October 12, 2014

Full Network "Anonymous" VPN w/Ubiquiti EdgeMax Router

I use an Ubiquiti EdgeMax Router at the demarkation point in my home network for a variety of reasons, one of which is the capability to maintain a Full Network “Anonymous” VPN w/Ubiquiti EdgeMax Router. I’ve been using IPVanish for a few years on selected systems to ensure a decent level of anonymity while performing research on various information security topics. The only complaint I’ve ever had was the fact that when my VPN connection drops on a system everything keeps trucking along on my public IP address, thus losing any protection afforded by the VPN service. I’ve been meaning to take on […]
September 10, 2014

Dionaea Honeypot Obfuscation

After installing a honeypot, ensuring that it does not blatantly look like a honeypot is critical. Luckily, dionaea honeypot obfuscation is relatively simple. We’ll base this off Nmap results, which is the gold standard in enumeration.  Here’s the initial scan results: [email protected]:/usr/share/nmap# nmap -sV Starting Nmap 6.46 ( http://nmap.org ) at 2014-09-10 09:27 EDT Nmap scan report for abc.example.com ( Host is up (0.0083s latency). Not shown: 989 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp Dionaea honeypot ftpd 22/tcp open ssh (protocol 2.0) 42/tcp open tcpwrapped 80/tcp open http 135/tcp open msrpc? 443/tcp open ssl/https 445/tcp open microsoft-ds? 1433/tcp open ms-sql-s […]
September 9, 2014

Install Dionaea on Ubuntu 14.04

  Today I spent several hours attempting to install Dionaea on Ubuntu 14.04. I attempted to compile and install per the instructions on the website, but without any luck. Based on the success I had on the last project, I thought perhaps someone had already written a quick bash script to take the complexity out of this. I was able to find a few scripts, but none that worked out-of-the-box on 14.04. It seems as though no one has looked at this since 2012 since all the blogs, guides and scripts are written based on Ubuntu 11.10 or 12.04. Andy Smith’s […]
August 24, 2014

OwnCloud + OpenVPN + Duo Security

I love the cloud, but with the insane number of data breaches recently I decided to bring my data in-house. I’m not claiming that this setup is any more secure, however, it’s much less of an attractive target. I’m just one guy. From the attacker perspective the return on investment is significantly lower by taking the time to break into my system compared to that of Google, Facebook, or any of the other cloud data behemoths. My email is still in the cloud. I made the decision that email is too important to me to deal with spam filtering or […]