travel, science, technology, and all other geeky things
Follow Me
A delicious evening at Trader Sam's tasting some secret menu drinks. I will post the recipes as I find them in this post so keep checking back.

1. Krakatoa, this isn't a secret menu item but gets an honorable mention due to its excessive rum content.

(Krakatoa in a souvenir mug)

2. Old Kungaloosh, delicious drink it's vodka, coconut rum, midori and pineapple juice. I wasn't sure about the midori but it ads a subtle layer that balances the drink out perfectly. It was 9 out of 10 Recommend.

(Old Kungaloosh)
Recipe from my friend at SasakiTime.com (check out his blog it is Awesome)
Old Kungaloosh Recipe -- Circa 1997 
1 1/4 ounce vodka
1 1/4 ounce Malibu Rum
3/4 ounce Midori (melon liqueur)
2 tablespoons pineapple juice
1 splash cranberry juice 
Mix well.

3. Adult Dole Whip, holy crap this is so good. I think it taste better then the real thing. You get the familiar Dole Whip taste, but there is an undertone of vanilla that just takes it to the next level. 10 out of 10 must try!

(Adult Dole Whip)
This is the closest i could find courtesy of mirlandraskitchen.com
Adult Dole Whip
1 shot whipped vodka
4 oz pineapple juice
vanilla ice cream optional
strawberry and lemon for garnish if desired
Fill a cocktail shaker half full with ice. 
Add vodka and pineapple juice. Shake.
Pour into chilled glass and serve with ice cream or desired garnish.

4. Finally the coconut cake, again not on the menu but it is a must have at least once every Disney trip. It is the most Moist! Ya I said moist cake you'll ever have. The cake is infused with a coconut custard and the icing is a light whip cream and coconut topping. 11 out of 10 if you like coconut. 

(coconut cake)

Most of the people who have found this post on the internet are already familiar with Palo Alto Firewalls and everything they can do. One of the features I really like is the IPS functionality built into the firewall, but - and its a BIG BUT - if you're terminating SSL after the traffic ingresses your untrusted security zone you're loosing a lot of the PAN's IPS functionality because the traffic is encrypted.

Here is a reference diagram of what I am talking about:

So how do we fix it? PAN has a feature called SSL Inbound Inspection. This feature as of 7.1.x code does not terminate the SSL session or work as a proxy, but at a high-level takes a copy of the traffic and uses your imported certificate and key to inspect the traffic against the policies that have been configured. It's really easy to setup, but there are a couple caveats that I wanted to outline in this post.

SSL and Supported Ciphers: As many of you know the SSL negotiation is determined between the client and the server during the SSL handshake.  Because the firewall does not work as a SSL proxy, or "man in the middle", you have to insure that the client and server negotiate a cipher that the firewall is able to decrypt. This is where we ran into a little confusion.  Much of the documentation on the PAN site is focused around outbound SSL decryption.  This gets confusing when PAN doesn't document what feature they are discussing in an article. For example they have an article of supported decryption ciphers and they did not specify on the document if these were the ciphers used in outbound decryption or inbound inspection.  Then, when I asked for documentation of supported inbound SSL inspection ciphers, they could not point me to a document. FYI if you look at an SSL decryption profile there is a disclaimer in small print that only the listed RSA ciphers are supported for inbound inspection. I was told this was going to fixed.

So to help you out here is what is supported for inbound SSL inspection:

To ensure your firewall can decrypt all inbound SSL traffic it is important you configure your servers or load balancers to only offer ciphers supported by your firewall. If you're using an F5 to terminate SSL here is the string you can define in the cipher list within your SSL client profile.


APP-ID and Application Default Services: Many of you out here have enabled APP-ID on your firewalls and probably leveraged the application default service setting to let the firewall determine the port to allow traffic on.  I have been told application default setting in the services section of a security policy is best practice and, to be honest, I actually like it and use it; but it can break SSL Inbound Inspection. To understand where it breaks we first need to understand how a firewall processes a packet when you have enabled inbound SSL Inspection:

  1. The firewall looks to see if the packet is allowed by the security policy.
  2. The firewall identifies the traffic as SSL
  3. The firewall looks to see if the destination is configured with a SSL decryption policy
  4. If the destination address matches a protected IP address, it is decrypted and processed through the security policies once again as web-browsing still on port 443. 
  5. Bang! Connection is broken.

When you have application default set it is expecting specific ports based on the application that has been identified by APP-ID.  So if you have SSL and web-browsing configured in the APP-ID portion and application default configured in the services portion of your security policy...once the firewall decrypts the packets and runs it back through the security polices as web-browsing traffic on port 443 the firewall drops or resets the connection.

To resolve this issue you can still use APP-ID but you will need to explicitly list the ports the firewall will allow traffic on. This will allow any application, in this case web-browsing traffic on TCP port 443, to be allowed on any of the listed ports.

Configure SSL Inbound Inspection: You can click here to go to the Palo Alto Networks website and they will walk you though the SSL Inbound Inspection configuration.

Friend, co-worker, and guest blogger Matt Krieg owner of Krieg Productions talks about his video setup. You can find him at his website www.kriegproductions.com or check out his youtube channel.

So, you want to be a videographer?
It seems like everyone with a camera wants to make money creating videos these days. But there’s a lot more that goes into video production than you might think. From the monthly software or subscription fees to the thousand dollar stabilizers, the investment needed for professional level video is much higher than you may think. However, that isn’t to say it can’t be done on a budget and I’m going to show you the bare minimum you’ll need to get started in professional video production.

