Sample proof of address letters

So I went back to Hasan's reaction to Noah's video "Genocide Denial Streamers", and decided to check Destiny's reply to Noah, to better understand his arguments and see if he highlighted anything that was skipped or poorly covered.
He doesn't.
He skips practically Noah's entire video, jumps straight to the end, then latches on to a few comments Noah made to say "SEE??? HE SAYS I'M RIGHT!!!" and that's it.
Here's the link to Destiny's video: https://youtu.be/Fo1z4qRxaSU
Look at the 50:25 mark. After only watching the first few minutes of Noah's video, he starts skipping through most of it, to the very end (from roughly the 4:10 mark to the 37:48 mark on Noah's video, which is less than 45 minutes long).
At the 51:37 mark he gets bored of listening to Israeli veterans gleefully describing how they massacred innocent Palestinians and sais, I kid you not, "every time you get these interviews with one person, always look up, like, who is the interviewer, who's talking, what the fuck is this even about, **because I don't trust any of this shit now**" (fun fact: he does none of that).
At the 52:35 mark he says, very angrily, that Noah and every other progressive should refrain from talking about genocide, ethnic cleansing, apartheid and "any other weird fucking buzzwords that we want to throw around because the actual facts on the ground are too boring, I guess" (he also claims the Palestinian famine the UN, Finkelstein and other scholars & public figures have been denouncing is fake).
At the 54:34 mark he takes Noah's comment, that he's technically right when he says that killing civilians isn't the same as genocide, as proof that he was right about everything and Noah's entire video (that, lets remember, he didn't watch, except for bits of the intro and the outro) was a waste of time.
There's Divorcelli's intellectual might: He lambasts Noah without ever actually addressing the things he says and skips his entire video to do so, then grabs onto the smallest sarcastic concession to claim he was right all along. Most of the video isn't even about what he's supposedly responding to, it's just him trying to intellectualize his nonsense.

So essentially I filed as soon as I got my w2, ignored the verification letter for a month then verified in person, while later my return was accepted and a check was sent on april 12th. Check was redirected back to the IRS on April 22nd and a new check is being sent today, may 16th
Here's are the issues:

1. I filed under a different address than my current residence, however I changed my address with my employer and put in a change of address with the USPS roughly 10 days before the first check was sent. My new address is on fact visible on my transcripts.
   
2. The IRS agent I met with last week couldn't tell me for sure if I'd get a check sent to the right place even though he saw the new address on my irs profile
   
3. I never requested a check, is there any way to reverse this since I asked for direct deposit?
   

I just wanna know if I'm screwed until 2025 for this check or if they'll make the obvious distinction between current and previous address and send it to the right place. I've been waiting 4 months now for this simple tax refund to be done with and I wanna know if anyone here has gone through anything similar.

Cisco Router Security
What are the two access privilege modes of the Cisco router?
User EXEC Mode: This is the initial access mode for a router. In this mode, the user can access only a limited set of basic monitoring commands.
Privileged EXEC Mode: This mode provides access to all router commands, such as debugging and configuration commands. It requires a password for access to ensure security.
What is the approach for password for the privileged mode of the router?
enable secret [password]
uses hashing algorithm so that the password is not in plain text but encrypted
How to ensure that all passwords in the router are stored in the encrypted form?
service password-encryption
What is the difference between the Cisco router’s startup and running configurations?
How to save the running configuration into start up configuration?
Startup Configuration: Stored in the NVRAM, this configuration is used to boot the router. It remains unchanged until an administrator explicitly saves the running configuration to it.
Running Configuration: Held in the router’s RAM, this configuration is active on the router. Changes to the router’s configuration are made here and are effective immediately.
Know and be able to configure all aspects of the Cisco router covered in class. For example,
configuring the router interfaces, setting the router OSPF ID, etc.
enable
configure terminal
hostname MyRouter
interface GigabitEthernet0/0
ip address 192.168.1.1 255.255.255.0
no shutdown
exit
interface Serial0/0/0
ip address 10.0.0.1 255.255.255.252
clock rate 64000
no shutdown
exit
router ospf 1
router-id 1.1.1.1
network 192.168.1.0 0.0.0.255 area 0
exit
enable secret mysecretpassword
line console 0
password myconsolepassword
login
exit
line vty 0 4
password myvtypassword
login
exit
crypto key generate rsa
ip ssh version 2
ip ssh time-out 60
ip ssh authentication-retries 2
ip route 0.0.0.0 0.0.0.0 192.168.1.254
access-list 10 permit 192.168.1.0 0.0.0.255
access-list 10 deny any
Practical Routing, OSPF, and Security
What is the difference between static and dynamic routing?
Static Routing: Involves manually setting up routes in the router's routing table through configuration commands. These routes do not change unless manually updated or removed. Static routing is simple, secure, and uses less bandwidth but lacks scalability and flexibility.
Dynamic Routing: Automatically adjusts routes in the routing table based on current network conditions using routing protocols. This approach allows for more flexibility, scalability, and fault tolerance, but consumes more resources and can be complex to configure.
What is the difference between link state and distance vector routing?
Distance Vector Routing: Routers using distance vector protocols calculate the best path to a destination based on the distance and direction (vector) to nodes. Updates are shared with neighboring routers at regular intervals or when changes occur. This approach can lead to slower convergence and issues like routing loops.
Link State Routing: Each router learns the entire network topology by exchanging link-state information. Routers then independently calculate the shortest path to every node using algorithms like Dijkstra’s. This results in quicker convergence and fewer routing loops.
Distance Vector Routing: Each router computes distance from itself to its next immediate neighbors. (RIP, EIGRP, & BGP)
-Does not build a full map of the network
-Focuses more on the next hop towards the destination
Link State Routing: Each router shares knowledge of its neighbors with every other router in the network. (OSPF and IS-IS)
-Builds a full map of the network
-Each router shares information
-Maintains a database of the entire network.
Give an example of the distance vector and link state algorithms.
Distance = RIPLink State = OSPF
What type of protocol is Routing Information Protocol (RIP)? Be able to understand
examples and solve problems.
Example of a distance vector protocol
dynamic protocol
-shares routing info with neighboring routers
-an interior gateway protocol that operates within autonomous system
-oldest of all dynamic protocol; RIPv1
-widely used open standard developed by IETF
-a distance vector routing protocol
-limited to maximum 15 hops;

 how rip works -rip sends regular update message (advertisements to neighboring routers) 

-every 30 seconds that resets after each successful ack
-route becomes invalid if it has not received a message for 180 seconds
-RIPv1 (obsolete) uses broadcast, while RIPv2 uses a multicast address -Update message only travel to a single hop
downside : limitations, each router in its table can only have one entry per destination. Have to wait for advertisement for an alternative path, cannot reach hops 15 paths away, little to no security.
What type of protocol is Open Shortest Paths First (OSPF) protocol? Be able to under-
stand examples and solve problems.

• an interior gateway protocol that operates within autonomous systems to build a full map of the network.
  
• widely used open standard developed by IETF
  

-a link state routing protocol

 intra as routing with RIP 

What is the Link State Advertisement (LSA) in OSPF? What is the Link State Database
(LSDB)?
-LSA contains data about a router, its subnets, and some other network information.-OSPF puts all the LSAs from different routers into a Link-State Database (LSDB)
The goal of OSPF is to be able to determine a complete map of the interior routing path to be able to create the best route possible.
The way this is done is that OSPF finds all the routers and subnets that can be reached within the entire network. The result is that each router will have the same information about the network by sending out LSA.
How does each router in OSPF create a map of the entire network?
Step 1 : Acquire neighbor relationship to exchange network information.
Step 2: Exchange database information, neighboring routers swap LSDB information with each other
Step 3: Choosing the best routes, each router chooses the best routes to add to its routing table based on the learned LSDB information.
What is the process for two OSPF routers to become neighbors?
A. a neighbor sends out a Hello packet including the router ID along with subnets that it routes to the given multicast address to a given OSPF area ID.

this is also a way for routers to tell neighbors that they are still on and good to go. 

