I’ve mentioned Justin Seitz’s Automating OSINT before, talking about the Python course. I recently signed up for the Master Course. I only had the money for it due to work reimbursing for me for UMUC CSEC620, and I decided to use a little of that money for self study, not just the next CSEC course.
Work recently sent me to SANS Forensics 578, Cyber Threat Intelligence. This was my first SANS class ever, and it was pretty good. The instance of the class I was sent to was presented by Jake Williams and Rebekah Brown. I think having both of them teach the class was great, because it gave more from the trenches view than having just one of them as an instructor.
For those that don’t know, I’m working on my degree at the University of Maryland University College (UMUC). I just completed the second course in the Masters program I’m in. I just finished CSEC 620 “Human Aspects in Cybersecutiy: Ethics, Legal Issues, and Psychology”
A few months ago, a friend and co-worker asked if I had seen Automating OSINT. I hadn’t, so I went and checked it out and end up signed up for the free webinar. Turns out I had just missed the previous one by a few hours. And had some time to wait before the next one.
I’ve been wanting to expand beyond just bash scripting for most of my career. I tried learning Perl, and then I tried Python. The Google Python class, the MIT Python Class, Learn Python the Hardware, Think Python, Automate the Boring stuff with Python, and buying Python courses from Boing Boing. Problem is I never finished any of them. I think because I lose interest, and have other things to do.
I bought Mass Killers: How you can identify workplace, school, or public killers before they strike (Amazon affiliate link) in December of 2013. I think started to read it, and lost interest / had other things come up. I recently picked this book up to read not that long ago, and went through it. Mike Roche, did a good job of breaking the book up in to parts. He uses his history in Law Enforcement to cover Mass Shootings, the signs, and how HR / Senior Leadership should handle the events leading up to a shooting.
Just so people have an idea of what the class is going to cover:
1. Basic theory of electromagnetic radiation known as radio waves
2. Install SDR# software and configure Dongle on Windows to monitor broadcasts (FM radio, Ham Radio, Other bands).
3. ADBS (Track airplanes, basically how FlightAware does it, with remote sensors people run)
4. Frequency counting (finding what Freqs are popular in an area to do more of item 2).
5. Radio Directional Finding, using RTL-SDR dongles on a Raspberry Pi with a touchscreen and gui software.
5a. (for licensed HAMS) how to turn the Raspberry Pi in to a broadcasting radio
Remember I said you only need 1 of these. These are how they came from Amazon (where I got them all), see last post for links.
RTL-SDR.com: Again I like this because it’s a metal case and came with 2 antenna.
The NooElec in the aluminum case. This is a bare USB stick put in to the block. The picture on Amazon is blue, but what I got was black with silver lettering (I like that look).
The Blue NooElec, like the one in the block case, it comes with a telescoping antenna.
Lastly the NooElec cheap option, with the stick antenna, that doesn’t collapse.
I’ll be teaching an Introductory class at Circle City Con this year, on Software Defined Radio.
Introduction to Software Defined Radio with the RTL-SDR on Windows and the Raspberry Pi 2
4-hour introduction to Software Defined Radio, using the RTL2832U chipset, covering both Microsoft Windows and the Raspberry Pi. We will be going over how to track airplanes, scan radio frequencies to find people talking, and covering a little radio theory. Covering RTL-SDR due to the cost of equipment. A list can be provided to students prior to the course.
Here is the part list you’ll need if you’re taking the class (Note the links got to RTL-SDR.com, Amazon, or Ada Fruit, and I am not associated with either of them). If you can get parts elsewhere that is fine :
All the RTL-SDR dong’es with antennas I’ve gotten so far have had magnetic mounts, and you need a ground plane for them to work right.
—- TL/DR —-
If you want to connect a raspberry pi to a hidden access point your wpa_supplicant.conf needs to have the following in the network statement.
|
1 2 3 4 5 |
network{ ssid="YOUR NETWORK NAME" psk="YOUR ASCII KEY HERE" ssid_scan=1 } |
Don’t put a ” or a ) in your ASCII PSK it causes problems. I couldn’t get it to work with the hex psk using wpa_passphrase but I broke the rules of troubleshooting making multiple changes at a time instead of one and resetting it.
—– End TL/DR —-
I got a new phone. Nexus 5x. But this isn’t what this post is about. My SO got a new phone last August. It was an unplanned by after the last one went for a porta-john swim. Again. not what this is about.
A co-worker suggested setting up a NAS to back up the pictures to. Being a poor college student, yes still grad school isn’t cheap, that really isn’t an option. Then he said well if it’s just the phones, why not use one of your Raspberry Pis?
The problem is getting the wpa_suplicant.conf file talking. It has taken me 2 days. Mainly because I don’t mess with that file much.
it hated my passphrase because of the ” and the ) in the middle example:
|
1 |
abc"12)3 |
I tried wpa_passphrase with the file, but it didn’t like that either. (although I kind of want to go back and test it again, in case I missed something.
Which I couldn’t find out until after I set the AP to broadcast. So after more digging I found that
scan_ssid=1 has to be in the config.
Sigh. This is taking way longer than need be, and I’d just wire it, but it’s going to not be near the cables, because of power.
So recently while trouble shooting that mail log in problem from my phone, I started going through the web interface on my pfSense box. While in the LAN interface, and it being 4am, I was like why is block RFC1918 for the Wan (which is on every interface tab), and block Bogons, not checked.
So I did what anyone half sleep deprived would do, I checked the boxes and hit apply. Then I couldn’t get back in to the silly thing. Console wouldn’t work. I just got a blank screen, rebooting while consoled in would go through the post and loading of BSD but after pfSense started, I didn’t get a menu.
Hey I know, I’m a Nix person, I’ll boot from the live image, go in to recovery find and turn off that setting, sync to the hard drive and reboot.