barely started

12 files changed, 438 insertions, 0 deletions

diff --git a/about/.description b/about/.description
new file mode 100644
index 0000000..eee24f1
--- /dev/null
+++ b/about/.description
@@ -0,0 +1 @@
+Who runs this place anyway?
diff --git a/about/faq.html b/about/faq.html
new file mode 100644
index 0000000..0ad0c1a
--- /dev/null
+++ b/about/faq.html
@@ -0,0 +1,3 @@
+<h2>Frequently Anticipated Questions</h2>
+<li><i>A question?</i></li>
+<p>Yes, that is a question. Nice one</p>
diff --git a/about/whereami.html b/about/whereami.html
new file mode 100644
index 0000000..ca1dc06
--- /dev/null
+++ b/about/whereami.html
@@ -0,0 +1,55 @@
+<p>
+Since you are on this page, you're presumably lost. That's ok. I don't really
+get all this stuff either. Let's start with some easy stuff.
+</p>
+<p>
+<i>You're on the Internet</i>. Known to some as a
+<a
+    href="https://en.wikipedia.org/wiki/Series_of_tubes">series of tubes</a>,
+but in reality much more complicated than it has to be.
+The way you get here is through a device you have at home called a router,
+which literally does what the name implies--it routes signals to where they
+need to go to make things go beep. In the 60s and
+70s, routers tended to be people-based and would spend their time plugging
+cables into and out of ports so calls could connect.</p>
+<img src="/static/human_router.jpg" />
+<center>
+    <i>Image of a switchboard courtesy of
+        <a href="https://en.wikipedia.org/wiki/File:Jersey_Telecom_switchboard_and_operator.jpg">
+        Wikipedia contributors</a>
+    </i>
+</center>
+<p>
+Fortunately, we figured out that was dumb and made robots do the job for us.
+Internet companies, governments, and anyone else with enough money and
+influence bought huge routers and hooked them all up to talk to each other.
+Then they convinced us all to go out and buy a router from our ISP of "choice"
+so we could all send cat pictures to each other seemlessly. We got rid of
+phones, replaced our phone with our IP address and email, just to ironically
+end up back at phones again. All of our devices serve, or at least can serve,
+as a router in some way, and all these little robots talking to each other
+makes it so you can get lost on some person's home page.
+</p>
+<p>
+In a way, you could say you've made it to my router. Not my home router of
+course--that one sucks. I'm mooching of someone else's, also known as a Virtual
+Private Server. These companies run whole bunch of servers, hook them up on a
+bulk connection and rent them out for people to run blogs about cats and porn
+sites.
+</p>
+<p>
+Precisely speaking, you are in a chrooted web server running on rented virtual
+machine in a server farm located roughly in New Jersey browsing the "about"
+directory on the "whereami.html" page.
+</p>
+<p>
+Less precisely, all that means is you're looking at some files I left in a directory
+at this address, and paid some people to host for me since local ISPs tend to
+be ridiculously expensive if you want to do anything besides host some private
+servers for you and your friends and family.
+</p>
+<p>
+A helpful tip, CRTL+W will close any webpage you don't like. Not that you
+wouldn't like this page... you did read all the way here through all that
+pedantry didn't you?
+</p>
diff --git a/about/whoami.html b/about/whoami.html
new file mode 100644
index 0000000..0394a8b
--- /dev/null
+++ b/about/whoami.html
@@ -0,0 +1,79 @@
+<p>Last I checked:</p>
+<code>
+$ whoami
+mjf
+</code>
+<p>There's a lot of ways to go about this question, honestly.</p>
+<p>I could start with my name, but that doesn't really tell you much and it's
+on the site anyway. A lot of people answer "who they are" with what they do.
+I'm working in an IT department right now trying my best to wrap my head around
+securing their network. I suppose that tells you something, even if I haven't
+been at this long. I got here after I fell down the rabbit hole of
+understanding how the hell this whole Internet thing works, and I've been
+trapped ever since. Cybersecurity people seem to touch a lot of things in this
+area so I naturally sort of stumbled in this direction.