Alright - just accept this bitter reality right now - camera equipment is very expensive. Don’t try to cut corners on everything by buying the cheapest gear y
ou can find because you’ll pay the difference later down the road. Trust me. You don’t need a whole lot to get started but you’ll probably end up buying more equipment for each project you take on. Don’t get caught up in all the gear specs right now, if your brand new to videography just understand this one concept on gear. The diminishing return on camera equipment starts a lot sooner than you may expect. There is a huge difference between a $100 camera and a $1,000 camera but there is very little difference between a $1,000 camera and a $3,000 camera. You’ll want to stay at this sweet spot of about $1,000 for your camera. Maybe even lower if you’re on a serious budget. So, once you understand that you don’t need to drop $5,000 on your first camera let’s get right into the gear.

Your camera is going to be your workhorse, so leave a little more room on the budget for a solid camera. Since our main objective is video I’m going to focus on the two powerhouse brands in the video market right now: Panasonic and Sony. I’m not going to discuss which is the better camera, but Sony seems to run on the more expensive side compared to Panasonic’s line. I think the best budget friendly 4k camera on the market today is the Lumix G7 from Panasonic. It currently cost around $600 with the kit lens but I’ve seen them as low as $500 during sales. You get a ton of features for the price and you’ll be future proof for a bit longer with the 4k video resolution. If you do end up going the Sony route be aware that you’ll be paying a premium for lens’ and accessories.

Lenses are often overlooked when getting into videography; however, I believe having the right lens can be more important than having a high-end camera in most cases. You’ll want to keep a little money for a nice quality lens or two. Most kit lenses are sufficient, but having a couple focal lengths to choose from will definitely step up your quality game. I like to use a 25mm fixed (equivalent to a 50mm in full frame) and a 12–60mm zoom lens. The 25mm is one of the cheapest lenses out there and it is very versatile. The 12–60mm, or 14–42mm if you get the G7, will be a great ‘run & gun’ lens.

Sound is just as important as video and if you’re lacking in the sound department, no one will watch your videos. The brain actually processes sound before visuals so it is crucial to spend just as much, if not more time, perfecting audio than video. The on-board audio from your camera is garbage.  But you do have a few options as far as audio recording goes. If you’re not sure what kind of videos you’ll be making, I’d recommend going with a small shotgun mic that attaches to the camera’s shoe mount and plugs directly into the camera. Rode makes a nice line of mics for this category and the two big options are the VideoMic GO or the VideoMic Pro. The Pro version has a built-in audio processor while the GO version is just a shotgun microphone using the cameras audio processing. There is plenty of info out there comparing these mics so you’ll have to make the call on which one will fit your needs. Of course, in some cases a lavalier mic (worn on the collar) or external shotgun mic will work better but this is going to cost a lot more and won’t be as versatile.
Here are a few of my recommended microphones on the market:
VideoMic Pro - http://amzn.to/2i4KEg7
VideoMic GO -  http://amzn.to/2wOmI3Q 
Great wireless lavalier - http://amzn.to/2i38Pvg
Affordable lavalier - http://amzn.to/2vZKaxm
Solid external shotgun mic - http://amzn.to/2vGOAXB 

You will go crazy trying to find the best lighting equipment on a budget so, to make this easy for you, just pick up some 700W softbox lights for $60 - $80. For most shoots, I like to use as much natural light as possible and I find myself rarely using artificial light. But it is great to have some as a backup just in case. Good lighting will take creativity and practice so don’t spend a ton of money on lighting early on.

Everything else

Tripod – Amazon basics makes an affordable tripod that gets the job done, however if you have more to spend I’d recommend the Manfrotto 290 Xtra as it is a much higher quality. You can watch my review if it here: https://youtu.be/U-0_l_zkncQ 
Manfrotto tripod - http://amzn.to/2vBRdv3
AmazonBasics tripod - http://amzn.to/2wOxLKq 

Batteries – Four batteries should be plenty for a day of shooting and you can find batteries for your camera relatively cheap from numerous brands on Amazon.

SD Cards – The one thing you’ll want to look out for here is the speed of the card. Make sure the card says U3 which is usually 95MB/s. Having two 64GB SD cards should give you just over 2hours of 4k recording.
95MB/s - http://amzn.to/2fIJJkJ
150MB/s - http://amzn.to/2vGXUL3

Storage – You’re going to go through hard drives like never before when you start importing all the 4k video files so make sure you set aside some money for external hard drives. If you’re getting paid to do video work you will need to back up everything at least twice. The last thing you want is a corrupt or failed hard drive with someone’s valuable footage on it so save yourself that headache and back it all up.

Editing software – This is mainly personal preference but you can’t go wrong with Adobe Premiere Pro CC which is available in the Adobe Creative Cloud service. Another good editing program is Sony Vegas but I haven’t used that brand nearly as much as Adobe’s programs. If you’re a student in college you can get a nice discount on the creative cloud membership and it’s well worth it.

Remember this is the bare minimum of what you would need to start shooting professional videos. There are TONS of other accessories that would help you create the best possible product however it would also cost a lot more for all of it. You will more than likely end up like me - purchasing a new piece of gear for every new project, with some reason to justify your guilty spending. But in the end, it comes down to you as a creative videographer and your ability to create a meaningful story through the lens. If it all came down to who had the best equipment then all the richest filmmakers would have the best content and this is simply not the case. So do your research, buy a camera that fits your budget, and start filming.

But keep in mind - the best camera is always the one you have with you.

Countries I've Visited

visited 14 countries (6.22%)
Create your own visited map of The World

Join the EFF

Join the EFF
#privacy #digitalrights