B. Once other routers receive this packet, they run some checks. The neighboring routers must match the following requirements:
-area id needs to be the same (also used when scaling up OSPF)
-the shared or connecting link should be on the same subnet.
-The Hello and dead timer must be the same.
-the dead timer is having enogh time before the sending router assumes that the neighbor is down.
-this timer is typically 10 secs for point-to-point and broadcast networks.
C. If all is fine, the receiving router will go into Init stage and sends a hello message of its own. This Hello packet list its own network info along with the known neighbor R1. This puts R1 into a 2-way communication status.
D. R1 sends another Hello message to R2 with the information as a known neighbor. This allows the R2 now with a 2-way communication status as well.E. We now have a 2-way neighboring routers
What is the difference between point-to-point and multi-access networks? How does OSPF
handle each case?

Point-to-Point: A network setup where each connection is between two specific nodes or devices. OSPF treats these links with straightforward neighbor relationships since there are only two routers on each segment. 

Multi-Access Networks: Networks where multiple routers can connect on the same segment, such as Ethernet. OSPF uses a Designated Router (DR) and a Backup Designated Router (BDR) on these types of networks to reduce the amount of OSPF traffic and the size of the topological database.
DR selected by the highest OSPF prio.
Be able to configure OSPF routing given a topology.
–
Example:
Consider a topology with three routers R1, R2, and R3. The routers
are connected R1 =⇒R2 =⇒R3 =⇒R1.
R1 has interface f0/0 connected to the
interface f0/0 of R2. R2 has interface f0/1 connecting to the interface f0/0 of R3.
Finally R3 has interface 1/0 connecting to the interface 1/0 of R3. Assuming all
routers are Cisco 7200 routers, configure them to use OSPF to dynamically route in
this topology (you will be given the Cisco router manual for such questions).
•
R1enable
configure terminal
hostname R1
interface FastEthernet0/0
ip address 192.168.12.1 255.255.255.0
no shutdown
exit
interface FastEthernet1/0
ip address 192.168.31.1 255.255.255.0
no shutdown
exit
router ospf 1
router-id 1.1.1.1
network 192.168.12.0 0.0.0.255 area 0
network 192.168.31.0 0.0.0.255 area 0
exit
end
write memory
R2enable
configure terminal
hostname R2
interface FastEthernet0/0
ip address 192.168.12.2 255.255.255.0
no shutdown
exit
interface FastEthernet0/1
ip address 192.168.23.1 255.255.255.0
no shutdown
exit
router ospf 1
router-id 2.2.2.2
network 192.168.12.0 0.0.0.255 area 0
network 192.168.23.0 0.0.0.255 area 0
exit
end
write memory
R3enable
configure terminal
hostname R3
interface FastEthernet0/0
ip address 192.168.23.2 255.255.255.0
no shutdown
exit
interface FastEthernet1/0
ip address 192.168.31.2 255.255.255.0
no shutdown
exit
router ospf 1
router-id 3.3.3.3
network 192.168.23.0 0.0.0.255 area 0
network 192.168.31.0 0.0.0.255 area 0
exit
end
write memory
How does OSPF authenticate packets to protect against packet spoofing and tempering?
Be able to enable it a Cisco router.
OSPF (Open Shortest Path First) can authenticate packets to protect against packet spoofing and tampering using several methods. The two main types of authentication are:
Plain Text Authentication: This is simple and provides minimal security. It sends the password in clear text.
Message Digest 5 (MD5) Authentication: This provides stronger security by using cryptographic hash functions to authenticate OSPF packets.
Plain textenable
configure terminal
interface FastEthernet0/0
ip address 192.168.12.1 255.255.255.0
ip ospf authentication
ip ospf authentication-key cisco123
no shutdown
exit
router ospf 1
router-id 1.1.1.1
network 192.168.12.0 0.0.0.255 area 0
area 0 authentication
exit
write memory
MD5enable
configure terminal
interface FastEthernet0/0
ip address 192.168.12.1 255.255.255.0
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 securepassword
no shutdown
exit
router ospf 1
router-id 1.1.1.1
network 192.168.12.0 0.0.0.255 area 0
area 0 authentication message-digest
exit
write memory
Network Defense Fundamentals
•
What is IP spoofing? Explain.
-The ip packet contains the source and destination Ip addresses.-Is it straightforward to modify the ip address of the packet.
-IP Spoofing: sender chagrin his source address to something other than his real address.
How can IP spoofing be used in security attacks?
-If the attacker sends an Ip packet with a spoofed IP, they will not receive a response form the destination: the machine with the IP matching the spoofed IP will receive the response.Ip spoofing operation - the sender spoofs the source IP address to point to another target. The receiver system replies to the spoofed IP.
•
What are the countermeasures to IP spoofing?
Ingress and Egress Filtering: Network operators should implement filtering rules on routers and firewalls to block packets with source IP addresses that should not originate from those networks. Ingress filtering blocks incoming packets with a source IP address that is not valid for the network, while egress filtering blocks outgoing packets with an invalid source IP address.
Reverse Path Forwarding (RPF): This technique ensures that the incoming packets are received on the same interface that the router would use to send traffic back to the source. If the path does not match, the packet is discarded, preventing spoofed packets from passing through.
IPsec (Internet Protocol Security): IPsec can be used to authenticate and encrypt IP packets, ensuring that they come from legitimate sources and have not been tampered with. This makes spoofing attacks significantly more difficult.
How can IP spoofing be used to perform DoS attacks?
IP spoofing is often used in Denial of Service (DoS) attacks to obscure the attacker's identity and to overwhelm the target with traffic from what appears to be multiple sources. One common type of DoS attack that utilizes IP spoofing is a Smurf Attack. In a Smurf Attack, the attacker sends ICMP (Internet Control Message Protocol) echo requests to broadcast addresses of networks, with the source IP address spoofed to that of the victim. The devices on the network respond to the echo requests, sending replies back to the victim's IP address. This amplifies the traffic directed at the victim, potentially overwhelming their network and causing a DoS condition.
•
Know how to use
hping3
for performing ping floods.
Using hping3 to perform ping floods involves sending a high volume of ICMP Echo Request packets to a target to overwhelm it.basic ping floodsudo hping3 -1 --flood [target_IP]
Using spoofed source ipsudo hping3 -1 --flood -a [spoofed_IP] [target_IP]
Controlling the Packet Sending Rateo hping3 -1 --flood -i u1000 [target_IP]Combining sudo hping3 -1 --flood -a 10.0.0.1 -i u1000 192.168.1.1
Firewalling
What is a firewall?
a filtering device on a network that enforces network security policy and protects the network against external attacks.
According to NIST SP 800-41, what are the characteristics of a firewall?
NIST standard defines the possible characteristics that a firewall can use to filter traffic.
-(IP Address and Protocol type) filtering based on source/destination IP address/ports, traffic direction and other transport layer characteristics.
-(Application Protocols)controls access based on application protocol data
-(User identity) controls access based on user identity
-(Network activity)
What are the limitations of the firewall?
Firewall capabilities: -Define a traffic chokepoint in the network and protects against IP spoofing and routing attacks
-Provide a location for monitoring the security events -Provide non-security functions: loggin internet usage, network address translation-Serve as platform for VPN/IPSec
Firewall limitations:-protect against attacks bypassing the firewall, connections from inside the organization to the outside that do not go through the firewall.-protect against internal threats such as disgruntled employees.
What is a packet filter firewall? Be able to write and interpret rules and to spot configu-
rationflaws.
Packet filtering firewall : applies a set of rules to each packet based on the packet headers.Filters based on: source/destination IP, source/destination port numbers, IP Protocol Field:defines the transport protocol, Interface : for firewalls with 3+ network interfaces, the interface from which the packet came from/going to
•
What is the difference between the default and allow and default deny policies? Which
one is the more secure one?
-when no rules apply to a packet, a default rule is applied: default deny : what is not explicitly permitted is denied default forward : what is not explicitly denied is allowed
default deny is more secure, you dont have to identify all of the cases that needs to be blocked, if one is missed, default deny will deny it.
Port 0-1023 reserved
1024-2**17 ephemeral
source port used by the system initialiatizng a connection is always chosen from the ephemeral ports
Be able to configure the packet filtering functions of iptables.
–
Example:
Write iptables rules to block all ICMP traffic to and from the system.
iptables -A INPUT -p icmp -j DROP
iptables -A OUTPUT -p icmp -j DROP
Example:
Write iptables rules to block all traffic on port 22
iptables -A INPUT -p tcp --sport 22 -j DROP
iptables -A OUTPUT -p tcp --dport 22 -j DROP
–
Example:
Write iptables rules to block traffic to host 192.168.2.2
iptables -A OUTPUT -p tcp --dest 192.168.2.2 -j DROP
iptables -A INPUT -p tcp --src 192.168.2.2 -j DROP
What are the limitations of the packet filter firewall?
-does not examine upper layer data : cannot prevent attacks that employ application specfic vulnerabilities or functions.cannot block application specific commands.
•
What is the stateful firewall and how does it compare to a packet filter?
A stateful firewall is a network security device that monitors and tracks the state of active connections, making decisions based on the context of the traffic. Unlike a simple packet filter, which examines individual packets in isolation based on predetermined rules, a stateful firewall keeps track of connections over time, distinguishing between legitimate packets that are part of an established session and potentially malicious ones. This contextual awareness allows it to block unauthorized connection attempts and prevent attacks such as spoofing and session hijacking. While packet filters, or stateless firewalls, operate faster and consume fewer resources by applying static rules to each packet independently, they lack the sophisticated traffic pattern handling and enhanced security provided by stateful firewalls.
•
What is the application-level firewall? What are its advantages and limitations?
An application-level firewall, also known as an application firewall or proxy firewall, operates at the application layer of the OSI model. It inspects and filters traffic based on the specific application protocols (e.g., HTTP, FTP, DNS) rather than just IP addresses and port numbers. limitations : increased communications overhead due to two separate TCP connections

