Grad School

Got my acceptance letter to University of Maryland University College this week. I start my Masters of Science degree in CyberSecurity this fall.

I was on the fence of CyberSecurity or Digital Forensics and Cyber Investigations master, but think CyberSecurity gives me more opportunity after graduation. The cool thing is, I can take 2 more classes on top of my degree and get the Digital Forensics and Cyber Investigation Master Certificate.

After I get those taken care of, I’ll go back one last time to get a MBA, which will be 3 more classes if I get accepted to the business school.

apt-get upgrade spamassassin error

I’m sure I’ll forget about this again. Trying to upgrade spamassassin, I kept getting the following error. I fixed this a couple of months ago, but forgot what the

dpkg: error processing package spamassassin (–configure):
subprocess installed post-installation script returned error exit status 1
dpkg: dependency problems prevent configuration of sa-compile:
sa-compile depends on spamassassin (>= 3.3.2-8); however:
Package spamassassin is not configured yet.

dpkg: error processing package sa-compile (–configure):
dependency problems – leaving unconfigured
Errors were encountered while processing:
spamassassin
sa-compile
E: Sub-process /usr/bin/dpkg returned an error code (1)

The cause has to do with the hardening I’ve done on my linux box. If the entry in /etc/password is a service account, the shell gets set to /bin/false. To fix the errors above, I need to change it to /bin/bash, and then change it again after the upgrade.

However I’m sure I’ll forget about this again, and forget that I wrote a blog entry for it.

vmware problem trying to share bridged interface

I’ve spent the last 2 days trying to get Vmware Player on a Windows 7 host, to provide internet to any of the guests  using bridged mode.  I have 2 firewalls installed. Windows firewall, and Avast’s Firewall (part of the Internet Security Suite). I had both installed previously before I rebuilt my laptop in September, and didn’t have a problem or had to do anything.

If I turned off one of the firewalls it worked fine, for bridged interfaces. But with both on, it didn’t work. Even though there are rules in place for avast to allow vmware.

After digging I finally found a thread dealing with the same issue on VirtualBox. The fix is to turn on Internet Connection Sharing in Avast. This doesn’t turn it on for Windows but just Avast from what I can tell.

Two book reviews on Personal Security.

Two books I read on personal safety recently were “Alone and Afraid” by J.J. Luna (also known for “How to Be Invisible“) and “Escaping the O Zone” by Doug Cummings.

I reviewed both of these books on Amazon. I have “Alone and Afraid” 5 stars, and “Escaping the O Zone” 4 stars.

Continue reading

Home Lab – Phase 1, start with what I can.

As I said in the last post, I’m going to have to piece the lab together slowly. However that doesn’t mean I can’t do other things with the lab until then. The current plan for later phases is PFSense on the micorserver, Security Onion on a Microserver, the network switch, and a new network drop.

However, I have old PC hardware laying around and vmware player on my current laptop. I should be able to build and play with a couple of things.

  • VM for PFSense
  • Physical for Security Onion

Currently the old PC has Untangle on it. It  worked well. It was set up for a RuCTFe CTF a few years ago. It was fast and easy to set up. This time I want something a little different. First though, I need to reconnect the old drives and backup all the data off those. I also want to swap out the mother board with a newer one I got. I think the newer one handles 64-bit. It has multiple network cards.

Once it’s rebuilt, I’ll attach it to my existing network connection to monitor what is coming through that gateway. I’ll write those up in stages as I do them. Should be 3 posts.

Designing a new home lab

I used to have a home lab of 3 cisco routers, and 3 cisco switches. That was for my CCNA training. Problem was, they were so old, they were not worth it. The lab also had 2 Intel 32-bit PC towers and a Sun Ultra 10. The Sun box was to get the Sun certification, but never got around to it. That isn’t to say that the lab wasn’t used. Just not used for the reasons I originally bought the components for.

Now, since I graduated and I have money to spend on building a new lab, I’m looking at getting something new set up. After watching Johnny X(m4s) and Eve Adams recorded talk from Derbycon. I decided on the following design.

Lab Design v1

So this will be on a separate internet connection from my home network. That means getting a second line to the house, but it doesn’t have to be the fastest line in the world.

The hope is to have the PFSense box, the Security Onion Box, and the Vmware ESXi box all running on Micorservers. The price for the Lenovo ones are decent.

I want a Cisco 3560g switch for Gig out all the ports, plus the layer 2 / 3 routing. Again the price isn’t too bad, about the same as the Microsevers. Lastly if I decide to go for the CCNA again, it should be useful.

The wireless access point was chosen from the Offensive Security WiFu class hardware list. I could use my old Linksys WRT54GL with dd-rwt on it. But it cant’ do N. Granted it looks like the Off-Sec recommended ones are only half N.

Lastly, it would be nice to have a peg board with all my Raspberry Pi devices attached to it. Requires being easy to remove them, but not a big issue. This would give me a place to have them while working and store them when not in use. If I can get POE on the 3560g, that means I can get a POE splitter and adapter for each Raspberry Pi, and don’t have to worry about power there either.

The laptop would be as needed device. I could use my current one or buy one to dedicate to the lab. Mainly it’s there for user interface purposes than anything else.

The only downside, even though I’m not paying for college classes out of pocket any more, is that it will take a while to build this lab. I’m going to have to piece it together a little at a time.

Data Science Course part 1: Data Scientist Toolbox

So after a class project, someone suggested I learn some R. After digging around a bit on the internet, I found the Coursera Data Science Specialization. It looked good.

The first class was The Data Scientists Toolbox class. It was good. The goal was to get students experience with hands on work in git and with Github. It also got the students ready on the software for R, by installing R and R-Studio.

I had to drop the second class, the R class, due to some issues that came up. I got bogged down during week 2 and wasn’t able to devote any time to the studies. I’ll take the class again when I can actually spend time focusing on it.

I graduated.

I graduated from Eastern Michigan University with a BS in Applied Information Assurance. Now that is done, I’m working on some stuff that I want to do. I also am trying to to get accepted to UMUC for a Master of Science. I’m unsure if I want to go for the Cyber Security or Digital Forensics and Cyber Investigations degree.

Some of the projects:

  • My Raspberry Pi WIDs modifications
  • Study for my CISSP
  • Hacker’s Challenge (from 2001)
  • R Programming (Coursera Data Science Program)
  • catching up on leisure reading
  • Studying for my General Amateur Ticket
  • Designing a new home lab
  • some other things not for open consumption

Real-Time Rogue Wireless Access Point Detection with the Raspberry Pi

So I mentioned this previously as a teaser, but I had an article posted in the Linux Journal. It was based off my independent study at Eastern Michigan University.

It was in the December issue of the Linux Journal. Now it’s posted on their website.

This is related to the talk I am submitting for conferences this year. It has already be accepted to one conference. The talk has a little more information built in to it. For example the experience I had in an environment with heavy wifi coverage compared to home and Eastern Michigan University. A slight design modification. I don’t know yet if I’m going to rebuild using Raspberry Pi B+ or the new Raspberry Pi 2 model B.