Author Archives: Chris J

Chris J

About Chris J

Chris J studies physical and information security. He started the Ann Arbor Chapter of TOOOL, attended Eastern Michigan University got a degree in Applied Information Assurance. Work involves Threat Intelligence.

Rebuilding my Chromebook’s Linux Envionment

My regular travel laptop is a 15-inch Lenovo running Gnu/Linux. A couple of years ago, I decided to get something a little smaller, lighter, and cheaper. I didn’t want to take the 15-inch laptop if I didn’t need to. I use it mostly for conference presenting and running VMs. Replacing it would be a pain.

I ended up getting an Acer Chromebook 11, the C740 model, for vacation and easier travel. I liked that model because you could replace the original storage with something larger by swapping out the SSD. I also like dit because I could install Debian to it with Crouton.

I set up the device up to Debian Buster and the xfce4-desktop. Other than not using the device enough to remember all commands to launch the chroot Linux environment, it worked well. To help remember how to launch Linux, I have the following saved

to a text file on the device.

Since it had been a bit since I used the Chromebook, I thought I would upgrade it. Heck, it was going to get an update from Google anyway. The upgrade started ok but went off the rails.

Continue reading

Intelligence – Garbage In, Gospel Out

I don’t remember which podcast or who said it, but “Garbage In Gospel Out” is so true. Especially when talking about Cyber Threat Intelligence. I talked a little about this before, both in conference talks and in Validate Data Before Sharing.

But here it is, three years later, and the problem remains. I’m willing to say it is getting worse. We’re not running full life cycles, either Intelligence or Incident Response. We get to the collection phase and call it done. NixIntel has a good post on that at their blog.

Continue reading

Current Python Working Environment.

Over the last nine to ten months, I’ve changed how I’ve been using Python, again.

Working environment:

I work in either Debian or Xubuntu Linux, or Windows Subsystem Linux (WSL) Debian. I prefer Debian on bare metal hardware. The VMs I use at work are usually Xubuntu (faster, easier setup). Work’s laptop has Windows 10 Enterprise on it, which is where WSL comes in.

Continue reading

Building an OSINT box based on Open Source Intelligence Techniques 7th edition.

This is a six-part series covering my experience modifying the instructions to build an Investigation VM from Open Source Intelligence Techniques by Michael Bazzell.

I made the VM to follow along with his online course that I bought last year but haven’t had time to work through. The course was originally built for the Buscador OS, but that distribution is no more.

Part 1: The Install
Installing Xubuntu as a VM

Part 2: Personalization
Configuring the VM to remove applications that leak data, and remove annoyances

Part 3: Configuring Firefox
Setting up Firefox for doing OSINT Investigations

Part 4: Configuring Chrome
Configuring Chrome for OSINT Investigations

Part 5: Setting up Linux Applications
Installing other applications to aid in capturing the information needed for OSINT investigations

Part 6: Finishing Setup
Final setups, and closing thoughts.

Building an OSINT box based on Open Source Intelligence Techniques 7th edition. Part 5, Setting up Linux Applications.

Welcome back. Sorry about the delay, but I wanted to get the post about fixing the NAS posted before I continued. This post has also been sitting waiting for editing for a bit. Picking up where we left off, I’m going to discuss the changes between Michael Bazzell’s book, and my experiences of setting up the system using Xubuntu.

Continue reading

Raspi-NAS rebuild and data recovery

Shortly after rebuilding my Raspberry NAS last year, it stopped working again. The system wouldn’t boot right, even after changing the micro-SD card with a new build of Raspbian. A few weeks ago, I bought a new Pi 3 b and rebuilt the NAS again. When the system powered on, one of the USB drives wasn’t working. It looked like the file system was corrupt. During attempts to recover the USB drive, it stopped being readable. Both my Windows and Linux computers could see the USB drive, but not the file system, or the data. I re-formatted the disc drive, and it started working fine, it just had no data on it.

Continue reading

Building an OSINT box based on Open Source Intelligence Techniques 7th edition. Part 4, Configuring Chrome.

Sorry, this was a little late, I spent the last few weeks rebuilding my Raspberry Pi NAS, again. I’ll be doing a write up on that in the near future.

This post is the fourth part of the series building my OSINT VM to do Open Source Intelligence. These are my experiences using a different Xubuntu for my base, compared to Michael Bazzell’s walkthrough in his book, which used Ubuntu.

There are two sections to this posting. Chrome, and TOR. Though I didn’t do much with TOR.

Continue reading

Building an OSINT box based on Open Source Intelligence Techniques 7th edition. Part 3, Configuring Firefox.

Welcome back to my series of setting up Virtual Machined to do OSINT. I’m setting up an OSINT investigation system based on Michael Bazzell’s 7th Edition OSINT book, but I’m using Xubuntu instead of Ubuntu. Remember, this series is about the differences I found between the walkthrough in the book and setting up my environment on a different Distribution.

Continue reading