 and not transparent to the client 

Application-level gateways are also known as application-level proxies.
-act as a relay for the application-level traffic.
-runs at the application layer, and examines application-layer data
Supported ProtocolsFTPSTMPHTTP
What is a circuit-level firewall? What are its advantages and limitations?
-Similar to the application-level gateway, but only tracks the state of the TCP/UDP sessions.
-Does not examine application data , simply relays TCP segments
-Allow/deny decisions based on whether a packet belongs to an established and trusted connection
Advantage of circuit-level firewall -do not filter individual packets(simplifies rules)

-fast and efficient 

Disadvantages:

-do not filter individual packets -require frequent updates: traffic is filtered with rules and policies that need regular updates for new threats and risks -the vendor needs to modify the TCP/IP implementation for thor applications to use the circuit-level proxy. 

What are the different approaches to basing the firewall?

-stand-alone machines -software modules in roosters, switches, or servers, or pre-configured security appliances. 

What are the host-based firewalls?
Host-based firewalls: a firewall software module used to secure a single host.
What are the network device firewalls?
Network device firewall = routers and switches often have firewall functions, like packet filtering and stateful inspection, to check and filter packets
What are the virtual firewalls?
-in a virtualized environment, servers, switches, and routers can be virtualized and share physical hardware. The hypervisor that manages the virtual machines can also have firewall capabilities.
What is the DMZ? How is it used for securing networks?
A Demilitarized Zone (DMZ) in network security is a physical or logical subnetwork that contains and exposes an organization's external-facing services to an untrusted network, typically the internet. The primary purpose of a DMZ is to add an additional layer of security to an organization's local area network (LAN). By isolating these externally accessible services, the DMZ ensures that if an attacker gains access to the public-facing systems, they do not have direct access to the rest of the network.
How the DMZ Secures Networks
Isolation of Public Services: Services that need to be accessible from the outside, such as web servers, mail servers, FTP servers, and DNS servers, are placed in the DMZ. These services are isolated from the internal network, which helps protect the internal systems from attacks that may exploit vulnerabilities in the public-facing services.
Controlled Access: Firewalls are used to create boundaries between the internet, the DMZ, and the internal network. The firewall rules are configured to allow only specific types of traffic to and from the DMZ. For example, incoming web traffic might be allowed to reach a web server in the DMZ, but not to access internal systems directly.
Minimal Exposure: Only the necessary services are exposed to the internet. This minimizes the attack surface, reducing the number of entry points that an attacker can exploit. Internal systems and data remain protected behind the additional layer of the firewall.
Layered Security: The DMZ provides an additional layer of defense (defense-in-depth). Even if an attacker manages to compromise a server in the DMZ, the internal network is still protected by another firewall, making it harder for the attacker to penetrate further.
Monitoring and Logging: Activities within the DMZ can be closely monitored and logged. Any suspicious behavior can be detected early, and appropriate actions can be taken to mitigate potential threats before they impact the internal network.
Traffic Filtering: The firewalls between the internet and the DMZ, as well as between the DMZ and the internal network, can filter traffic based on IP addresses, ports, and protocols. This filtering ensures that only legitimate traffic is allowed and that malicious traffic is blocked.
-if attacker compromises a server on the network, they will be able to pivot to other systems on the network.
What are the advantages and disadvantages of having the two DMZ firewalls be from
different vendors?
Using different firewall manufacturers for the two firewalls maybe a good idea, avoids possibility of both having the same vulnerability but introduces more complexity and management overhead.
Be able to write pfSense firewall rules
Penetration Testing
•
What is penetration testing?
-legal and suthorzied attempt to locate and exploit vulnerable systems for the purpose of making those systems more secure.

pen testing, pt, hacking, ethical hacking, whitehate hacking, offensive security, red teaming 

What is the objective of the penetration testing?

Use tools and techniques used by the attackers in order to discover security vulnerabilities before the attackers do. 

What is the BAD pyramid?

The purpose of a red team is to find ways to improve the blue team, so purple teams should not be needed in an organization where the red/blue teams interaction is healthy and functioning properly. 

red attack
purple defender changes based off attack knowledge
blue defend
green builder changes based on defender knowledge
yellow build
orange builder changes based on attacker knowledge
Why are the penetration tests conducted?
-a company may want to have a stronger understanding of their security footprint.

-system policy shortcomings -network protocol weaknesses -network/software misconfigurations -software vulnerabilities 

