gb-sfo2–01 vmunix: [87530.577689] [UFW BLOCK] IN=eth0 OUT= MAC=f2:56:59:a2:6d:5a:fe:00:00:00:01:01:08:00 SRC=118.193.32.119 DST=178.128.191.203 LEN=44 TOS=0x00 PREC=0x00 TTL=44 ID=0 DF PROTO=TCP SPT=41218 DPT=51234 WINDOW=1024 RES=0x00 SYN URGP=0

Oct 16 01:37:15 cloudy-1717049581157-s-2vcpu-2gb-sfo2–01 vmunix: [87532.450055] [UFW BLOCK] IN=eth0 OUT= MAC=f2:56:59:a2:6d:5a:fe:00:00:00:01:01:08:00 SRC=206.168.34.32 DST=178.128.191.203 LEN=60 TOS=0x00 PREC=0x00 TTL=54 ID=35414 DF PROTO=TCP SPT=38724 DPT=8055 WINDOW=21900 RES=0x00 SYN URGP=0

Oct 16 01:37:15 cloudy-1717049581157-s-2vcpu-2gb-sfo2–01 vmunix: [87532.964977] [UFW BLOCK] IN=eth0 OUT= MAC=f2:56:59:a2:6d:5a:fe:00:00:00:01:01:08:00 SRC=3.141.165.160 DST=178.128.191.203 LEN=52 TOS=0x00 PREC=0x00 TTL=51 ID=4631 PROTO=TCP SPT=52158 DPT=37 WINDOW=65535 RES=0x00 SYN URGP=0

Oct 16 01:37:38 cloudy-1717049581157-s-2vcpu-2gb-sfo2–01 vmunix: [87556.205745] [UFW BLOCK] IN=eth0 OUT= MAC=f2:56:59:a2:6d:5a:fe:00:00:00:01:01:08:00 SRC=69.164.214.243 DST=178.128.191.203 LEN=44 TOS=0x00 PREC=0x00 TTL=243 ID=54321 PROTO=TCP SPT=60072 DPT=2542 WINDOW=65535 RES=0x00 SYN URGP=0

After a bit of spinning my wheels I finally got it figured out. I have two relatively simple Python programs working together to effectively produce a packet-filtering firewall.

This is on the Comcast network; previously we had a Verizon router and I never saw problems like this, meaning they had it all stopped on the back end.

In learning about this I have started applying for security officer jobs and I wanted to talk now about my thoughts of how to handle such a job:

(1) Make it clear to employees the low-probability but high-potential cost things they may be doing without thinking much about it: Clicking on links in email, picking up usb drive of unknown provenance and putting it into one’s computer, and other computer security issues.

For one example, my wife doesn’t seem to know how to move emails to automatically go to the spam folder … she’s also apparently been bad about clicking any link that comes her way.

A note on clicking links: the major browsers now will warn anyone listening that the link clicked isn’t the right one. But I had one experience watching some teenaged girls click through security warnings as if they didn’t exist!

(2) I have thought more recently about the physical security issues of the job: be aware of surroundings, especially at night; don’t walk near any one where I could be taken out with a simple attack.

Also I plan to take JuJitsu and I have a “tatical flashlight” that’s supposed to blind any attacker at least momentarily so that I could escape.

Thank you … if you know someone who may be interested in hiring me, please have them call me: 425–369–8286

Two computers, one with a nefarious looking individual with a fishing pole and a hook for the other.
Computer Security … getting it right is not for Amateurs!

Sign up to discover human stories that deepen your understanding of the world.

Free

Distraction-free reading. No ads.

Organize your knowledge with lists and highlights.

Tell your story. Find your audience.

Membership

Read member-only stories

Support writers you read most

Earn money for your writing

Listen to audio narrations

Read offline with the Medium app

Mark McWiggins
Mark McWiggins

Written by Mark McWiggins

7 Followers
5 Following

No responses yet

Write a response

What are your thoughts?

More from Mark McWiggins

Recommended from Medium

Lists

Staff picks

827 stories1648 saves

Stories to Help You Level-Up at Work

19 stories948 saves

Self-Improvement 101

20 stories3355 saves

Productivity 101

20 stories2818 saves

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams