Back in December, it really doesn’t feel that long ago, I talked about how I was prepping for a project.
The end goal is to brush up on Network Security Monitoring (NSM) and use it to better monitor my home network. I occasionally check the logs but think I would be more active if I had a centralized tool to help. Right now, I have a log of blocked domain alerts in my PFSense Firewall’s PFBlocker-NG reports screen. Most of the entries are tracking related that the Pi-Hole isn’t blocking and is getting to the second block list on the firewall.
Note: I say my home network, not my home lab. As I said in the past, I no longer maintain a home lab due to cost and space. I have parts of my network isolated, but I wouldn’t call that a lab.
This is a six-part series covering my experience modifying the instructions to build an Investigation VM from Open Source Intelligence Techniques by Michael Bazzell.
I made the VM to follow along with his online course that I bought last year but haven’t had time to work through. The course was originally built for the Buscador OS, but that distribution is no more.
Part 1: The Install
Installing Xubuntu as a VM
Part 2: Personalization
Configuring the VM to remove applications that leak data, and remove annoyances
Part 3: Configuring Firefox
Setting up Firefox for doing OSINT Investigations
Part 4: Configuring Chrome
Configuring Chrome for OSINT Investigations
Part 5: Setting up Linux Applications
Installing other applications to aid in capturing the information needed for OSINT investigations
Part 6: Finishing Setup
Final setups, and closing thoughts.
Welcome back, this will be the last post in the build process for the Xubuntu OSINT system. After I finish this post, I’m going back to Michael Bazzell’s video training courses, which is why I built the VM to begin with.
Welcome back. Sorry about the delay, but I wanted to get the post about fixing the NAS posted before I continued. This post has also been sitting waiting for editing for a bit. Picking up where we left off, I’m going to discuss the changes between Michael Bazzell’s book, and my experiences of setting up the system using Xubuntu.
Sorry, this was a little late, I spent the last few weeks rebuilding my Raspberry Pi NAS, again. I’ll be doing a write up on that in the near future.
This post is the fourth part of the series building my OSINT VM to do Open Source Intelligence. These are my experiences using a different Xubuntu for my base, compared to Michael Bazzell’s walkthrough in his book, which used Ubuntu.
There are two sections to this posting. Chrome, and TOR. Though I didn’t do much with TOR.
Welcome back to my series of setting up Virtual Machined to do OSINT. I’m setting up an OSINT investigation system based on Michael Bazzell’s 7th Edition OSINT book, but I’m using Xubuntu instead of Ubuntu. Remember, this series is about the differences I found between the walkthrough in the book and setting up my environment on a different Distribution.
In this post, I’ll be talking about the personalization steps covering the differences between Michaels’s text and the steps to do the same in Xubuntu. As I stated in the last post, I’m building a new OSINT Investigations VM based on Michael Bazzel’s book. In the previous post, I covered the differences between his book and my choice of using Xubuntu instead of Ubuntu.
In the latest edition of his book, Michael Bazzell has decided to teach OSINT investigators to be self-sufficient when it comes to their tools. Gone is his OSINT powerhouse VM Buscador. Gone are the free tools he used to host. Instead, because things change and disappear, he has decided to teach people to build their own tools.
He uses Ubuntu as the base for the Virtual Machine in the walkthroughs. I didn’t care for Ubuntu, mainly because I’m not too fond of the default desktops. Honestly, I prefer running Debian with XFCE. But for quick installations, I go with Xubuntu. I say quick installs because it usually works out of the box, whereas Debian usually takes me days of tweaking to get it right.
In the past, before his old investigation image, and it’s replacement Buscador, I would build my own VMs based on either Debian or Xubuntu, and replicate the things he had done in his builds. This time around, I decided to build my own Xubuntu image, following his guide for the tools.
Here are the things I had to change to get Xubuntu based system set up.
As I said in a previous blog post, I’m kicking myself for not having spent more learning about Emcomm, and have gotten some books to help me learn. Again I’m starting small and simple, at the personal level and moving up to larger.
The second book I read, was also by Andrew Baze. This one is called The Road Home. This is a teen / young adult novel on the basics of prepping, with a heavy focus on Ham Radio. While I agreed with some of the stuff covered, I didn’t agree with all of the ways the characters were portrayed.
After Hurricane Maria hit Puerto Rico, and the U.S. Virgin Islands, the ARRL asked for volunteers. They were relaying the request from the American Red Cross. I wanted to volunteer, but I lacked all the requirements. I never used WinLink and I haven’t done much HF work. In fact the only HF work I’ve done was at Field Day 2 years ago. Though I am familiar with the National Traffic System and have even successfully sent traffic to the West coast, and got a response back through NTS. But my experience wasn’t good enough, so I thought I’d fix that.
TL;DR: Read Personal Emergency Communications (links below the fold), by Andrew Baze. It was good book.
Pros: It was well thought out, and taught me a few things I didn’t previously know. It also gave me some ideas of where to fix my own emergency planning, outside of communications and introduced me to things I didn’t have in the last power outage I went through.
Cons: It is a little dated, and I would really like to see an update to some sections. Such as eXRS and scanners.
The information is still great. It gets someone thinking about comms and how they matter. A lot of what is discussed here, could easily be carried over in to non-emergency situations and improve company communications during cyber incidents. Especially focusing the items in the first section of the book, such as knowing who to call, and having a calling clock as to when to call them.
Read below for a more in-depth review