Author Archives: Chris J

About Chris J

Chris J studies physical and information security. He started the Ann Arbor Chapter of TOOOL, attended Eastern Michigan University got a degree in Applied Information Assurance. Work involves Threat Intelligence.

Home Lab – Changes

I’ve made changes to the layout of my home lab. This is the current plan, because I can’t afford the Cisco switch I want right now. I also don’t think it’s worth getting a second line to the house, since I plan on moving by October.

The new design is to have my home network and the lab network mixed. I do have one more wireless router I could put in place to isolate the lab, but not going to for right now. If I need to limit things for something, I can always change. It’s also split between 2 floors, which is why there are 2 switches.

Lab Design v2

 

 

 

 

 

 

 

The Single Board Farm is 6 Raspberry Pi B, 4 Raspberry Pi B+, 2 Raspberry Pi 2, and once I can get them, Odroid C1 (probably 2).

Book Review: Meditation for Warriors

I’ve been studying Martial Arts for around 30 years on. I’ve gotten a couple of other books by Loren W. Christensen, mostly on training and diet. However Meditation For Warriors: Practical Mediation for Cops, Solders, and Martial  Artists is the first one that focused on the mental aspect.

This book is written as a practical guide to focus your mind, giving you a calmer demeanor, and allows you to stay cool, calm, and collected when the stuff hits the fan.

I really like that while it’s geared towards “Warriors” (Police, Soldiers, Martial Artists), it’s a really down to earth book that anyone could read and get a better understanding of meditation. Part of the goal of the book was to give non-practitioners a real world view of the importance of meditation.

Continue reading

Book Review: Personal Digital Securty

I read Personal Digital Security: Protecting Yourself From Online Crime (Amazon affiliate link) by Michael Bazzell. I think this book is a good place to start, if someone wants to learn more about computer security.  A seasoned practitioner of Information Security could use this book as a core component to create a great Security Awareness Training program for users.

Mr. Bazzell starts off as if the reader knows very little information on computer security. However by the end of the book, he’s very conversational in tone, and is suggesting the reader shares what he learned.

The book has a building block approach. Not all readers will need to go chapter by chapter. But starting with Chapters 1 and 2, Mr. Bazzell starts a great foundation for the things in the rest of the book. The book starts with protecting your computer, and then your passwords. From there he goes on to show how to protect your online accounts, your data, and your credit cards, your debit and your banking information. Next is about protecting your telephones, cellular and work. Chapters 8 and 9 go in to always connected devices and wireless networking. Chapter 10 talks about how parents can protect their children online.

If your bank accounts  or credit card has been compromised and you want a deeper understanding read this book. If you want to create a Security Awareness Program, start with this book. If you want to get in to Computer Security, this book covers the basics you should already know by the time you walk in to a class room or entry level job.

* Update 2024-10-01: changed to Amazon Affiliate Link, which I earn a commission from qualifying purchases.

 

Unofficial training at Circle City Con

I’ll be presenting at Circle City Con this year, on Wireless Intrusion Detection with the Raspberry Pi. I’ve done  some test runs of the talk, and have ended with people wanting to contact me later if they have questions. Mainly if they get stuck. Also one of the comments from the reviewers when I submitted my talk was this would be better as a training class.

After talking to one of the organizers, here is how this is going to work. Currently I’m scheduled to talk on Saturday. After my talk, through the end of the Conference I can be available (as long as I’m not in a training sessions) to use some of the the common / lobby area to work with people wanting to set up the wireless drones, what kismet calls sensors.

Continue reading

home lab – more pfsense work

Finally got time to pick up from where I left off last time. I’ve had a hard time getting to do lab work. Anyway. I connected my pfSense box to my AT&T U-verse Router Gateway, something I’ve been worried about, and it worked. I was worried because in the past, it would shut down the RG saying there was a network behind network, turn on DMZ Plus mode, and everything would be broken.

Continue reading

home lab – firewall installing pfSesne

There are lots of good howtos out there to get the system installed. I followed this one, since it was for the same hardware: Build an awesome APU based pfSense Router.

Issues were with the installer software. It took a few tries to figure out I needed to run it as admin, mostly because the screens are all in German (I think). I tried other software (the one I use for the Raspberry Pi stuff) didn’t work.

Booted off the console, used the installer (after I got the right image, can’t use the iso image), and installed it. Next up, getting it on a network to use the Web interface to configure the box. Or use SSH. Maybe just plug in the laptop and see what happens. That’s half the fun anyway, or so I think.

Home Lab – Firewall PC Engine APU1D4 DYI Build

Got the first firewall for the lab. It is a PC Engine APU1D4 D.Y.I Kit from Netgate. This hardware has been going out of stock constantly. I got the 30 gig flash drive from Amazon, for less. I should have taken pictures as I was building it, but was just excited to be building it.

The good:

  • easy open packaging
  • other than the heat spreader it went together really quickly
  • Online documentation available

The bad:

  • No Instructions in the box
  • The heat spreaders didn’t like to stay on the chips
  • the heat sink move pulling the spreader off with it while putting the bottom on. Didn’t cause problems, but had to stop and reline up the head spreader to the chips (stuck to heat sink).

Continue reading

Getting Real book review

When I first started doing the book reviews it was because a professor asked me what books I think should be on every Information Security (Information Assurance) student’s bookshelf. One of the books on that original list was Rework by the guys at 37 signals Basecamp. On my bi-annual reading of the book, I noticed they made comment to a previous book called Getting Real (Amazon affiliate link). So I ran out and grabbed a copy of it.

It really felt like a draft version of Rework. It was ok. There were some great quotes in the book from people who have used the same frame of thought to make a new company or run a business.

There were parts of the book that countered what I remembered from Rework (remember I read this book every other year), the biggest being how to deal with the competition, and seeing what they do. It felt that the two books were at odds on how to deal with the competition.

I would only recommend this book for the quotes, but think that Rework is the stronger and better of the two books to read.

* Update 2024-10-01: changed to Amazon Affiliate Link, which I earn a commission from qualifying purchases.

Home Lab – Phase 1 – More annoyances

I got a free LCD tv recently, 32 inches. I was hoping to use it as the monitor for the VMWare box for a bit. Until I could save the money to replace it with something nicer / actual monitors (dual display ports).

Problem is, ESXi is designed to be a type 1 hypervisor. I never knew that’s what bare-metal systems were called. I’ve worked with Citrix Xen in the past. It was nice, but I hated to do the work over the network.

Continue reading