I’m a little out of the Virtual Machine game and Linx administration. I think a large part of that has to do with my last two jobs being managerial. I haven’t really needed to build new systems as much; I’ve just been upgrading. Or building headless systems on Raspberry Pis.
I’ve been looking for a job. I applied to one recently and came across something a little scammy. Seconds after getting a thank you for applying email, I got an email saying I had to run software to prove I met the requirements to work from home. Plug the computer into the modem and run their test. Wasn’t happening on my daily driver. I ran it through some VMs.
The link in the email was for what looks like a head hunter software firm. It redirected to the company’s website. The company I applied to. I tested with Flare Vm running on Proxmox on an old I3 server I have. The Flare VM passed everything but the processor test. It wanted an i5 or higher. I didn’t bother to get screenshots, because I thought I’d run it again on something with a newer processor.
I spent today (the day I wrote the blog post, not the day it was published) setting up a Flare VM on my laptop. I loaded up the Flare VM, and started Wireshark, Regshot, and Procmon. I started Edge, went to the link again, only to get a blank page with no option to test. Note: The site said after I ran the test to try again from another computer. But there was nothing there to run this time.
There were two takeaways from this.
1. I should have built some Flare VMs sooner, because they take a while to build. Build them before you want to use them.
2. Follow the rules of getting screenshots and taking notes as you work because it would have made a great blog post walking through the steps.
I’m getting ready for a fun little project with a friend. Several years ago, while doing my undergrad, I got a copy of Chris Sander’s “Applied Network Security Monitoring.” I was going to do a book study group at school when it came out, but it turns out it was a required text for my Incident Response course.
Sadly, that class was a mess, and I don’t think we used the book in it at all. A different friend and I referenced the book to build a project for one of our other classes. We used it to build several honey pots, with what was supposed to be centralized logging. That, however, failed due to the Data Center we put the logging server in. The DC we picked for the log server didn’t allow logging to that DC for some reason. The other ones through the VPS provider would have worked fine. Just not that one. No clue why. We did complete the project with the honey pots but had to monitor each one instead of having central logs.
Anyway, talking about burnout recently with friend one mentioned above, we both feel burnt out. We don’t want to do anything computer-related after work. Studying, Udemy, Coursera, Hack-in-The-Box, Try Hack Me, scripting, blogging, etc. To get around this, we’re going to work through Applied Network Monitoring, and we’re also going to blog about it.
Before confirming this was the book and project we would do, we asked Chris Sanders via Twitter if the book material was still relevant. He said the concepts would be, but the tools would be different now.
It should be fun.
Once my friend gets his blog set up, I’ll link to it too. And yes, I know I still have some OpenFAIR/CTI/OSINT related content I want to blog about; see the comment about being burnt out above.
We live, we learn. A year ago, I had this post about my raspi-NAS failing. One of the things I said was I’d look into building a real RAID 1 based NAS on a Raspberry Pi.
Yeah, researching that subject while rebuilding my home network a few weeks ago, I found out that USB and RAID don’t work together like that. So, if I want a NAS with RAID, I’d have to do something else. Like a rack-mounted server running FreeNAS. Yes, I know it’s being rebranded TrueNAS Core.
I tried Open Media Vault (OMV) with my existing powered external hard drives. It didn’t like them. OVM could see the drives but wouldn’t let me do anything other than formatting them.
I’m sorry, I’m not interested in losing all my data. So I just set up the Raspberry Pi to run Samba again. It works fine.
I might try to rerun OVM someday when I have free time and free hardware to set it up, but I have a long list of things to do before then.
Shortly after rebuilding my Raspberry NAS last year, it stopped working again. The system wouldn’t boot right, even after changing the micro-SD card with a new build of Raspbian. A few weeks ago, I bought a new Pi 3 b and rebuilt the NAS again. When the system powered on, one of the USB drives wasn’t working. It looked like the file system was corrupt. During attempts to recover the USB drive, it stopped being readable. Both my Windows and Linux computers could see the USB drive, but not the file system, or the data. I re-formatted the disc drive, and it started working fine, it just had no data on it.
I thought I’d share some troubleshooting related items to setting up my raspi-NAS the other night.
A couple of years ago, I don’t remember when, I built a small NAS using a Raspberry Pi 2 B version 1.1, and two 128G USB flash drives from Microcenter. It is called “raspi-nas”, and I built it following the How-To Geek Guide: How to Turn a Raspberry Pi into a Low-Power Network Storage Device. It worked well to back up our phones. Which is all it is used for. It used wireless for the network connection.
An industry mailing list I’m on recently had a conversation that started asking about Master Degrees but had some hiring managers chip in. They said a question they tend to ask is to have the candidate tell about their home lab.
I’ve been asked this question a few times in the past, and I’ve asked people this question in job interviews. I know it’s to find out what kind of passion the candidate has for the job, but I think it’s starting to become a bad question to ask.
Here is why I don’t have a home lab.
I’ve made changes to the layout of my home lab. This is the current plan, because I can’t afford the Cisco switch I want right now. I also don’t think it’s worth getting a second line to the house, since I plan on moving by October.
The new design is to have my home network and the lab network mixed. I do have one more wireless router I could put in place to isolate the lab, but not going to for right now. If I need to limit things for something, I can always change. It’s also split between 2 floors, which is why there are 2 switches.
The Single Board Farm is 6 Raspberry Pi B, 4 Raspberry Pi B+, 2 Raspberry Pi 2, and once I can get them, Odroid C1 (probably 2).
Finally got time to pick up from where I left off last time. I’ve had a hard time getting to do lab work. Anyway. I connected my pfSense box to my AT&T U-verse Router Gateway, something I’ve been worried about, and it worked. I was worried because in the past, it would shut down the RG saying there was a network behind network, turn on DMZ Plus mode, and everything would be broken.