CompTia Cloud+: On to Chapter 8ish. Cleaning up some homelab wiring

Peronal and professional website right? I'm up to Chapter 8 in the Sybex book. Once I finish this up I will focus more on the videos. The material didn't line up very well. I got around to installing raised grid flooring in the lab area around my my son's desk. I tend to 'lab'/'geek out' whenever possible. It's best to make every moment a learning opportunity. I have one more UPS I want to add to be 'at peace'. I'm never (redunancy) satisfied though.

• -A. Buford
• June 27th 📚, 2021

CompTia Cloud+: On to Chapter 4. Slow down tiger.

Found myself wanting to finish more of the book and ended up at Chapter #4. Then, I decided to renew a month worth of IT Pro TV to finish up their Cloud+ video series for reinforcement. 'Configuration and Deployment'( 10episodes: 4h 12m ) is completed. Hopefuly I will be prepared enough to take the test by end of July. A lot of items are starting to be overlap material from the Security+ and Network+. I need to slow down a tad to allow my brain to really absorb the material and develop 'interal' questions. More study. Less posting.

Chapter #5 completed. Good amount of new material.


• -A. Buford
• June 25th 📚, 2021

CompTia Cloud+: @pg 103, 33%(ish) done

Completed Chapter #2. Did really well on the the written questions. Note: Storage Area Networks store data in blocks -vs- Cloud object-based storage, which tags with a META ID. Know the difference

• -A. Buford
• June 24th 📚, 2021

CompTia Cloud+: @pg 62

Just started on Chapter 2. Chapter 1 was a good way to get back into the swing of studying. I did not take the pretest assesment. Will do last.

• -A. Buford
• June 23rd 📚, 2021

Home network topology like whoa

I had the opportunity last weekend to revamp my network including wifi survey with adjustment. Unifi offers an amazing display when it comes to network visualization. It doesn't make sense for me to use an alt open source option at this open. I was able to correct a multiude of inefficiancies. I wish I took a screenshot of the topology prior to above. The most important change I made was to utilize the mangement meshing features. All wireless devices now show 96%+.

Sometimes before we go out and buy new hardware we need to make sure we are maximizing what we already have. In addition, just because something works doesn't mean it is being used correctly

• -A. Buford
• June 23rd, 2021

CompTia Cloud+: Here I come.

Decided to study for the CompTia Cloud+ certification with intention of completing within the month. I want the CompTIA Cloud Admin Professional && CompTIA Secure Cloud Professional titles under my belt.

10 chapters. 1 chapter per 2/days approx?

Progress to be posted as I go. Let me know if you want to study along.

• -A. Buford
• June 21st 📚, 2021

"Wegmans discloses a data breach, customers information was exposed on the Internet due to a misconfiguration issue."

https://securityaffairs.co/wordpress/119115/data-breach/wegmans-discloses-data-breach.html

And another one!

“We recently became aware that, due to a previously undiscovered configuration issue, two of our cloud databases, which are used for business purposes and are meant to be kept internal to Wegmans, were inadvertently left open to potential outside access. Certain customer information, outlined below, was contained in these databases.” reads a press release published by the company.

Takeaways
1. Hackers can't stop won't stop
2. Maybe these supermarket chains are the low hanging fruit
3. Documentation indicates passwords were 'hashed' but no mention of any 'salting' or randomization. 

The hashing part really got to me. Considering that any APT will eventually add new hashes to their rainbow tables it creates a 'matter of time' type situation when it comes to security. Most people re-use passwords. Yes there is some confusion regarding what the RockYou2021 password database is and isn't but i'd wager a super-sparkle-penny that 70% of ALL passwords are in there.

Update 6-22-21 : Passwords were salted AND NOT included in breach. I was told to shut my darn mouth and will.

• -A. Buford
• June 20th, 2021

"Report: CVS Health Exposed Search Records Online"

https://www.websiteplanet.com/blog/cvs-health-leak-report

Everybody BIG is mishandling customer data. I understand accidents happen but when you have a 1,148,327,940 record mishap... something needs to happen to you. Oversight? Required cyber monitoring?

On a positive note. CVS's response time to the incident was top notch. Kuddos to them.

On March 21st, 2021 the WebsitePlanet research team in cooperation with Security Researcher Jeremiah Fowler discovered a non-password protected database that contained over 1 billion records. Upon further research it was apparent that the data was connected to CVS Health. We immediately sent a responsible disclosure notice to CVS Health and public access was restricted the same day.

