Hello and welcome to the Friday, May 23rd, 2025 edition of the Sands Internet Storm Centers. Stormcast,

my name is Johannes Ulrich, and this episode brought you by the Sands.com certificate program in Purple Team Operations and is recorded in Jacksonville, Florida.

In Diaries today, I did a quick write-up on ensuring that you have resilient access

to your home or small business network.

That usually involves some kind of 5G satellite connectivity, which typically does not come with a publicly

routable IP address, so you must set up some kind of tunnel to an external jump post.

The one part I'm focusing on here is not what these of the mechanics of setting it up.

There are plenty of good guides there,

but how to secure that somewhat. This is an old problem. For example, in the good old days,

when people still did war dialing and such, some of the console servers in such were exposed,

were often, well, not as well monitored as some of the regular firewalls,

another perimeter devices. And similar things can happen here. If someone takes over that jump host, for example, they have often direct, no unauthenticated or weekly authenticated

access to your network. and that's a little bit

what is about I'm showing you a couple of scripts for example that make a little bit easier

to get alerts whenever someone logs in your jump host considering that this may happen during

network outages and that these systems,

particularly again, focusing on a small business here, a home network, you may not have sort

of the central logging infrastructure necessarily to collect an alert on all of the logs from

these systems. So please keep that in mind.

Don't build any tunnels into your network that bypass security controls without mitigating this with security controls around that tunnel.

Well, and yesterday actually, sadly, didn't make it into yesterday's podcast.

Didn't see it at the time it was recorded.

...