+</p>
+<p>At this point, though, I still don't think I've really answered the
+question. I'm not my job title to probably most people I know. And I think it's
+a little unwise to base my identity on something that could taken away by a
+financial crisis or an EMP blast.
+</p>
+<p>I could get more vague and go for a meme-y tribal identifier like "nerd,"
+"metalhead," "hacker," "warlock," or whatever classes people are running these
+days.
+</p>
+<p>
+None these are really true though either. I was never really smart enough to
+hang out with nerds and I never much liked keeping up with them anyway. I
+certainly have enough of a music snob streak to fit in with metalheads, but
+I've gotten over that illness for the most part, where most of my peers have
+not. If we're going with Richard Stallman's notion of
+<a href="https://archive.is/epjm4">hacking</a>, then maybe I share some of the
+same spirit. But I didn't grow up in that culture. I knew of a computer mostly
+as Windows--and even that I didn't understand well. My parents were luddites so
+these were all magic boxes to me growing up and I was far to afraid to try to
+look inside and risk breaking it. I had a vague notion that I wanted to design
+games, but I spent my time playing Runescape and Elder Scrolls instead of
+botting and modding them. Maybe I'm gatekeeping myself, but fitting into any
+sort of tribe has never really been on my mind.
+</p>
+<p>
+A lucky few will have biographers write their final word, but most of us
+will have to settle for the obituary. Either way though, I think it's important
+to remember in the long term, all we really have is our history. Hopefully,
+that won't include web history...
+</p>
+<p>
+So I think it's probably better to start with who I am, with where I've been.
+I was born in the US in 1993 about two weeks after the World Wide Web was
+released to the public domain. Our family didn't get online until I was around
+five or six when people started handing out free Windows and America Online CDs
+around public places. Pokemon was also released around that time so that
+computer was primarily used for Pokemon-themed version of Print Artist and
+reading fake articles on how to get Mew in Blue version. As I grew up, my
+school assignments went from stacks of notebooks to folders full of .doc files.
+It became expected by around middle school/high school that you had a Windows
+PC or at least had access to one to write essays. Runescape was a thing, so
+that same computer still saw it's fair share of play, but study crept in when
+it could.
+</p>
+<p>
+I never bothered studying the computer itself though. Any tutorial I could find
+on messing with Windows (like getting a stupid cursor or soemthing) started in
+big bold letters with "DON'T TRY THIS IF YOU DON'T KNOW WHAT YOU'RE DOING."
+Well I didn't know, so I didn't try. I did fall in love with Wikipedia though
+and just hopping through history and philosophy articles. I couldn't always use
+the PC downstairs so I learned to use the PSP and eventually the PS3 browser
+instead so I could read up until late. God knows how much crap was on there
+back then...
+</p>
+<p>
+I got into guitar around eighth grade since Guitar Hero was popular and I
+wanted girls to like me. I was also into band and chorus at school and somehow
+got the idea that I was pretty good at all that. The idea of playing music or
+composing started to really look like a serious thing after two years at it,
+but when I first started to write music, I had so much trouble drawing the
+freaking clefs and fancy stuff that I would waste too much time to write half
+of a score. I need like Microsoft Word for music, but I didn't know if such a
+thing was even real
+</p>
diff --git a/files/.description b/files/.description
new file mode 100644
index 0000000..7c128ba
--- /dev/null
+++ b/files/.description
@@ -0,0 +1,2 @@
+Everything else I don't have a place for. This folder is mostly for files
+linked to elsewhere on the site
diff --git a/files/RESUME.html b/files/RESUME.html
new file mode 100644
index 0000000..affc8b2
--- /dev/null
+++ b/files/RESUME.html
@@ -0,0 +1,52 @@
+<center>
+<h1 id="mike-fernez">Mike Fernez</h1>
+<p><a href="mailto:mjf@mjfer.net">mjf@mjfer.net</a></p>
+<a href="https://mjfer.net/site/files/RESUME.pdf">PDF</a>|<a href="https://mjfer.net/site/files/RESUME.html">HTML</a>|<a href="https://mjfer.net/site/files/RESUME.md">TXT</a>
+</center>