Takeaways
1. Nobody else will protect your data better than you can
2. The databreach atmosphere with regard to politics is still the same. No accountability. 
3. Only you can prevent forest fires

• -A. Buford
• June 17th, 2021

A little dev goes a long way

We spent a very small portion of the weekend with some devs working over the code for the website health monitor and security endpoint bot. Check this out. 4 people, from 4 different countries, working on one code project. The end result is more efficient and logical. I can't go ahead and release that proprietary, final product, information in a blog post... but if you check out our github you probably can piece one together yourself. We now have an awesome dashboard and have integrated the monitor with our discord server via a webhook. It is always a good idea to revamp code. It is even better to have a 'fresh' set of eyes take a look at it. Our clients now have instant notification system for any service issues and upgrade changes. I want a version 2.0 now.

• -A. Buford
• June 14th, 2021

"Google’s June security bulletin addresses 90+ bugs in Android and Pixel devices."

https://threatpost.com/android-critical-rce-bug/166723/

Threapost released another post regarding the Pixel. Back in 2020 they posted info on the Pixel that was just was interesting

Google patched more than 90 security vulnerabilities in its Android operating system impacting its Pixel devices and third-party Android handsets, including a critical remote code-execution bug that could allow an attacker to commandeer a targeted vulnerable mobile device. That bug (CVE-2021-0507) exists in the System component in the Android OS, and could enable a remote attacker using a specially crafted transmission to execute arbitrary code within the context of a privileged process, according to Google’s June security bulletin. It’s the most severe bug of those patched so far this June, the company said.

1. Android is one of the most widely used opperating systems and will always be targeted
2. Is it really more dangerous to carry cash vs money on a cell phone?
3. That Google Pixel is very nice.... but it has so many CVEs specifically associated with it.

When you get that little notification to Update or Postpone it is a GREAT idea to update.

• -A. Buford
• June 10th, 2021

"Microsoft June 2021 Patch Tuesday addresses 6 zero-days actively exploited "

https://securityaffairs.co/wordpress/118750/security/microsoft-june-2021-patch-tuesday.html

Eight of the flaws fixed by Microsoft were reported by the Zero Day Initiative (ZDI), other issues were reported by Google’s Threat Analysis Group, Google Project Zero, Check Point Research, FireEye, Kaspersky, and Nixu Cybersecurity. The six zero-day vulnerabilities actively exploited in the wild are:

CVE-2021-33742: Windows MSHTML Platform Remote Code Execution Vulnerability, CVSS 7.5

CVE-2021-33739: Microsoft DWM Core Library Elevation of Privilege Vulnerability, CVSS 8.4

CVE-2021-31199: Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability, CVSS 5.2

CVE-2021-31201: Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability, CVSS 5.2

CVE-2021-31955: Windows Kernel Information Disclosure Vulnerability, CVSS 5.5

CVE-2021-31956: Windows NTFS Elevation of Privilege Vulnerability, CVSS 7.8

1. Wow that is a lot of 0-days for a single patch Tuesday. 50 vulns in total
2. Google's Project Zero really does find a lot of vulns. I don't think that will ever change
3. Privilege esc is still the way to go for bug bounties

Stay updated and stay patched. If it isn't supported then it might not be worth the keep.

• -A. Buford
• June 9th, 2021

"Department of Justice Seizes $2.3 Million in Cryptocurrency Paid to the Ransomware Extortionists Darkside"

https://www.justice.gov/opa/pr/department-justice-seizes-23-million-cryptocurrency-paid-ransomware-extortionists-darkside

WASHINGTON - The Department of Justice today announced that it has seized 63.7 bitcoins currently valued at approximately $2.3 million. These funds allegedly represent the proceeds of a May 8, ransom payment to individuals in a group known as DarkSide, which had targeted Colonial Pipeline, resulting in critical infrastructure being taken out of operation. The seizure warrant was authorized earlier today by the Honorable Laurel Beeler, U.S. Magistrate Judge for the Northern District of California. “Following the money remains one of the most basic, yet powerful tools we have,” said Deputy Attorney General Lisa O. Monaco for the U.S. Department of Justice. “Ransom payments are the fuel that propels the digital extortion engine, and today’s announcement demonstrates that the United States will use all available tools to make these attacks more costly and less profitable for criminal enterprises. We will continue to target the entire ransomware ecosystem to disrupt and deter these attacks. Today’s announcements also demonstrate the value of early notification to law enforcement; we thank Colonial Pipeline for quickly notifying the FBI when they learned that they were targeted by DarkSide.”