What is the difference between penetration testing and vulnerability assessment?
-two terms often incorrectly ,interchangeably used in practice.
-vulnerability assessment : review of systems services to find potential vulnerabilities-penetration testing: finding an exploiting system vulnerabilities as proof-of-concept
What is the difference between black-box, white-box, and grey-box testing.
Black-Box Testing
Tester Knowledge: The tester has no knowledge of the internal structure, code, or implementation details of the system.
-lack knowledge of system
White-Box Testing
Tester Knowledge: The tester has full knowledge of the internal structure, code, and implementation details of the system.
-very thorough , but not completely realistic
Grey-Box Testing
Tester Knowledge: The tester has partial knowledge of the internal structure, code, or implementation details of the system.
What is the difference between ethical and unethical hackers?
-penetration testers, with proper authorization of the company, help improve the security of the company.
-unethical hackers, personal gain through extortion or other devious methods, profit, revenge, fame, etc. No authorization to conduct the attacks
•Ethical vs unethical hacking, penetration testers: obtain the authorization from the organization whose systems they plan to attack unethical hackers: attack without authorization.
Know the stages of penetration testing and the importance of following a structured ap-
proach.
–
Planning and Reconnaissance:
Planning: Define the scope and goals of the test, including the systems to be tested and the testing methods.
Reconnaissance: Gather information about the target, such as IP addresses, domain names, and network infrastructure, to understand how to approach the test.
Scanning:
Purpose: Identify potential entry points and vulnerabilities in the target system.
Methods: Use tools to scan for open ports, services running on those ports, and known vulnerabilities.
Gaining Access:
Purpose: Attempt to exploit identified vulnerabilities to gain unauthorized access to the system.
Techniques: Use techniques like password cracking, SQL injection, or exploiting software vulnerabilities.
Maintaining Access:
Planning and Reconnaissance:
Purpose: Ensure continued access to the compromised system to understand the potential impact of a prolonged attack.
Methods: Install backdoors or use other methods to maintain control over the system.
Analysis and Reporting:
Scanning
Purpose: Document the findings, including vulnerabilities discovered, methods used, and the level of access achieved.
Report: Provide a detailed report to the organization, highlighting the risks and recommending steps to mitigate the vulnerabilities.
Remediation:
Gaining Access
Purpose: Address and fix the identified vulnerabilities to improve the security of the system.
Action: Implement the recommended security measures from the report to protect against future attacks.
Retesting:
Maintaining Access
Purpose: Verify that the vulnerabilities have been successfully remediated.
Process: Conduct a follow-up test to ensure that the fixes are effective and no new issues have been introduced.
Importance of Following a Structured Approach
Consistency: A structured approach ensures that each stage is systematically followed, making the testing thorough and reliable.
Comprehensiveness: Following each stage helps identify and address all potential vulnerabilities, leaving no gaps in the security assessment.
Documentation: A structured method produces detailed documentation, which is crucial for understanding the security posture and for future reference.
Effectiveness: It ensures that the penetration test effectively mimics real-world attack scenarios, providing valuable insights into how an actual attacker might exploit vulnerabilities.
Risk Management: By identifying and addressing vulnerabilities, organizations can proactively manage security risks and protect their assets from potential attacks.
Example:
What is the difference between the passive and active reconnaissance?
•
Passive Reconnaissance
Definition: Gathering information about the target without directly interacting with the target system or network. The aim is to collect data without alerting the target.
Methods:
Publicly Available Information: Searching for information that is freely available on the internet, such as social media profiles, company websites, and news articles.
DNS Queries: Looking up domain registration information (WHOIS data), DNS records, and IP address ranges.
Network Traffic Analysis: Capturing and analyzing network traffic without sending packets to the target (e.g., using tools like Wireshark in a non-intrusive manner).
Search Engines: Using search engines to find information about the target, such as employee names, email addresses, and technical details.
Advantages:
Low Risk: Minimizes the chance of detection by the target because no direct interaction occurs.
Stealth: Suitable for the early stages of reconnaissance when the goal is to remain undetected.
Disadvantages:
Limited Information: May not provide as much detailed or specific information about vulnerabilities or configurations as active reconnaissance.
Active Reconnaissance
Definition: Actively engaging with the target system or network to gather information. This involves direct interaction, such as sending packets or probing the target.
Methods:
Network Scanning: Using tools like Nmap to scan for open ports, running services, and network topology.
Vulnerability Scanning: Running vulnerability scanners (e.g., Nessus, OpenVAS) to identify known weaknesses in the target systems.
Social Engineering: Directly interacting with individuals (e.g., phishing attacks) to gather information.
Probing and Enumerating: Sending specific queries or packets to the target to elicit responses that reveal information about the system (e.g., banner grabbing).
Advantages:
Detailed Information: Provides more detailed and specific information about the target's vulnerabilities, configurations, and active services.
Identification of Weaknesses: More effective in identifying exploitable vulnerabilities that can be used in subsequent attack phases.
Disadvantages:
Higher Risk: Increases the risk of detection by the target, which could alert them to the reconnaissance activity.
Potential Legal Issues: Unauthorized active reconnaissance can lead to legal repercussions if done without permission.
Summary
Passive Reconnaissance: Involves gathering information without direct interaction with the target, resulting in lower risk of detection but potentially less detailed information.
Active Reconnaissance: Involves direct interaction with the target to gather detailed information, but carries a higher risk of detection and potential legal consequences.
Both types of reconnaissance are essential in penetration testing to understand the target's environment and identify potential vulnerabilities while balancing the need for stealth and detailed information.
Be able to use the penetration testing tools discussed in class
nmap 192.168.1.1
nmap -sS -sV -O -A 192.168.1.1-sS: Perform a stealth SYN scan.
-sV: Detect service versions.
-O: Detect operating system.
-A: Perform aggressive scan (includes OS detection, version detection, script scanning, and traceroute).

Hi everyone - I used this sub to track down some information related to my N-400 application, and wanted to make sure I shared my timeline in case others may find it helpful.
3/4/24 - Submitted my N-400 application 3/4/24 - Notified of the biometric re-use 3/11/24 - Interview scheduled 4/29/24 - Interview/recommendation for approval/placed in line for oath ceremony 4/30/24 - Oath ceremony scheduled 5/16/24 - Oath ceremony
This was all through the Chicago office.
Interview was probably 25-30 minutes, of which 10 of that was spent answering questions and the tests. Most of the time the agent was completing paperwork on their computer, and trying to get around a glitch in the system.
Oath ceremony was today. 12:30 appointment time. 98 people from 32 countries. I'm sure it might be different from time to time, but the event went down like this. Elevator to the 25th floor and met at the courtroom by an employee. Guests asked to wait outside, 'candidates' allowed inside and sat down on one side of the room. One of the people would send row by row of people to get in line at the front of the courtroom; that line led to 3 USCIS employees. One checked me off a list and took my green card. Person in the middle took my paperwork and confirmed it was all there (for me that was my letter and the form for the day of attesting that I'm still not a habitual drunkard). Last person got my certificate and asked me to check the photo, name, country of birth, and birth date. Then asked to sit down in another section of the courtroom while everyone went through that process. This went from 12:30 until 1:15. At 1:15 they allowed guests in the room. Judge entered around 1:35 or so. USCIS agent addressed the court on everyone's behalf for the applications, judge accepted the order, and we're asked to stand and take the oath. We all sit down and the judge spent maybe 7-10 minutes talking through her family's immigration story and the roles and responsibilities of being American. I appreciated the fact it was sincere and not boilerplate. Judge left the room, USCIS employees handed out certificates.
There were some people there to take your completed voter registration application if you wanted. A lot of people mingled and you could go down a few floors for photos.
They asked several times at the beginning of the proceedings, and signs were posted outside the courtroom, that no photos or videos were allowed. All the new citizens complied but there were a handful of guests that did not. You could tell the USCIS employees were bothered by this but they didn't say anything.

For your final writing assignment, you will write a persuasive essay/letter to Teacher. The purpose of your letter should be to effect change at school for the future, whether it be next year or further into the future. Focus on problems or issues at school that you believe need to be addressed. You need to acknowledge the issue(s), come up with solutions, and then clearly explain how those solutions should be implemented. All solutions and implementation must be realistically achievable.
Your essay must be at least 3 pages long, double-spaced, 12-point font.
All essays will be printed out, signed, and delivered to Teacher . This is due Friday, May 17th, @ midnight.
NOTE: Your persuasive essay must be realistic. DO NOT WRITE A JOKE ESSAY. YOU WILL FAIL.
Important elements of persuasive writing to remember:

• Position: Writers need to clearly state their positions on their topics in order to persuade their readers. If a writer is not clear about his/her beliefs on the topic, s/he stands little chance of convincing someone else to make a change. In addition, when writers collaborate on a persuasive piece of writing, all involved must agree to support the same position. Sometimes writers even take a position they do not personally agree with and work to explain that position. You should emphasize this last point as students will be working in groups to develop their own persuasive letters. All students in a group must agree to adopt one single position in their letter.
• Attention to Audience: Writers need to adjust their writing based on their audience. This is especially true when the goal of the writing is to persuade the reader to take action. The writing style will be formal when the audience is a person in a position of authority and casual when the audience is a friend or family member. Illustrate the differences in formal and casual writing by asking students to consider the differences in the ways that they write notes (or emails) to their friends versus the way they would write a letter (or email) to the President of the United States.
• Factual Support: In order to be convincing, a persuasive piece of writing needs to include factual details. Provide students with examples of factual support (i.e., data, anecdotes, interviews, information from other sources such as newspapers and books, and so forth). Students will be using their own experiences and observations as factual support for their persuasive letters. (If you are interested in having your students practice this aspect of effective persuasive writing further, please see the extension activity focusing on Internet research following the lesson.)
• Effective Word Choice: Persuasive language is strong but appropriate. Writers need to choose words that are also descriptive and specific. An excellent example of effective word choice is Martin Luther King, Jr.'s "I Have a Dream" speech.
• Ethos: Ethos is the credibility to write. Discuss what gives a particular writer credibility to write a persuasive piece of writing. Give students examples of people who would be considered credible sources on particular topics (i.e., a doctor on health issues, a teacher on education, a government official on local political issues). Ask students to consider what gives them credibility to write about school issues.

