Portable virtual lab that fits in your pocket

by on Sep.19, 2020, under Code, Posts

USB 3.1 Flash Drive BAR Plus 256GB Titan Gray Memory & Storage - MUF-256BE4/AM | Samsung US

Storage continues to get cheaper and cheaper. Above is a picture of a SAMSUNG BAR Plus flash drive. I was able to find one used on eBay for about $30 which has 256GB storage capacity.

My goal was to have a portable Linux distro that’s persistent on a larger capacity flash drive which I can use to run virtual machines on and containers. While I’m not opposed to *BSD derivatives and even took some time to test out NomadBSD, I wanted to have an operating system that is more flexible and has more hardware support. I decided to go with Linux Mint XFCE. This means the flash drive can work in legacy bios systems and UEFI systems (provided secure boot is disabled).  To make the persistent Linux USB drive, I used this guide: https://www.howtogeek.com/howto/14912/create-a-persistent-bootable-ubuntu-usb-flash-drive/ .

A majority of computers for the past 20 years support virtualization. Granted, there are some rare systems that don’t support virtualization. (You can still install VirtualBox and have 32bit based guest operating systems.) My love and interest of type 1 hypervisors has lead me to experiment with hypervisors from different vendors. Linux KVM which has been around for 13 years, has become reliable and stable enough for production environments. To get Linux KVM up and running on my flash drive under Linux Mint, I simply used this tutorial: https://community.linuxmint.com/tutorial/view/1727. Then to get have a nice web based gui to work with Linux KVM, I installed cockpit ( https://www.hiroom2.com/2018/08/02/linuxmint-19-cockpit-en/ ) .

The next evolution of virtualization in my humble opinion, is virtual container based systems such as Docker. While dockers and container based systems may not always be ideal or meet true isolation security requirements, docker adoption and usage has skyrocketed. One of the most useful uses that I have for docker, is when I need a quick isolated environment for testing software that isn’t permanent. Need to brush up on MariaDB programming? Awesome, spin up a docker. Have a package you need to use that installs libraries that breaks other things or even your package manager? Docker to the rescue. There are some CUI/GUI based tools that help you with docker as well if you’re not a big fan of typing commands. (Check out dockly and https://www.portainer.io/ . Cockpit can be used for managing dockers as well.)

To install docker on my persistent flash drive, was no problem (see this guide: https://linuxhint.com/install_docker_linux_mint/). However, to get it up and running was a bit more of a pain on a persistent Linux Mint flash drive.  You can’t use the default storage driver, overlay2, you have to use the VFS storage driver (see https://docs.docker.com/storage/storagedriver/vfs-driver/ ). Once you have done this, you can test docker by simply doing: docker run hello-world.

I also wanted to have secure remote access to the system running my persistent flash drive. I stumbled upon Tailscale and fell in love. Once you have tailscale up and running, you’ll have a tailscale0 interface. You can now ssh into your persistent flash drive from other places on the internet as long as you have tailscale configured on the client system. Tailscale can traverse NAT!

This persistent flash drive that I have is not without its issues. I have not been able to upgrade the kernel or upgrade to a new version of Linux Mint. Additionally, the mint user password does not persist after reboot (though the root password persists). To access ssh on my flash drive I had to enable root login for ssh, which I know is not ideal or very secure. Caveats aside, this has been a fun learning experience that I would recommend to any other computer enthusiast.

 

Leave a Comment :, , , , , , , , , , , , , , , , more...

Pentesting with Evil WinRM – Practical Exploitation [mubix]

by on Jun.01, 2020, under Videos

Leave a Comment :, , , , , more...

command-not-found.com script

by on Apr.30, 2020, under Code, Posts

I’m a big fan of command-not-found.com and decided to write a simple script that can be used from the command line:

command:

cnf whois 

results:

Command-not-found.com results:
Install

All systems
curl cmd.cat/whois.sh

Debian
apt-get install whois

Ubuntu
apt-get install whois

[alpine.png] Alpine
apk add whois

Arch Linux
pacman -S whois

image/svg+xml Kali Linux
apt-get install whois

CentOS
yum install whois

Fedora
dnf install whois

OS X
brew install whois

Raspbian
apt-get install whois

Docker
docker run cmd.cat/whois whois powered by [8]Commando

The script is available here:

http://zitstif.com/cnf.txt

It’s a quick and dirty script but it gets the job done.

Leave a Comment :, , , , , , more...

Useful post regarding Office 365 security hardening

by on Feb.27, 2020, under Posts

It’s 2020. We are now progressing more and more toward the cloud and will have to take into consideration security concerns that relate to the cloud. 2 large players in the cloud for productivity suites include Google and Microsoft.

Since Microsoft still dominates the market when it comes to workstation operating systems and office suites, Office 365 is being adopted pretty quickly. I really recommend that you to take a look at this post if you currently have Office 365:

Introducing the Microsoft Office 365 Email Security Checklist

It has some good pointers that will help you lock your Office 365 tenant down. Of course there is Microsoft Secure Score, but it seems as if it’s in its infancy. It is buggy and not reliable. This is not to say it won’t help you harden your tenant, but I wouldn’t let it necessarily be the golden rule.

One must also keep in mind that to make Office 365 ‘more secure’ according to Microsoft, you need to essentially pay for it. Standard subscriptions won’t get you certain features. ( Please see: https://products.office.com/en-us/exchange/advance-threat-protection#office-ProductsCompare-785zwzq )

#Update 3/3/20:

Infragard presentation on Office 365 Security:

https://drive.google.com/open?id=1_n9RocH3-J0cwfj4l3RyzFCC-Qfd1g4Q

12C2049B0AB7E7F2134A2ECD3D37F402  – MD5

9664CBF3C74B27770E962E8BB96C7A8816BBAFDE – SHA-1

(VirusTotal: https://www.virustotal.com/gui/file/5509d67471b8d66cdfb90e147d8a31f5df8362f0a32d47f95fca0cab51e40376/detection )

#Update 3/6/20:

Pictures of Office 365 Secure Score Suggestions (one could extrapolate some of these suggestions and apply to other cloud services):

https://drive.google.com/open?id=1R1UVKtf9d8jwbrfC0IKgjOZIcTZt_Shy

550FB7C99E35AF8F7DB1DAD168410012 – MD5

56A43F1DCE1B9BC16AD1AD853CD3918E23AE60BD – SHA-1
(VirusTotal: https://www.virustotal.com/gui/file/9bd4515270eaf0941ff037368fd1badd38b9dd1dde4dbb925bf00256f5f372b1/detection )
Leave a Comment :, , , , , , , , , , , , , more...

Deepfake Technology

by on Jan.27, 2020, under Videos

Deepfake technology can be used for malicious purposes. One notable example is when malicious actors used deepfake voice technology to swindle a CEO out of $243,000.

Leave a Comment :, , , , , , , more...

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!