Takeaways

1. Cryptocurrency is a matter of national security
2. The US gov is very deeply involved in the cryptocurrency darknet
3. Threat actors, such as Darkside, are going to restructure payment methods
4. Attacks against the national infrastructure will not be taken lightly

I am extremely proud of what our law enforcement agencies were able to accomplish. It really does send a powerful message to others thinking this attack-type would be their next pay day. Great job yall

• -A. Buford
• June 8th, 2021

Today : My 8yr old will learn to make a webpage, HTML

If I can manage that then he will have learned 2 years before I did. My limitation, as a 10yr old, was an 'economic' one. No PC to mess around with that wasn't the 'family' PC. When I turned 11-ish it was no different. I just reinstalled the whole Windows OS at night and put files back in folders before anybody would wake up (I still have those recovery CDs). Those were the good ol Windows Registry modification trial-and-error days.

I'm blessed to have computers available that he can go nuts with. Never throw away working tech.

• -A. Buford
• May 31st, 2021

Smarter criminals : The white-hat researcher within

Periodically I perform various security vulnerability analysis tests, for free, for family-close friends-etc. It hasn't really been until recently that I have noticed attempted vuln-chaining techniques used against non-enterprise hosts.

For example; there is a common consumer router out there, that is widely used, that WILL ALWAYS be vulnerable. LINKSYS has stated they will not patch (there are non-official updates). The LINKSYS router is vulnerable via a chain of higher level attacks. Attack attempts several of us have seen twice over the last year on client SOHO networks

The higher level attacks directed at low value targets is still under analysis

Reasons for possibility: a)High value targets increase of security b)Increased distribution of higher level vulnerabilities c) smarter average cyber criminal d) covid timing.

Who knows. My guess is as good as anyone else's.

TDLR; Low hanging fruit is still GREAT fruit to those who are hungry. Stay updated and patched

• -A. Buford
• May 22th 💪, 2021

What is research? A gallery story

I needed to come up with a smart way to get high resolution photos online into a gallery with minimal effort. Requirements;

                                    	1. Self hosted
                                    	2. Retains EXIF data
                                    	3. Automatic/periodic sync w/o manual effort
                                    	4. Nice layout of images
                                    	4. Compatable with most browsers
                                	

I started by doing what every sane IT professional does and checked github to see if there was anything aleady created. There was a ton. None that fit my application specifically though. May of those projects, with good reason, had a lot of security baked in which resulted in many lines of code I didn't want to vet. It really does take a fine comb. The reason security was incorporated in approximately 90% of them was because of the ability to 'upload' by web users. That can obviously be a huge security dilema. Just imagine a threat actor hosting images, with embedded data, on a website that (unknowingly) doubles as a Ransomeware C&C server. That would be a bad time for any host. However, for our scenario, local users will be the only persons needing to add photos to our galleries. Right? I decided to narrow the scope to something more simple and came up with a PHP based idea.

Once I got the functionality and layout down on a whiteboard I went online for PHP code syntax help. This is 3 hours down the rabbit hole later. While doing so I realized (YET AGAIN!!!!) this was no new idea and that W.S. Toh created something over at Code-boxx that solved the problem.... a few months ago. I simply place my images, from any device on the LAN, into a shared network folder. Every XX minutes, via a cronjob, the folder is synced to a dev env (Example from similar deprecated script rsync -avzhe ssh /mnt/91337b30-484d-472b-90ec-c193e34b8893/public_nas/farm/2g.dsm.ecu.removal/xxxx.buf0rd.com.syncd.gallery/ user@XXX.buf0rd.com:XXXXXXXXXXX). In the dev env is a cronjob to sync with the cloud provider (after running various checks).

TDLR; Researching any topic can end up taking up a ton of time. That is why most organizations hire externally. They simply do not have the bandwidth to teach internal employees the skillsets needed to allow an internal empoyee to research, design, and implement a new 'technology'.