Good afternoon Longs,
Great shareholder letter from Dr. JL today! But, I gotta chuckle regarding the CRC study being the number one priority. It reminded me of when Scott Kelly suddenly announced on some CC: "We are going be an Oncology company". Shareholders that heard the comment (including myself) were baffled. We have not seen any clinical trial animal or human that would have suggested anything of the sort. However, we were aware of some mice studies that were being conducted at MD Anderson (MDA). That study was a combo trial with LL/Keytruda, and somehow u/MGK2 or somebody found out or figured out the trial on mice was a CRC study. Sorry can't remember the details, but here we are again with Oncology being the front-runner for CytoDyn's priorities.
I am pleased with today's letter because it was obvious that Dr. JL is working with potential partners to further our clinical trial objectives. However, instead of a summer start for HIV Chronic Inflammation trial; we were told 2 phase II clinical trials would start before the end of the calendar year. The priority is the CRC trial and second is the HIV Chronic Inflammation trial.
I gotta ask: Why the a delay in starting any of the trials? There could be several reasons but IMO the partnerships being alluded to in the letter are the main reason for the delays. Dr. JL knows well and good that it is conventional wisdom to partner with BP to move forward on any trials. It is not the only way but most developmental drug companies (like CYDY) choose the conventional route and partner with BP to accomplish clinical trials.
According to the letter interest from 3rd party partners went up after the clinical hold was removed. But the MD Anderson CRC study was way long ago. It was during that time when Scott Kelly was able to state: "We are going to be an Oncology company". Keytruda is from Merck and we never heard the results of the trial at MDA. Just silence, and I am sure that we will not hear the Mice trial results for GBM that used a Merck drug either for some time. IMO, Merck has been here for some time and is not new to CYDY, or Leronlimab or the Long Acting LL.
Dr. JL moved the date out for initiating the trials to the end of 2024. Why? My impression of Dr. JL is he wants to get Leronlimab into patients in need ASAP. That would mean let us get the trials going ASAP, but we have no money to do it on our own. So why can't Merck just run the trials ASAP? They could! We just have to have a straightforward partnership agreement that would allow them to run the trials in return for potential revenue down the road. But is that intriguing?
From the letter: Research and development partnership opportunities are important to the Company as we search for cost-effective ways to further build out our product development portfolio. We have identified several such opportunities that we believe are intriguing, and anticipate finalizing agreements with these partners in the very near future. Such potential partnerships include an investigator-initiated pilot study of leronlimab in patients with Alzheimer’s Disease, and a project that will evaluate the use of leronlimab in patients living with HIV who are undergoing stem cell transplantation in a proof of cure study. Following lifting of the clinical hold, we have observed a significant increase in third parties that are interested in partnering with the Company. We will continue to review opportunities as they arise, given the potential for significant value return at little or no cost to the Company.
Look the investigator-initiated studies are "intriguing" and that will not cost CYDY much money at all. Just supplying the product. IMO pushing the beginning of the trial dates back from summer to end of 2024 is all about allowing for the intriguing negotiations to further develop. During that time several things will take place: Hopefully, we get the Alzheimer mice trial results done, which is more data on our ever-expanding indications that we have evidence on, not just a theory. The combo Stem-cell/LL study is a great way to create competition. Stem-cell companies like ATHX and MESO are non-drug companies and our direct competitors to any drug company. the stem cells that are devoid of the CCR5 molecule are very rare and stem-cell companies would have a hard time harvesting enough to build an adequate supply around. It's not sustainable. But a stem-cell supply pre-treated with LL is a different animal.
Essentially, Dr. JL wants to get LL in the hands of treating physicians ASAP, but he needs a little bit more time to expand the evidence that LL will work in multiple indications. in theory, we already know it has 90+ potential indications from ohm20's list. Plus, Dr. JL needs a little bit more time to show the true value of the Long Acting LL. Or Long Acting goes to LIVIMMUNE and CYDY/LL is part of a BO.
We know a BO announcement is not solid on just a list of theories. It works better when you list that positive clinical signals have been shown for MASH, CRC, mTNBC, PASC, HIV and a boatload of CCR5 published articles that implicate a slew of other indications. If Long Acting is included in the CYDY BO, then Dr. JL has to show some similar amount of evidence (Monkey data) and that would be accretive to the overall value of CYDY.
Merck quote at JP Morgan Healthcare conference in San Francisco: Merck CEO Rob Davis said at the 42nd Annual J.P. Morgan Healthcare Conference in San Francisco on January 8, 2024, that the company is open to deals of any size, but is not interested in large-scale acquisitions that would require combining workforces. Davis made these comments after the company's $680 million acquisition of Harpoon Therapeutics earlier in the day.
Fiercepharam interview with Merck CEO: https://www.fiercepharma.com/pharma/merck-still-market-deals-1b-15b-range-ceo-says
In the above link, Merck CEO says: “It’s gonna be a range of deals, but if you look in that $1 [billion] to $15 billion [range], that continues to be what we’ll look for,” Davis said. “We’ve also shown that not only are we very open to acquisition, we see collaboration as an important tool as well.”
If Merck is involved, then Dr. JL, Mitch, and Cyrus are going to do all they can to show evidence on multiple indications that will increase CYDY's valuation to $15 Billion or so. Basically, with CYDY's outstanding share count at or very near 1 billion shares that equates to $15 per share. The only reason we partner now is because the partner wants more evidence of clinical efficacy, but that partner is going to realize pretty quickly that if they wait too long the bidding war is going to cost them more than $15 Billion.
Good speed to the LONGS!

Forgiener, and have lost my bank card, and need to get a large amount of cash to last me until I can get a replacement. What's the easiest way for doing this? I can't use a number of the options I've used in the past due to not having proper proof of address as I'm in an Airbnb etc etc.
Is there currency exchange places I can pay via bank transfer or something?

I have to move soon. So, I’ll have to update my address with the DMV.
Will I have to submit documents (passport, two proofs of address) again, so my license keeps its Real ID status?
Or can I just simply update my address, without submitting those documents again (and my license will keep its Real ID status)?
California.
Thanks.

Here is what's happening, my fiance found a leak in our hot water, he found the leak by our heating element going out on our hot water heater. Well we called maintenance. We made them aware of the problem along with a few others such as, mold on the roof, and the tile around the shower needing a seal and molding. It was never sealed properly upon moving in. Also we wanted him to take a look at the roof because we had also noticed water in the wall one day after a hard rain. While checking the roof he stated the roof has absoulty no screw screwed down so basically we had tin just sitting on our roof for God only knows how long. So the work he did all together was 1.fix heating element (left a mess) 2. Corrected the bathroom wall to ceiling with caulk and some pieces of molding. 3. Put screws in our roof. He replaced the extremely outdated panel in the home as well. We have been at this address for 4 years and we barely ever call and bother them unless it's an emergency. If it's an easy fix my fiance will do it properly. Sidenote: this company never checked on our property after hutricane Sally. We have told them about a leak in the past they came to check and blew it off saying it was the condensation from our dryer, we have texts to prove. Also the hot water heater is outdated and I know is as old as four years for sure don't know how long it was there before us. They never check on the property and we have made the property value go up for sure with clearing of land and also landscape work and now a few weeks after they finally fix repairs, they sent us a letter stating because of the severity of the issues THEY ARE CHARGING US OVER 900 DOLLARS!? CAN THEY DO THAT? Please give me any advice. I won't be able to find another spot at what I pay here for what I get but this doesn't seem right or legal but I don't have money to take them to court I just want things to be fair and it doesn't feel like that's what's happening.

hi there!! i am hoping to get back into art journaling and i would love to recieve some new stuff for my collection while giving away some unused older things! im looking to give away 5 envelopes of stationery (i.e. washi tape samples, stickers, letter paper + envelopes, cards/postcards, assorted ephemera, etc.) in exchange for any of the items i just listed + any junk journaling supplies or unique items!
i'll pick 5 people in the comments to exchange with :) comment what themes you like!

