Tim's Blog | Tim's Personal Blog

Hard Rights

By timadmin in Philosophical August 23, 2017 0 Comment

Recently I’ve been amazed at the people who want to do things differently because it is easier. At a recent campout a leader of our Boy Scout troop came to me and said “we’ve talked it over and had a great idea. We should go home this evening and not stay the night.” It was a hot day, and we had to make a conscious effort to be cheerful and have fun. The comment struck me as a way to make our lives easier. Following this logic, it would be easier not to go camping at all, but we went camping to accomplish something; not going means that something will never be realized. As I told the scouts at our next troop meeting, part of scouting is to learn to take anything that nature can throw at you so that you build the confidence to take anything that life throws at you.

On my drive in this morning I heard a report on NPR discussing why President Trump likes to appoint veteran generals to his staff. During the story Robert McDonald said the following about the West Point Cadet Prayer, which pretty well sums it up:

“Those words are, ‘Help me to choose the harder right rather than the easier wrong.’ And it’s remarkable, but in business as in life, the easier thing is usually the wrong thing to do,”

http://www.npr.org/2017/08/23/545289536/why-donald-trump-likes-to-surround-himself-with-generals

DSL and VMWare

By timadmin in Administrative June 20, 2017 0 Comment

Today I’ve been struggling to remember how I once built a DSL guest in VMWare Fusion / ESXi. DSL is a darn small Linux distribution that can run in 100 MB of storage. Here are the tricks that I’ve relearned in order to make this work.

DSL v 4.4.10 requires VMWare hardware version 7. Higher versions somewhat work, with the primary symptom being no mouse support.
To access root functions, enter a terminal session and then run sudo su. There is no password, simply the command.
The virtual hard disk drive must be IDE (not SCSI). DSL doesn’t seem to have other drivers.
Having booted from the ISO on CDROM, you must prepare the virtual hard drive using cfdisk /dev/hda. Begin with a zero table, and partition as follows:
- Select New
- Select Primary
- Accept the available space, unless there is reason not to.
- Highlight Bootable
- Highlight Type, then choose 83 (Linux)
- Choose Write, then follow the prompts.
- Quit, then reboot.
Boot from the ISO; launch a terminal window and execute dsl-hdinstall
- Use the target partition hda1
- Do NOT support multi-user logins or the journalized file system
You may want to reboot one more time without the ISO available to verify that all is well.
If you want to make the swap space on a second partition, follow these steps:
- Using cfdisk /dev/hda create the partition, same as above only type 82
- swapoff -a
- mkswap /dev/hda2
- swapon /dev/hda2

Firewalling with PF

By timadmin in Uncategorized February 23, 2017 0 Comment

Lately I’ve been setting up a couple of firewalls on Linux hosts using PF, and find myself looking up the same things over and over. So here is a post with a couple of resources and the commands I need to remember.

First, the simple PF documentation from within the FreeBSD documentation:

https://www.freebsd.org/doc/handbook/firewalls-pf.html

Second, a really interesting looking manuscript that is more of a tutorial, and dedicated to the PF project:

https://home.nuug.no/~peter/pf/

Lastly, the commands for restarting PF or causing it to reload the rules set due to my changes:

pfctl -F all -f /etc/pf.conf Flush all NAT, filter, state, and table rules and reload

pfctl -s [ rules | nat | states ] Report on the filter rules, NAT rules, or state table.

pfctl -vnf /etc/pf.conf Check /etc/pf.conf for errors, but do not load ruleset.

SysLog

By timadmin in Uncategorized December 21, 2016 0 Comment

Today I stumbled on a series of articles detailing the use of the rsyslog daemon. It looks applicable to many Unix / Linux systems, so here I copy the links:

https://www.linux.com/learn/remote-logging-syslog-part-1-basics

https://www.linux.com/learn/sysadmin/remote-logging-syslog-part-2-main-config-file

https://www.linux.com/learn/sysadmin/remote-logging-syslog-part-3-logfile-rules

https://www.linux.com/learn/sysadmin/remote-logging-syslog-part-4-log-rotation

All 4 articles were written by Chris Binnie at Linux.com in November and December of 2016.

Network Security Monitoring – Reading List

By timadmin in Security Monitoring November 2, 2016 0 Comment

I’ve restarted my read of The Practice of Network Security Monitoring by Richard Bejtlich and immediately found that I need to list references to read in the future. Here’s the first installment:

Hacking Exposed: Network Security Secrets & Solutions, Fourth Edition. Stuart McClure, Joel Scambray, & George Kurtz
Blue Team Handbook: Incident Response Edition: A condensed field guide for the incident responder. Gary Murdock