Also, the website has new image 'Content' galleries

• -A. Buford
• May 19th 💪, 2021

Own YOUR SERVER

For much of my childhood I would watch movies where the top-notch techies would pivot from their their PC to a more powerful box to perform (blank) tasks. I remember back then also thinking to myself "why don't they own their own powerful servers?". The answers were cost and space. Fast fordward 15 years. Space doesn't require much more than just a shelf. Cost? A raspberry pi and some smart storage can go a long way. The only reason I can see for not housing your own dedicated server....is not wanting to. There is also the liability and maintenance arguments also.

The cloud really is just somebody else's computer(s). I find it easy to design and dev at home and then (r)sync to the cloud. The benefits are quickly realized when you decide to change cloud providers and are not at the mercy of anybody!

I've had clients come to me when all was lost because of poor IT practices. All trust was left to somebody else's computer. Design and produce at home. If needed, deploy to cloud. These days a homelab with 100TB+ is very doable. So do it.

• -A. Buford
• May 16th 💪, 2021

Why don't you post more often

Many times a month I am asked questions related to my posting frequency. "Why don't you post more?" "When is the next YouTube video?"

The answer is simple. We have several jobs and blogging isn't one of em. Dad-coder-web admin-sec.researcher-prod tester++.

Busy is busy.

• -A. Buford
• May 10th 🤣, 2021

A child's brain is amazing

I have always had the strong opinion that kids have the ability to learn things above their 'grade level' if exposed to 'them' in a way that doesn't just compliment their work end result. My oldest son is an example. Every-single-day i'm shocked at what he is able to learn and/or create by not limiting his creative thought. I hear myself saying "just try it and see what happens" very often. Often something doesn't turn out right, and sometimes I knew that would be the result from the start, but what I never can measure what is learned from failure... the never ending gift of a troubleshooting oriented brain. Kids rarely get the opportunity to do advanced troubleshooting.

The trick: It starts with giving honest feedback. "Oh wow, [son], that is beautiful" doesn't really to much for growth. "Oh wow, I really like how you made the arm and torso while using a single line. It shows you are seeing new perspectives in art". Now that! THAT RIGHT THERE!.. is a big reason why my son and other children I mentored think beyond the box.

I don't consider it constructive critism though. It's more of a 'hey i'm really paying attention' type chat. Kids pick up on that fast.

TLDR; Kids are smart. Don't fake the funk. Pay attention and give answers after 1x failure. Build the bridge to new information when there is a question.

• -A. Buford
• May 9th 🐒, 2021

Pronterface and Pronsole.. because people are lazy

I decided to dig a little deeper into this whole 3d printing stuff. After a long time avoiding.. I installed Pronterface/Pronsole /Printrun.

Printrun is a full suite of host interfaces for 3D printers and CNC, consisting of: Pronterface, a fully-featured GUI host; Pronsole, an interactive command line host .

It is a suite that pretty much allows you to do all things you would normally do on a 3d printer without actually being there.

Installation was very straight forward on an Ubuntu VM via sudo apt-get install pronterface -y

Once installed you have the option of a GUI (Pronterface) or a CLI (Pronsole). TBH pronsole seems a lot more promising. The possibilities are endless. All that is needed is a microUSB to USB adapter and you should be good to make.

• -A. Buford
• April 27th 🤓, 2021

Dear YouTube, you played yourself

This morning I woke up to a content take down notice from YouTube.

Our team has reviewed your content, and, unfortunately, we think it violates our harmful and dangerous policy. We've removed the following content from YouTube: Video: Cracking MD5 hash with John The Ripper JTR

The video was part of a security research project I had been apart of in 2016(ish). For some reason, although outdated, YT decided to give me a warning. The interesting part is that similar videos, even those i reported for being over the top, still remain. So personally I feel like there is ONCE AGAIN some personal bias involved.

Now, how did they play themselves? I get a good amount of my YouTube traffic from THIS WEBSITE. YT was just convenient. So, i'll just post content here first. No biggie. Videos being copied as we speak.

Update 4-25-21, Late night: I played myself? 11gigs of video. I gotta figure out a creative db option and frontend. It'll be housed here once finished.

• -A. Buford
• April 25th 🏎️, 2021

Installed Petio for the PLEX Server

They said it best so here you go

Petio is a third party companion app available to Plex server owners to allow their users to request, review and discover content. The app is built to appear instantly familiar and intuitive to even the most tech-agnostic users. Petio will help you manage requests from your users, connect to other third party apps such as Sonarr and Radarr, notify users when content is available and track request progress. Petio also allows users to discover media both on and off your server, quickly and easily find related content and review to leave their opinion for other users.