For those of you who have sent demand letters.
A) did you send it to the correct address?
B) did you include a deadline? If so how long did you give?
C) did you proceed with SC? What were your results?

• Sony Music Group has sent letters to over 700 tech companies and music streaming services warning them not to use its content to train AI without permission.
  
• The company is concerned about unauthorized use of its content depriving it and its artists of control and compensation.
  
• Sony Music is safeguarding its intellectual property, which includes audio recordings, cover artwork, metadata, and lyrics.
  
• The letter asks recipients to provide details on how Sony Music's songs were used to train AI systems.
  
• Recent legislative efforts aim to address copyright infringement issues related to AI-generated content.
  

Source: https://techcrunch.com/2024/05/16/sony-music-warns-tech-companies-over-unauthorized-use-of-its-content-to-train-ai/

Hello all, I was recently offered a job from Scotiabank but the issue which came from pre-employment screening team was my work permit is expiring within three months but they require to have atleast 6 months of WP remaining. Although I have already filled for my extension like 3 months ago ( 6 months before my WP is expiring) and submitted them this proof. Also, submitted them the proof that my PR application is also in its final stage.
Been 4 days now since conveyed these letters but still no reply from their side. Has anyone been in this dilemma before and do you think they will hire me. my joining date is in 10 days...plz let me know what u all think

I (27F) last last winter (2022) wrote a long letter to my mom. I poured my heart into it, I cried the whole time writing it. I showed it to my husband to make sure I wasn’t being too mean in my writing towards my mom. I showed it to my stepsister to again make sure it was okay and made sense and to get emotional support (I’m Mexican and I didn’t want to push too far because i understand how deep generational trauma is and the parent child dynamic) I even showed it to my stepdad who immediately called me apologizing for the things I wrote in the letter (which I will get into in a moment) and was telling me about how he will divorce her (I didn’t want that and made me feel shitty) and explained why some scenarios ended up the way they did. Everyone encouraged me to send it. I was so confident that my mom was going to read it and drive over ? Write back? Call me. Something ! So I mailed it. (I mailed it because I instantly cry every time I try talking to her in person about not surface level things, it would of been easier getting words out especially when having to translate to Spanish)
In the letter I wrote about:
-Feeling emotionally neglected -the name calling my mom would do (calling me “retarded” and mimicking noises and movements of people with disability towards me among other things -My uncle being a pedo and scaring me into not saying anything to them, i later said something to a friend in HS who went to the counselor who called the police and I made up a person to protect my uncle, I was then grounded for over a year. -the carpet in my bedroom always being wet when it rained which is a lot where I live ruining my feet with a fungal infection that was just ignored (i understand it was a money issue but the hurt remains) -being yelled at for not cleaning everyday (I was the only child who would clean the kitchen and pick up leaves in the fall and stuff), sometimes she would clean again after I would do it. when asking to teach me how to do it better I would be ignored -asking her a question and being ignored -being blamed for high utility bills n being expensive for needing braces -my boyfriend in high school being suicidal when I would try to break up with him and hurting that I couldn’t go to them for help -saying that I tried to hit her to my step dad when I moved out of the way of her too quickly and making a scene about it leaving me confused -about the time she grabbed me by the hair and dragged me to the shower because I forgot to pick up the hairs I left in there after my shower -understanding that i understand she probably had a rough childhood and that all I wanted was a normal mother daughter relationship
That’s pretty much the gist among a bunch of other little things that really hurt me and I explained that it was hard to form a relationship with her in my adulthood and trust her with my kids until we addressed these things. I wanted to be acknowledged. Not even an apology really. But a conversation. I wanted to understand her more because I literally don’t know anything about her. We would never talk unless it was to eat dinner or clean something. I was always in my room during that time.
I waited a few weeks, my stepsister would visit them here and there and tell me how my mom appears sad? And maybe she needed more time.
A few months pass by I see my mom smiling in Hawaii having a good time.
At this point I’m in therapy because I’m losing hair from the stress of this and severely depressed.
Fall comes around and I finally go to visit with the encouragement of my husband, stepsister and stepdad. She acts like I’m not even there. This makes me angry. At one point my mom goes outside to smoke a cigarette im at the table with everyone and I start just talking about the hurts again, I say my mom is a narcissistic. My mom comes back inside. And for an hour. I’m complaining and she’s in the living room a few feet away saying absolutely nothing.
I leave feeling so weird. So lonely? We are now I’m 2024. I don’t have a relationship with her or my step dad really. I had to block her because she would go to Hawaii again and just living her life having a great time I was trying not to be bitter. Or angry. My step sister and step dad eventually started to question how legitimate my statements were (a lot of the meanness was when it was just my mom and I) it was so painful being misunderstood. Being told that that’s just the mom that I have. Being told that things were maybe my fault for having a problem with everything (I would always speak up when my parents would be racist and things)
I few months ago I did send her a text as a final effort. I asked why she never responded. If she wants to just leave this alone that’s okay and I will move on. And she told me that all that was on the letter were complaints. And told me about how when I was 20 I made a comment on a Facebook post about bad parenting and how everyone saw. About how embarrassed she was when people reached out to her. About how I wrote that I felt like I was in a dark environment. I didn’t know everyone saw it. I apologized for that. She told me to come over to talk because she personally has some complains about me. But she never acknowledged me. I didn’t want to go, to feel yelled at and again taken back to being a child getting yelled at.
I’m currently feeling grief. Mistrust to my family. Lonely. Jealous? About how my other siblings seem to be having a better time. How do I move on from feeling misunderstood. I feel like everyone is okay and I’m abandoned. I feel guilt for pulling my small family away from them from how hurt I am. Most times I’m okay until I see my stepsister at a family gathering that I’m never invited to. And then I’m back again to being a lonely child.

Heya! I posted this in /SanJose as well, but you happen to be in or around the South Bay, here are some fun things that are happening around here this week:

Thursday, 5/16

• Off The Grid Night Market Gordon Biersch (357 E. Taylor St., San Jose) 5-9 p.m. FREE Groove to music from San Jose Jazz while you sample over 50+ food trucks and brews at the inaugural event. (Runs through 7/11)
  
• Bay to Breakers Shakeout Sunnyvale Bay Trail (293-327 W. Caribbean Dr., Sunnyvale) 6 p.m. FREE Don your Bay to Breakers gear and run, jog, or walk to your own pace at this running series.
  
• Dwight Clark Legacy Series California Theater (345 S. First St., San Jose) 7 p.m. $30-$287 Along with lively conversations with current and former 9ers players, NBC Sports hosts a presentation of the Dwight Clark Awards.
  
• Drink and Draw Art Boutiki (44 Race St., San Jose) 7 p.m. FREE Bring out your inner artiste while you sip on a tasty beverage and enjoy the sound of Digging Sound Collect. Crayons, paper, pencils, and other utensils provided.
  
• Chris Porter San Jose Improv (62 S. Second St., San Jose) Thu 8 p.m., Fri 7:30 + 9:45 p.m., Sat 7 p.m. + 9:30 p.m. $22-$72 From NBC’s “Last Comic Standing,” and his Netflix special “Ugly and Angry,” this comedian has distinguished himself as a no-frills, no-sound cues, no puppets performer. (Runs through 5/18)
  
• Austin Nasso Rooster T Feathers Comedy Club (Address) Thu-Fri 8 p.m., Sat-Sun 7 p.m. $25 Admission, $35 VIP You may know this former Microsoft software engineer from his recurring appearances on “The Howard Stern Show.” (Runs through 5/19)
  
• Pressure Drop DJ Night Caravan Lounge (98 S. Almaden Ave., San Jose) 9 p.m. FREE Join DJs Norbert + Fuchsia for a night of punk, ska, reggae, soul, and R&B.
  

