Using Physical Security Keys with Slackware Linux

Most people are aware of the various computer data breach incidents and password dumps that have occurred over the last few years. You can even visit Have I Been Pwned (HIBP) to find out if your email address is included among over five billion compromised accounts. Think about that for a second, we have a … Read more Using Physical Security Keys with Slackware Linux

Using OpenSSL and pfSense to sign a Subordinate Windows Enterprise Certificate Authority

Disclaimer: A Root CA trusted by Active Directory should not be trivialized. Make sure you know what you are doing when working with PKI. Take the time to study the technology before implementing it in production environments. There hasn’t been any extensive testing of this setup, so your mileage may vary. I have a pfSense Security Gateway … Read more Using OpenSSL and pfSense to sign a Subordinate Windows Enterprise Certificate Authority

Handcrafting Linux Shellcode

Crafting your own shellcode requires getting muddy with low level programming. One does not simply write machine code from memory. This blog post is my attempt at providing a template and tutorial of the shellcode creation process for a 32-bit Linux machine. The first step we will take is to write the task we want … Read more Handcrafting Linux Shellcode

Mounting NFS Shares in Windows Using Identity Mapping

Before we begin let us enable Services for NFS and both Sub Features. The typical way you will see an NFS share mounted in Windows involves mounting the remote file system using the anonymous (anon) user:

This will give you read only access based on the configured permissions of the NFS Share. Note:  The … Read more Mounting NFS Shares in Windows Using Identity Mapping

Tracking SSH Brute-force Logins with Splunk

If you manage servers with OpenSSH access, you have no doubt been subject to the barrage of ssh brute-force attempts that occurs across the internet. Some administrators deal with this by either changing the default port (security by obscurity), utilizing public keys, threshold blocking, or white-listing source IP addresses among other things. AWS has security … Read more Tracking SSH Brute-force Logins with Splunk

Raspberry Pi Centralized Log Server

Setting up a Pi to be a centralized log store is amazingly simple. If you are using Raspbian it comes with rsyslog installed by default, so all that’s left is to setup the config and tailor log rotation. First you should create a directory under /var/log for all the remote logs.

Then edit the configuration for … Read more Raspberry Pi Centralized Log Server

ELF Binary Disassembly

Let us take a tour through a disassembly dump of an ELF binary and see if we can reverse engineer it. The following output is a result of:

The reader is assumed to be familiar with the above output. I have removed the memory addresses so each line can fit on a 80 … Read more ELF Binary Disassembly

IBM M1015 9220-8i cross-flashed to LSI 9211-8i IT mode

Flashing a raid card to a different firmware takes about five minutes, however if you have never done it before, the research process can be an order of magnitude higher. I spent about a day parsing all the blogs, forum posts, and subreddits that discuss flashing the LSI9211 HBA firmware to IT mode on compatible … Read more IBM M1015 9220-8i cross-flashed to LSI 9211-8i IT mode

Scams in the Crypto Coin Space

If you are involved with crypto currency you are bound to be exposed to a scam or two at some point, much like the Nigerian scams that prey on fiat money. I was looking at my twitter feed and noticed the Binance weekly report. The interesting thing I noticed in the reply section was an apparent … Read more Scams in the Crypto Coin Space

Running an Authoritative DNS Server

I have been running my own Domain Name Server for several years. Some people argue the merits of doing such a thing when you can just put it in the “cloud”, but I enjoy managing DNS with all the flexibility and  enrichment it brings. I run Bind version 9 in a FreeBSD Jail and it … Read more Running an Authoritative DNS Server