+<h2 id="work-history">Work History</h2>
+<h4 id="information-security-analyst---adelphi-university-2019---present">Information Security Analyst - Adelphi University (2019 - present)</h4>
+<p>In this role, I was responsible for monitoring and maintaining Adelphi&#x2019;s security posture and worked closely with the lead security engineer and CISO in their daily operations. I served as the main contact for incident response as well as all forensic investigations.</p>
+<p>Accomplishments:</p>
+<ul>
+<li>Significantly reduced attack surface by providing data on inactive user accounts and implementing account retirement procedures.</li>
+<li>Assisted with securing the remote workforce during the COVID-19 pandemic. Facilitated policy changes and implementation of an EDR solution.</li>
+<li>Improved and expanded university incident response plans.</li>
+</ul>
+<h4 id="data-entrylien-representative---health-plus-management-2017---2019">Data Entry/Lien Representative - Health Plus Management (2017 - 2019)</h4>
+<p>I served two roles during my time at Health Plus Management. In the first role, I was responsible for scanning and ensuring accuracy of medical records submitted by partnering hospitals in NY. I was then promoted to work with the legal department on resolving outstanding liens with accident lawyers and their clients.</p>
+<h4 id="math-tutor---mathnasium-2016---2017">Math Tutor - Mathnasium (2016 - 2017)</h4>
+<p>In this part time role, I served as a math tutor in an after-school program for kids K-12. Mathnasium provides tailored curriculums for all skill levels and includes Regents prep.</p>
+<h4 id="research-assistant---adelphi-university-2012---2015">Research Assistant - Adelphi University (2012 - 2015)</h4>
+<p>In this role, I worked with Adelphi&#x2019;s Laser Lab coordinator troubleshooting, maintaining, and taking data from optics experiments (specifically in molecular spectroscopy, trace gas detection). <a href="https://www.spiedigitallibrary.org/conference-proceedings-of-spie/9486/94860H/Real-time-measurement-of-the-NOsub2-sub-concentration-in-ambient/10.1117/12.2179501.short?SSO=1">Publication here</a></p>
+<h2 id="education">Education</h2>
+<h4 id="masters-degree-digital-forensics-and-cybersecurity">Master&#x2019;s Degree: Digital Forensics and Cybersecurity</h4>
+<ul>
+<li>John Jay College of Criminal Justice, May 2019</li>
+</ul>
+<h4 id="bachelors-degree-physics">Bachelor&#x2019;s Degree: Physics</h4>
+<ul>
+<li>Adelphi University, May 2015</li>
+</ul>
+<h2 id="technical-and-vocational-skills">Technical and Vocational skills</h2>
+<h4 id="professional-knowledge">Professional knowledge</h4>
+<ul>
+<li>Experienced | Cyber Incident Response and Triage</li>
+<li>Experienced | Digital Forensic process</li>
+<li>Experienced | Scripting languages: Bash, Python</li>
+<li>Experienced | Forensic and Data Recovery Software: FTK, Autopsy</li>
+<li>Experienced | Technical Writing/Documentation</li>
+<li>Knowledgeable | Linux system administration</li>
+<li>Knowledgeable | SIEM: Splunk, ELK</li>
+<li>Knowledgeable | Firewall/EDR: Palo Alto, Sophos Central</li>
+<li>Knowledgeable | REST API conventions</li>
+<li>Familiar | IAM services: GSuite, Active Directory</li>
+<li>Familiar | Memory Forensics: volatility</li>
+</ul>
+<h3 id="personal-knowledge">Personal knowledge</h3>
+<ul>
+<li>Knowledgeable | Programming languages: C, Python, x86 assembly</li>
+<li>Familiar | Operating systems: Windows, Linux, BSD</li>
+<li>Familiar | Electronics and circuit design: AVR, Arduino, Raspberry Pi</li>
+<li>Familiar | Software Debuggers: GDB, PDB, Ghidra</li>
+<li>Familiar | Amateur music production/composition: Audacity, Musescore, Sonic Pi</li>
+</ul>
diff --git a/files/RESUME.md b/files/RESUME.md
new file mode 100644
index 0000000..f9b3426
--- /dev/null
+++ b/files/RESUME.md
@@ -0,0 +1,71 @@
+<center>
+# Mike Fernez
+
+[mjf@mjfer.net](mailto:mjf@mjfer.net)
+
+[PDF](https://mjfer.net/site/files/RESUME.pdf)|[HTML](https://mjfer.net/site/files/RESUME.html)|[TXT](https://mjfer.net/site/files/RESUME.md)
+</center>
+
+## Work History
+#### Information Security Analyst - Adelphi University (2019 - present)
+
+In this role, I was responsible for monitoring and maintaining Adelphi's
+security posture and worked closely with the lead security engineer and CISO in
+their daily operations. I served as the main contact for incident response as
+well as all forensic investigations.