Friday, 5/17

• Salsa y Cerveza Garden at the Flea (1590 Berryessa Rd., San Jose) 5-9 p.m. FREE Learn to Salsa dance and browse flea market deals while you groove to Union Timbera and gnosh on bites from local food trucks.
  
• Movie Night in the Park: “Puss in Boots: The Last Wish” Meadowfair Park (Corda Dr. + Barberry Ln., San Jose) 6-10 p.m. FREE Bring your blanket + lawn chair, and enjoy lawn games, crafts, and food trucks as you watch one of the coolest, most stylish animated films from last year.
  
• SJBP - Bikers of the Caribbean Ride! Berryessa BART Station (958 Berryessa Station Way, San Jose) 7:30 p.m. FREE Dress like a pirate, or wear your street gear to join other bike enthusiasts for a 15-20 mile ride through North San Jose.
  
• Bay FC vs San Diego Wave FC PayPal Park (1123 Coleman Ave., San Jose) 7:30 p.m. $20-$196 After losses on the road to Chicago and Portland, our team returns home for a “Bay Area Unite” game.
  
• Sofia Niño de Rivera California Theater (345 S. First St., San Jose) 8 p.m. $49-$109 You may know this comedian as Mexico City’s “Woman of the Year” 2016, or from the Netflix dramedy “Club de Cuervos.”
  
• Dark Satellite + Orbit 17 + Dear Banshee Art Boutiki (44 Race St., San Jose) 8 p.m. $15 Advance, $20 Day of Show Bay Area indie rockers collide at a stellar showcase of prog, jazz, and otherworldly riffage.
  
• Alicia Villarreal San Jose Civic (135 W. San Carlos St., San Jose) 8 p.m. $39.50-$149 See the two-time Latin Grammy Award-winning singer for her “Donde Todo Comenzo” tour.
  
• Electric Feels: Indie Rock + Indie Dance Party The Ritz (400 S. First St., San Jose) 9 p.m. $15-$20 Advance, $25 Day of Show From MGMT to Vampire Weekend, alt-J to Hot Chip, dance along to your favorite indie tracks from yesteryear.
  
• Panacea + HRIF + Perarez Caravan Lounge (98 S. Almaden Ave., San Jose) 9 p.m. FREE Chunky riffs, ear-splitting growls, and dense-packed crowds fill one of the most intimate venues in the South Bay.
  

Saturday, 5/18

• Bored Teachers Comedy Tour California Theater (345 S. First St., San Jose) 3 p.m. and 7 p.m. $35-$55 Ring in the end of the school year with the No. 1 teacher comedians in the world performing skits and stand ups.
  
• Culture Night Market Discovery Meadow (180 Woz Way, San Jose) 4-10 p.m. FREE Featuring local vendors, food trucks, and businesses, to hoppin’ stage performances from Universal Grammar, Los Jefes, L James, Thatfool Al, Sutro, DJ Say, and Real Ignorant.
  
• All Out for Al-Nakba San Jose Peace and Justice Center (48 S. Seventh St., San Jose) 4 p.m. FREE Join community members and activists for a screening and discussion of Al Jazeera’s “Al-Nakba: The Palestinian Catastrophe 1948” documentary series as a part of Anti-War Action Network’s national week of action.
  
• Hey Girl! Sexy Slumber Party Splash Video Dance Bar (65 Post St., San Jose) 6 p.m. FREE before 7:30, $10 after Dress in your best pajamas or sexy sleepwear and dance along with fellow fems, femmes, and femme fatales to the tunes of local DJ Rogue Mermaid.
  
• Nate Jackson San Jose Civic (135 W. San Carlos St., San Jose) 7 p.m. $39.50-$200 You know he has to be funny, because his tour’s called the “Super Funny World Tour.” It’s just science.
  
• The ABBA Concert Experience Montgomery Theater (271 S. Market St., San Jose) 7:30 p.m. $39-$59 This family-friendly singalong show highlights the enduring success of one of the world’s most beloved pop supergroups.
  
• San Jose Earthquakes vs. Orlando City SC PayPal Park (1123 Coleman Ave., San Jose) 7:30 p.m. $22-$185 Join the Quakes for Vietnamese Heritage night, with special merch for sale, and limited items with purchase of a ticket.
  
• Take on Me: The Ultimate 80’s Party The Ritz (400 S. First St., San Jose) 8 p.m. $17-$20 Advance, $20 Day of Show Don your favorite hot pants and pastel colors for this celebration of synths and gated reverb drums.
  
• Nineteen Jazz Orchestra Art Boutiki (44 Race St., San Jose) 8 p.m. $25 Advance, $30 Day of Show Along with classic soul, jazz, and R&B, this local professional jazz group will be performing “Obama Suite,” composed by their their former trumpet player, the late Eric Bolvin.
  
• Nature of the Beast SJZ Break Room (310 S. First St., San Jose) 8 p.m. $25 Bay Area jazz legends return to the SJZ stage to perform select songs from Herbie Hancock’s discography.
  
• Dead River Rebels + American Standard + Akira XX Caravan Lounge (98 S. Almaden Ave., San Jose) 9 p.m. FREE DIY punk meets stoner rock at this showcase of local talent.
  

Sunday, 5/19

• Boogie Music Fest Downtown Campbell 10 a.m.-6 p.m. Saturday, 10 a.m.-5 p.m. Sunday FREE Admission Enjoy food, beer, and wine, plus artisan booths, a kids zone, and a funky “Best Dressed” contest, with live music on two stages both days.
  
• AAPI Pride Brunch Holiday Inn San Jose - Silicon Valley (1350 N. First St., San Jose) 11 a.m.-3 p.m. FREE Celebrate Asian American Pacific Islander History Month with local drag performers, poetry, Mahjong, and trivia games.
  
• Halfway to Halloween Rumble City Boxing (866 Park Ave., San Jose) 2-6 p.m. FREE From spooky wares to Halfoween artistry, check out local artist booths with live music and food.
  
• Homayoun Shajarian + Anoushiravan Rohani San Jose Civic (135 W. San Carlos St., San Jose) 5 p.m. and 9 p.m. Two legendary performers, one from Tehran and the other from Iran, blend Eastern and Western musical traditions.
  
• Jakob’s Castle + The Happys The Ritz (400 S. First St., San Jose) 7 p.m. $15 Advance, $20 Day of Show SoCal rock and ska royalty Jacob Nowell brings his sublime punk sensibilities to the stage.
  
• Sammy Obeid San Jose Improv (62 S. Second St., San Jose) 8:30 p.m. $30-$90 One of my favorite comedians of all time, Sammy’s been a part of the Bay Area comedy scene for the past two decades. Check out some of his bits on Instagram/TikTok!
  

Thanks so much for reading!

You can get this entire post emailed to you each week in my newsletter.
If you have other stuff you’d like people to know about, drop ‘em in the comments! 🙂

• Gregg

1. Build a Standout Personal Brand
Your personal brand is your professional identity online. Here’s how to build a compelling one:

• LinkedIn Profile: Ensure your LinkedIn profile is complete and up-to-date. Use a professional photo, write a compelling headline, and craft a summary that highlights your strengths and achievements.
• Portfolio Website: Create a personal website to showcase your work, especially if you’re in a field like design, writing, or software development.
• Social Media Presence: Be active on platforms relevant to your industry. Share insightful content, engage with industry leaders, and participate in discussions.

2. Optimize Your Resume and Cover Letter
Even though you want employers to come to you, having a polished resume and cover letter ready is crucial:

• Tailor Your Resume: Highlight skills and experiences that are in demand in your industry. Use keywords that recruiters search for.
• Craft a Compelling Cover Letter: Write a generic cover letter that can be easily customized for different employers, emphasizing your achievements and what you bring to the table.