Installation on Ubuntu server is pretty straight forward once you have mongoDB installed along with a petio user created. Once all configured the service will be accessed via port 7777. There is no localhost restriction. Any PC on lan may access server. View the Petio Docs here for full installtion instructions.
• -A. Buford
• April 23rd 🏎️, 2021

Chicago Virtual Cybersecurity Summit 2021

Usually I don't have anything good to say about virtual conferences or summits. This one wasn't much different. It was neutral. It is hard these days to make a conference with new ideas or opinions when we are bombarded with so much daily. Important bits?

1. RDP exposed to internet is always a bad idea

2. Microsoft Teams is not secure & is an easy attack vector

3. Vendors will offer information after their solution. Business is business when not open source

Overall I give it a 6/10. I will go again next time. Virtual or in-person. Plus. I got ('it's in the mail') a free tshirt fromRed Canary! - Thanks Jake!

Red Canary provides security operations solutions, open source tools, and education for the information security community.

I can't get mad at free schwwwwaggggg. Deal with the plug.
• -A. Buford
• April 23rd 🐒, 2021

Image Galleries for all.

If you look over to the menu on the right you will notice there is now an 'Image Galleries' section added. These pictures are from various settings.

• -A. Buford
• April 23rd 🦝, 2021

BalBot v1.00 | Raspberry PI to hotspot internet tetherer

I needed to be able to use a Raspberry pi as a backup/failover WAN when the ISP went down. The raspberry pi needed to connect to my cellular hotspot via wifi connection (wlan0) and to the USG via ethernet (eth0). On the security gateway some configuration is also needed to enable failover or load balance. This may also be done from the CLI.

#!/bin/bash
ifconfig eth1 down
ifconfig eth0 down

iptables -f
# Enable IPv4 and IPv6 forwarding (feature):
sudo sysctl net.ipv4.ip_forward=1
sysctl net.ipv6.conf.default.forwarding=1
sysctl net.ipv6.conf.all.forwarding=1

# Assign IP address to eth1:
ip link set up dev eth1
ip addr add 10.42.0.1/24 dev eth1

ip link set up dev eth0
ip addr add 10.43.0.1/24 dev eth0

# Packets forwarding wlan0 -- eth1:
iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE
iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i eth1 -o wlan0 -j ACCEPT
iptables -A FORWARD -i eth0 -o wlan0 -j ACCEPT

I pieced this script together and setup a cronjob for @reboot with a slight delay (sleep 15;)
• Notepad/Code
• April 22nd, 2021 (lost post)

The power of plants.. Not those kind

Yesterday my plant almost died. My fiance had to take it to the doctor. Yes, a plant. Yes, a plant doctor. The Diagnosis: Plant is stressed. I was stressed because the plant was stressed. Everytime I turned around, to where the plant sat, I saw a sad face (x leaf count). Stress kills people in the most odd ways. That's another story.

I didn't realize how much a plant changes the atmosphere of a room until I almost lost it. I think plants are a often overlooked item in an office enviroment. IT occupation sanity benefits from them more than we give em credit for. Maybe I should grow a tree in the family suv and help balance the earth even more!

Blah blah blah. Imagine a famous random doctor quote here. Blah blah blah.

TLDR; Don't buy plants if you have small children already AND make sure the soil moisture if evenly distributed. Center included.

Also, I feel like my dog pee'd in it but the angle of attack for that wouldn't make much sense.

• April 21st 🦝, 2021

Trace Labs OSINT QEMU/KVM Installation video created!

• -A. Buford
• April 19th 🦝, 2021

SmartThings via CLI

What you call a person with hands stuck to the floor? I'm not sure and it's not related.

I got tired of using either a tablet or cell phone to command switches and accesories on the home smartthings lan. So. I created a Samsung SmartThings CLI control app to do it from the command cline interface. Slow down. I didnt code it. Just modified it. The playground has just grown! Think about it. I can set things on cronjobs for timers. I can now flip switches based on ANY condition! It only works sometimes though. Go figure. I'll get it sorted.

Credits: Copyright 2015 Richard L. Lynch rich@richlynch.com


• -A. Buford
• April 8rd 🦝, 2021