Author Archives: Chris J

About Chris J

Chris J studies physical and information security. He started the Ann Arbor Chapter of TOOOL, attended Eastern Michigan University got a degree in Applied Information Assurance. Work involves Threat Intelligence.

Book Review: Personal Digital Securty

Leave a reply

I read Personal Digital Security: Protecting Yourself From Online Crime (Amazon affiliate link) by Michael Bazzell. I think this book is a good place to start, if someone wants to learn more about computer security.  A seasoned practitioner of Information Security could use this book as a core component to create a great Security Awareness Training program for users.

Mr. Bazzell starts off as if the reader knows very little information on computer security. However by the end of the book, he’s very conversational in tone, and is suggesting the reader shares what he learned.

The book has a building block approach. Not all readers will need to go chapter by chapter. But starting with Chapters 1 and 2, Mr. Bazzell starts a great foundation for the things in the rest of the book. The book starts with protecting your computer, and then your passwords. From there he goes on to show how to protect your online accounts, your data, and your credit cards, your debit and your banking information. Next is about protecting your telephones, cellular and work. Chapters 8 and 9 go in to always connected devices and wireless networking. Chapter 10 talks about how parents can protect their children online.

If your bank accounts  or credit card has been compromised and you want a deeper understanding read this book. If you want to create a Security Awareness Program, start with this book. If you want to get in to Computer Security, this book covers the basics you should already know by the time you walk in to a class room or entry level job.

* Update 2024-10-01: changed to Amazon Affiliate Link, which I earn a commission from qualifying purchases.

 

Unofficial training at Circle City Con

Leave a reply

I’ll be presenting at Circle City Con this year, on Wireless Intrusion Detection with the Raspberry Pi. I’ve done  some test runs of the talk, and have ended with people wanting to contact me later if they have questions. Mainly if they get stuck. Also one of the comments from the reviewers when I submitted my talk was this would be better as a training class.

After talking to one of the organizers, here is how this is going to work. Currently I’m scheduled to talk on Saturday. After my talk, through the end of the Conference I can be available (as long as I’m not in a training sessions) to use some of the the common / lobby area to work with people wanting to set up the wireless drones, what kismet calls sensors.

Continue reading

home lab – more pfsense work

Leave a reply

Finally got time to pick up from where I left off last time. I’ve had a hard time getting to do lab work. Anyway. I connected my pfSense box to my AT&T U-verse Router Gateway, something I’ve been worried about, and it worked. I was worried because in the past, it would shut down the RG saying there was a network behind network, turn on DMZ Plus mode, and everything would be broken.

Continue reading

home lab – firewall installing pfSesne

Leave a reply

There are lots of good howtos out there to get the system installed. I followed this one, since it was for the same hardware: Build an awesome APU based pfSense Router.

Issues were with the installer software. It took a few tries to figure out I needed to run it as admin, mostly because the screens are all in German (I think). I tried other software (the one I use for the Raspberry Pi stuff) didn’t work.

Booted off the console, used the installer (after I got the right image, can’t use the iso image), and installed it. Next up, getting it on a network to use the Web interface to configure the box. Or use SSH. Maybe just plug in the laptop and see what happens. That’s half the fun anyway, or so I think.

Home Lab – Firewall PC Engine APU1D4 DYI Build

Leave a reply

Got the first firewall for the lab. It is a PC Engine APU1D4 D.Y.I Kit from Netgate. This hardware has been going out of stock constantly. I got the 30 gig flash drive from Amazon, for less. I should have taken pictures as I was building it, but was just excited to be building it.

The good:

  • easy open packaging
  • other than the heat spreader it went together really quickly
  • Online documentation available

The bad:

  • No Instructions in the box
  • The heat spreaders didn’t like to stay on the chips
  • the heat sink move pulling the spreader off with it while putting the bottom on. Didn’t cause problems, but had to stop and reline up the head spreader to the chips (stuck to heat sink).

Continue reading

Getting Real book review

Leave a reply

When I first started doing the book reviews it was because a professor asked me what books I think should be on every Information Security (Information Assurance) student’s bookshelf. One of the books on that original list was Rework by the guys at 37 signals Basecamp. On my bi-annual reading of the book, I noticed they made comment to a previous book called Getting Real (Amazon affiliate link). So I ran out and grabbed a copy of it.

It really felt like a draft version of Rework. It was ok. There were some great quotes in the book from people who have used the same frame of thought to make a new company or run a business.

There were parts of the book that countered what I remembered from Rework (remember I read this book every other year), the biggest being how to deal with the competition, and seeing what they do. It felt that the two books were at odds on how to deal with the competition.

I would only recommend this book for the quotes, but think that Rework is the stronger and better of the two books to read.

* Update 2024-10-01: changed to Amazon Affiliate Link, which I earn a commission from qualifying purchases.

Home Lab – Phase 1 – More annoyances

Leave a reply

I got a free LCD tv recently, 32 inches. I was hoping to use it as the monitor for the VMWare box for a bit. Until I could save the money to replace it with something nicer / actual monitors (dual display ports).

Problem is, ESXi is designed to be a type 1 hypervisor. I never knew that’s what bare-metal systems were called. I’ve worked with Citrix Xen in the past. It was nice, but I hated to do the work over the network.

Continue reading

Grad School

Leave a reply

Got my acceptance letter to University of Maryland University College this week. I start my Masters of Science degree in CyberSecurity this fall.

I was on the fence of CyberSecurity or Digital Forensics and Cyber Investigations master, but think CyberSecurity gives me more opportunity after graduation. The cool thing is, I can take 2 more classes on top of my degree and get the Digital Forensics and Cyber Investigation Master Certificate.

After I get those taken care of, I’ll go back one last time to get a MBA, which will be 3 more classes if I get accepted to the business school.

apt-get upgrade spamassassin error

Leave a reply

I’m sure I’ll forget about this again. Trying to upgrade spamassassin, I kept getting the following error. I fixed this a couple of months ago, but forgot what the

dpkg: error processing package spamassassin (–configure):
subprocess installed post-installation script returned error exit status 1
dpkg: dependency problems prevent configuration of sa-compile:
sa-compile depends on spamassassin (>= 3.3.2-8); however:
Package spamassassin is not configured yet.

dpkg: error processing package sa-compile (–configure):
dependency problems – leaving unconfigured
Errors were encountered while processing:
spamassassin
sa-compile
E: Sub-process /usr/bin/dpkg returned an error code (1)

The cause has to do with the hardening I’ve done on my linux box. If the entry in /etc/password is a service account, the shell gets set to /bin/false. To fix the errors above, I need to change it to /bin/bash, and then change it again after the upgrade.

However I’m sure I’ll forget about this again, and forget that I wrote a blog entry for it.