3. Network Effectively
Networking is key in reverse recruiting. Here’s how to do it effectively:

• Attend Industry Events: Participate in conferences, webinars, and meetups. Make connections and follow up with them.
• Engage on LinkedIn: Connect with recruiters, join relevant groups, and contribute to discussions.
• Informational Interviews: Reach out to professionals in your field for informational interviews. This can often lead to job opportunities.

4. Leverage Job Boards and Professional Communities
Use platforms that can put you directly in front of recruiters:

• LinkedIn Jobs: Set your profile to “Open to Work” and fill out the preferences to attract the right recruiters.
• Industry-Specific Job Boards: Join platforms and forums specific to your field where employers actively search for candidates.
• Freelance Platforms: Websites like Upwork or Fiverr can also attract employers looking for long-term hires.

5. Showcase Your Expertise
Demonstrating your skills and knowledge can draw employers to you:

• Blog or Vlog: Start a blog or YouTube channel where you share insights about your industry.
• Public Speaking: Give talks at industry events or webinars.
• Publish Articles: Write articles for industry publications or platforms like Medium.

6. Get Recommendations and Endorsements
Social proof can significantly boost your attractiveness to employers:

• LinkedIn Recommendations: Ask colleagues, managers, or clients to write recommendations for you on LinkedIn.
• Endorsements: Request endorsements for your skills from your network.

7. Stay Updated and Keep Learning
Continuous learning and staying current in your field is crucial:

• Certifications: Obtain certifications relevant to your industry.
• Online Courses: Take courses to upskill and stay competitive.
• Read Industry News: Stay informed about trends and changes in your field.

I have a dataflow in Power BI consisting of multiple CSV files in a folder. One of the CSV file contains log entries compacted into a single column (LogHistory), with each entry separated by a tab. A new log entry starts with a date and time. I need to transform this data such that each log entry appears on a separate line while retaining the job number from JobNumber for each entry.
I’m a noob but back myself to use Python for this curious about what would be the best options.
Sample Data Below
JobNumber, LogHistory 12345, 08/02/2024 11:43:11 Alice Smith Status: PENDING -> LOST 15/11/2023 11:22:45 Bob Johnson Address Update: Old Address -> New Address 28/01/2022 15:20:25 Carol White Job Date: 24/12/2019 -> 28/01/2022 15/06/2020 13:49:16 Dave Brown Notes: Discussed project timeline with client.
Question:
I need help with transforming the data in Power BI to achieve a clean result with separate rows for each log entry. The desired columns are Date, Time, Editor, From, and To.
Requirements:

• Split each log entry into a separate line.
• Retain the job number for each entry.
• All transformations should ideally be within the Microsoft ecosystem without requiring an upgrade to Microsoft Fabric.

What is the easiest way to accomplish this transformation using Power Query or other tools available in Power BI?
I don’t have fabric capacity & currently no access to the original log history.
Any guidance or solutions would be greatly appreciated!

If you're tired of the traditional job hunting process, I have something that might interest you: reverse recruiting. Instead of chasing employers, imagine if they were coming to you! This post will walk you through the steps to position yourself in a way that attracts recruiters and employers to your profile. Let's dive in!
1. Build a Standout Personal Brand
Your personal brand is your professional identity online. Here’s how to build a compelling one:

• LinkedIn Profile: Ensure your LinkedIn profile is complete and up-to-date. Use a professional photo, write a compelling headline, and craft a summary that highlights your strengths and achievements.
• Portfolio Website: Create a personal website to showcase your work, especially if you’re in a field like design, writing, or software development.
• Social Media Presence: Be active on platforms relevant to your industry. Share insightful content, engage with industry leaders, and participate in discussions.

2. Optimize Your Resume and Cover Letter
Even though you want employers to come to you, having a polished resume and cover letter ready is crucial:

• Tailor Your Resume: Highlight skills and experiences that are in demand in your industry. Use keywords that recruiters search for.
• Craft a Compelling Cover Letter: Write a generic cover letter that can be easily customized for different employers, emphasizing your achievements and what you bring to the table.

3. Network Effectively
Networking is key in reverse recruiting. Here’s how to do it effectively:

• Attend Industry Events: Participate in conferences, webinars, and meetups. Make connections and follow up with them.
• Engage on LinkedIn: Connect with recruiters, join relevant groups, and contribute to discussions.
• Informational Interviews: Reach out to professionals in your field for informational interviews. This can often lead to job opportunities.

4. Leverage Job Boards and Professional Communities
Use platforms that can put you directly in front of recruiters:

• LinkedIn Jobs: Set your profile to “Open to Work” and fill out the preferences to attract the right recruiters.
• Industry-Specific Job Boards: Join platforms and forums specific to your field where employers actively search for candidates.
• Freelance Platforms: Websites like Upwork or Fiverr can also attract employers looking for long-term hires.

5. Showcase Your Expertise
Demonstrating your skills and knowledge can draw employers to you:

• Blog or Vlog: Start a blog or YouTube channel where you share insights about your industry.
• Public Speaking: Give talks at industry events or webinars.
• Publish Articles: Write articles for industry publications or platforms like Medium.

6. Get Recommendations and Endorsements
Social proof can significantly boost your attractiveness to employers:

• LinkedIn Recommendations: Ask colleagues, managers, or clients to write recommendations for you on LinkedIn.
• Endorsements: Request endorsements for your skills from your network.

7. Stay Updated and Keep Learning
Continuous learning and staying current in your field is crucial:

• Certifications: Obtain certifications relevant to your industry.
• Online Courses: Take courses to upskill and stay competitive.
• Read Industry News: Stay informed about trends and changes in your field.

Conclusion
Reverse recruiting can significantly streamline your job search by making you a magnet for employers. By building a strong personal brand, networking effectively, and showcasing your expertise, you can attract the right opportunities to you. Good luck, and may the best job find you!
Feel free to ask any questions or share your own tips in the comments!

So, I got this long term job for seventh graders at my old elementary school (the whole staff knows me and they’ll call me for jobs) for the last three weeks of school so you can imagine how that’s going. It hasn’t been going well, their teacher was basically their friend. There wasn’t a line of professionalism between student and teacher. When I first arrived the class was in disarray, and I had to change the seats around. The students were not happy at all, that I was changing things around. I’d give them book work, and they’d state that they wouldn’t do it because they already did it or that they never used that specific book.
I’ve been subbing there for five days now, and I’ve had teachers, the principal, Vice principal walk in to my class to address bullying or their defiance in completing assignments. I tried to address my fourth period the other day and was met w giggling and all of them talking over me, so I gave up and just sat back down. Today, they were complaining that they wanted to go with the teacher across the courtyard and how it wasn’t fair that they stayed with me. So I addressed this, and mentioned how it wasn’t fair on him to go out of his way and have half of the class with him during his prep period and sixth period till the end of the school year. I understand their frustrated with me and are annoyed I give them work but it’s my job. I had this girl say, “why do you have to call on other people to fix your problems”. I wrote a letter and addressed the constant walk ins as being a good thing but also a bad thing because the students see me as inadequate. I told this student how they refuse to listen to me so how can I solve these problems if they don’t care and she just rolled her eyes and kept asking the same question. Atp I was at my limit, and felt my face get red and my eyes start to water, so I stepped outside. I’m probably going to either get let go because they need someone who won’t waste other staffs time or I’ll just tell the office ladies I’ve known since I was a kid that I’m going to take another job.
I know I’m going to get some direct comments (that I will take to heart) saying that I should grow a backbone and I need to be firm or that this job isn’t for me. I’m 23 and got into this career because after graduating college, I wasn’t too sure what I wanted to do w myself. I know I should have a backbone, but I’m tired of the mockery and disrespect.

So I'm at the point where I've sent all the stuff like proof of address, license, everything. And some of its been approved, but a lot of it is just locked.
Do I have to buy their kit myself first or will they say to do that once I get fully accepted? I'm sort of confused. Any advice would be appreciated.
I guess I'm on the waiting list like everyone else, just wondering if it's something on my end.