+
+Accomplishments:
+
+- Significantly reduced attack surface by providing data on inactive user
+  accounts and implementing account retirement procedures.
+- Assisted with securing the remote workforce during the COVID-19 pandemic.
+  Facilitated policy changes and implementation of an EDR solution.
+- Improved and expanded university incident response plans.
+
+#### Data Entry/Lien Representative - Health Plus Management (2017 - 2019)
+
+I served two roles during my time at Health Plus Management. In the first role,
+I was responsible for scanning and ensuring accuracy of medical records
+submitted by partnering hospitals in NY. I was then promoted to work with the
+legal department on resolving outstanding liens with accident lawyers and their
+clients.
+
+#### Math Tutor - Mathnasium (2016 - 2017)
+
+In this part time role, I served as a math tutor in an after-school program
+for kids K-12. Mathnasium provides tailored curriculums for all skill
+levels and includes Regents prep.
+
+#### Research Assistant - Adelphi University (2012 - 2015)
+
+In this role, I worked with Adelphi's Laser Lab coordinator troubleshooting,
+maintaining, and taking data from optics experiments (specifically in
+molecular spectroscopy, trace gas detection). [Publication here](https://www.spiedigitallibrary.org/conference-proceedings-of-spie/9486/94860H/Real-time-measurement-of-the-NOsub2-sub-concentration-in-ambient/10.1117/12.2179501.short?SSO=1)
+
+## Education
+#### Master's Degree: Digital Forensics and Cybersecurity
+- John Jay College of Criminal Justice, May 2019
+
+#### Bachelor's Degree: Physics
+- Adelphi University, May 2015
+
+## Technical and Vocational skills
+#### Professional knowledge
+- Experienced   | Cyber Incident Response and Triage
+- Experienced   | Digital Forensic process
+- Experienced   | Scripting languages: Bash, Python
+- Experienced   | Forensic and Data Recovery Software: FTK, Autopsy
+- Experienced   | Technical Writing/Documentation
+- Knowledgeable | Linux system administration
+- Knowledgeable | SIEM: Splunk, ELK
+- Knowledgeable | Firewall/EDR: Palo Alto, Sophos Central
+- Knowledgeable | REST API conventions
+- Familiar      | IAM services: GSuite, Active Directory
+- Familiar      | Memory Forensics: volatility
+
+### Personal knowledge
+- Knowledgeable | Programming languages: C, Python, x86 assembly
+- Familiar      | Operating systems: Windows, Linux, BSD
+- Familiar      | Electronics and circuit design: AVR, Arduino, Raspberry Pi
+- Familiar      | Software Debuggers: GDB, PDB, Ghidra
+- Familiar      | Amateur music production/composition: Audacity, Musescore, Sonic Pi
diff --git a/files/RESUME.pdf b/files/RESUME.pdf
new file mode 100644
index 0000000..202b274
--- /dev/null
+++ b/files/RESUME.pdf
diff --git a/home.html b/home.html
new file mode 100644
index 0000000..dbaa741
--- /dev/null
+++ b/home.html
@@ -0,0 +1,54 @@
+{% extends 'base.html' %}
+{% block content %}
+<!-- Hey, NERD! Don't mess with my HTML source! It's really messy and bad.
+-->
+<p>Welcome to mjfer.net, my space for an email server, organizing some files
+and organizing myself.</p>
+<h3><b>You can access this site as a hidden service through Tor, here: 
+<br>
+<a href="http://xoq44d2ignfuf4z23nm5oedrjxckxxquxwi4cx3ryi3lenfpmpoegoyd.onion">
+    xoq44d2ignfuf4z23nm5oedrjxckxxquxwi4cx3ryi3lenfpmpoegoyd.onion
+</a>
+</b></h3>
+<p>If you're looking to connect professionally, you can check out my resume
+<a href="/site/files/RESUME.html">here</a>.
+</p>
+<p>If you think websites and servers are neat like I do and want to 
+learn the ins and outs of hosting your own, click
+<a href="/site/tutorials/how-to-make-this-site.html">here</a>.
+</p>
+<p>If you're just here by chance and don't know where you are click
+<a href="/site/about/whereami.html">here</a>.
+</p>
+
+<p>Otherwise, check out the folders in the navbar above</p>
+
+<p><small>(the 'z' is silent by the way if you want to say it right... like a
+    true Frenchman)</small></p>
+
+<h3><b>If you receive any abuse from this domain, it is not from me and
+        something has gone terribly wrong. Please contact me at 
+        <a href="mailto:abuse@mjfer.net">abuse@mjfer.net</a>
+        so I can resolve the problem.
+</b></h3>
+<p><small>I am no fan of social media, and I made this website largely in
+    protest, but I do maintain the following profiles. *These
+    <a href="https://icons.getbootstrap.com/"
+        target="_blank" rel="noopener noreferrer">icons</a>
+    are from the bootstrap folks, not me.
+</small></p>
+
+<center>
+    <a href="https://www.linkedin.com/in/mike-fernez-357878108" 
+       target="_blank" rel="noopener noreferrer"><img 
+       src="/static/linkedin.svg" /></a>
+    <a href="https://github.com/mjfernez" target="_blank" rel="noopener noreferrer"><img
+       src="/static/github.svg" /></a>
+    <br>
+    My github repo is also cloned locally at
+    <a href="https://git.mjfer.net" target="_blank" rel="noopener noreferrer">
+        git://git.mjfer.net</a>
+    so you don't require any non-free JS to access it.
+</center>
+
+{% endblock %}
diff --git a/license.html b/license.html
new file mode 100644
index 0000000..172b43f
--- /dev/null
+++ b/license.html
@@ -0,0 +1,17 @@
+<p xmlns:dct="http://purl.org/dc/terms/" xmlns:vcard="http://www.w3.org/2001/vcard-rdf/3.0#">
+  <a rel="license"
+     href="http://creativecommons.org/publicdomain/zero/1.0/">
+    <img src="http://i.creativecommons.org/p/zero/1.0/88x31.png" style="border-style: none;" alt="CC0" />
+  </a>
+  <br />
+  To the extent possible under law,
+    <span property="dct:title">The author</span>
+  has waived all copyright and related or neighboring rights to
+  content on <span property="dct:title">{{ domain }}</span>. 
+  All work may be cited without attribution at the reader's discretion. 
+  However, if you do use the work here, or otherwise benefit from it, 
+  the author would love to hear about it! 
+  This work is published from:
+<span property="vcard:Country" datatype="dct:ISO3166" content="US" about="{{ domain }}">
+  United States</span>.
+</p>
diff --git a/tutorials/.description b/tutorials/.description
new file mode 100644
index 0000000..7f37a49
--- /dev/null
+++ b/tutorials/.description
@@ -0,0 +1,3 @@
+There's a lot of tutorials out there that can show you something if you know
+what to look for. Here's some tutorials that might help when you don't know
+what to search. And tutorials for me for when I forget how to do something.
diff --git a/tutorials/how-to-make-this-site.html b/tutorials/how-to-make-this-site.html
new file mode 100644
index 0000000..9ff80e6
--- /dev/null
+++ b/tutorials/how-to-make-this-site.html
@@ -0,0 +1,101 @@
+<p>
+I think it was roughly the end of high school when I first had the idea I
+wanted to make <i>some</i> kind of website. This would be around 2010 and I did
+what I thought would be a good idea and bought a book on the subject: "Web
+Sites for Dummies." I was dummy after all...
+</p>
+<p>
+I got up to hyper linking with the "a" tag until I hit a wall. I don't want to
+link the exact page since I don't want to get sued, but it basically read:
+<pre>
+    Web design programs:
+    - Adobe Dreamweaver
+    - Adobe Contribute
+    - Microsoft Expression Web
+</pre>
+</p>
+<p>
+Well, damn. I didn't have any of those. And as a stingy high school kid, I
+didn't want to buy anything. So I shelved that book and forgot about for a
+while since making a website seemed too expensive and needed too much flashy
+software to make it. I knew nothing about free software at that age, other than
+music software like Audacity which is what I was into at the time.
+</p>
+<p>
+A few years later I caught a bit of a poetry bug--and maybe a bit of a snooty
+college kid bug--and tried to run a blog. At that point, I had learned about
+WordPress, which lets you easily make a space for sharing writing, media,
+content, whatever really. And it's free as in <i>freedom</i> as I understand
+since it's licensed under the GPL (if you want to take the time to deploy it
+yourself). But they also give out free .wordpress domains and some storage
+space for people who know nothing about hosting.
+</p>
+<p>
+I had fun with that one, I don't update it anymore, but it's still up at
+<a href="https://postquantumpoetry.wordpress.com">postquantumpoetry.wordpress.com
+</a>. WordPress got closer to what I wanted, but it still wasn't <i>really</i>
+my site; it was WordPress's site unless I wanted to pay the hosting and domain
+fee. It's pretty modest, but I wasn't sold on sticking with a .com or .space
+domain, or even sticking with WordPress. I was getting tired of blogging and
+wanted to really make something.
+</p>
+<p>
+It's now 2021, five years later, when I write this (and this website isn't even
+finished yet). So what led me down the rabbit hole again? It probably started
+where the last one left off, when I decided I wanted to switch to more
+practical IT things over the academic science-y things I had previously wanted
+to pursue. I signed up for a Cybersecurity program, somehow got in, and
+eventually managed to land a entry-level SOC role after graduating. At this
+point, it was getting a little embarrassing that I had no web
+presence--especially after I decided to take down most of my social media
+accounts. So I was back at "how do I make a website," again, but this time, I
+at least had some understanding of what a server was and how networks work. And
+more importantly, I had a better idea of what it meant for a computer to be
+<i>mine</i>. Even though--let's be real--it <i>still isn't</i>. I can't get
+high-speed Internet easily which I need to host a server long-term so I'm stuck
+using some else's computer, otherwise called a Virtual Private Server (VPS).
+Even if I could host at home, I'm still of course at the mercy of my ISP so
+even then, I'm not totally free.
+</p>
+<p>
+Because of that, I think it's important to understand that
+"running your own website" is not just a <i>technical</i> ordeal, but also an
+<i>economic</i> one since you have to carefully think about what it means to
+you to <i>own</i> your server, your software, and your hardware
+</p>
+
+<h2>What is a web <i>server</i> and how do I run one?</h2>
+
+<h2>How can make this server available on the Internet <i>cheaply</i> and <i>independently</i></h2>
+<p>
+I think it's important to cut to the chase on an important point that I feel
+is not written about a lot.
+</p>
+<h3>Can I run a web server at home</h3>
+<p>
+TL;DR Technically yes, but practically probably not. At least not at a lot of
+extra cost to you.
+</p>
+<p>
+I spent a lot of time searching on this (you can find a full list of references
+at the bottom), and I've even tested a little bit by hosting game servers and
+web projects for code jams, but the problem is twofold. First, if you are in
+the United States and not a business, you probably have a standard plan with
+one of the major ISPs (Verizon, Optimum, etc.). This limits
+you in a few ways.
+<li>
+Your bandwidth is limited, which limits the amount of people you can serve
+at one time <i>and</i> the rate you can transfer data to them. Think laggy
+games and videos that take 10 years to download.
+</li>
+<li>
+Your ISP probably explicitly does not allow this. I have <i>never</i> had my
+ISP complain about hosting small personal servers at home, but I imagine if I
+hosted higher traffic things, I would have some problems.
+</li>
+<li>
+</li>
+</p>
+<p>
+</p>
+