Shining a Light on Your Vulnerabilities
Setting Up a Remote Rescue Environment with OpenWRT and PXE

A client of mine called recently with a busted computer. There was a power outage at his site and upon powering up one of their machines he was greeted with the dreaded "No bootable devices found" text error message right after the Dell splash screen. I suspected hard drive failure …


read more...

Continuous Monitoring on a Budget at BSides Atlanta 2019

Thanks to the BSides Atlanta Organizers and Volunteers who gave us the opportunity to share what we've been working on! Plus, they made a really cool badge.

Cool Circuit Board Badge

We've been doing some neat work with various open-source projects and tools (like OpenWRT, Python, OpenVPN, Docker, Apache NiFi) to create an inexpensive …


read more...

Dockerized Web Application - Auto-deploy to Google App Engine with Google Cloud Build

Google's App Engine Flexiblie Environment supports "custom runtimes" which means you can push a Docker container to provide the web application that will be served (rather than using Google's proprietary app engine interface).

Why App Engine versus running the Docker container directly in Google's Compute Engine or Google's Kubernetes Engine …


read more...

OpenWRT at BSides Augusta 2018

Thanks to all the BSides Augusta Organizers and Volunteers who made for an awesome conference! Augusta attracts some really talented people thanks to them!

I'm thankful that I had the opportunity to share how OpenWRT and some cheap SOHO routers can make for a fun environment to protect and monitor …


read more...

Installing OpenWRT on a Linksys EA4500

Choosing a router to run OpenWRT on is a complex task... OpenWRT's Table of Hardware has the complete documentation on what models are supported and which are not. OpenWRT even provides a nice filter for their Table of Hardware of devices that are "Ideal for OpenWRT".

I chose the Linksys …


read more...

Content Filtering - OpenDNS Family Shield on OpenWRT

I've written about content filtering recently. To rehash: There is no technology silver bullet to filter out all the bad while leaving the good. There is no substitute for parental presence and conversations with your kids. But that doesn't mean we can't use technology to try to prevent accidents. My …


read more...

Cheap (<$40) Network Tap with OpenWRT

A network tap is a handy device that lets you copy the packets going in and out of your network to another computer. When you want to see all of what is passing through your network, a tap is an easy way to grab it. Problem is, active network taps …


read more...

Disable IPv6 on OpenWRT

I'm not bought in to using IPv6 yet and frankly, I haven't messed with all of its settings enough to feel comfortable that I can fully protect it. So, I typically disable it on my OpenWRT devices. Here's the magic shell commands that turn it off for the lan and …


read more...

System Use Notification Banner on OpenWRT

Numerous standards suggest or require the use of a login banner that clearly informs legitimate users and attackers that the system is for authorized users only. Substitute in your organization's banner below if this standard text isn't sufficient.

cat > /etc/banner <<EOF
Authorized Users Only!
Any attempted or unauthorized access …

read more...

Parental Controls - Enforcing Google SafeSearch and YouTube Kids Mode from dnsmasq on OpenWRT

I'm a proud parent raising kids in an Internet-connected age. And I've spoken with many parents also trying to do the same. And while there is so much good stuff out there on the Internet, there is also so much bad stuff... And we don't want them accidentally stumbling on …


read more...

Network Traffic Inspection - TCPDUMP on OpenWRT

All the time when something is broken on my network (e.g. network outage, system down, traffic slow), tcpdump is my "goto" tool for investigation of the root problem. But the question is: where do I run it? A typical home network setup looks something like this:

Typical Small Business or Home Network Diagram

There are a …


read more...

OpenWRT - Mounting USB Storage

Typical OpenWRT devices usually have pretty limited storage. Some have 128MB+ today, but the ones I most often use have 32MB or less. Not a lot of flash memory for storing logs or full PCAP captures! But many of these home routers have USB ports and we can use these …


read more...

Free Windows Virtual Machines - From Microsoft!

Microsoft kindly provides a number of Windows VM images free-of-charge to help with testing websites and applications on Windows. Many of these VMs have limited-time licenses and they'll expire if you don't add a valid license key (maybe pull a valid license key off an old computer you're throwing away …


read more...

docker-compose in a container

Instead of downloading and installing docker-compose, it is possible to run docker-compose within a docker container! This is handy when all that you have access to is a fixed image (like Google's Container Optimized OS, CoreOS, or Fedora Atomic). Google posted some great instructions on how to do this but …


read more...

Broken Screen Rotation with Gnome Shell in Wayland

I prefer to use Fedora when possible but in F26 and F28, I've been unable to get Gnome Shell to agree with my screen rotation options. I keep both my monitors at my primary desktop in portrait mode. Gnome accepts these settings just fine, but then the Gnome Shell activities …


read more...

docker push is using all my bandwidth

My home broadband is fast, but not as fast compared to other offerings today. It's good enough for most tasks, but docker push often overwhelms my connection (see bufferbloat for more information). By default, docker uploads 5 layers at a time. This number of packets can overwhelm poor network devices …


read more...

Cracking WPA2 Passwords

I wanted to demo for a client how easy it would be to crack a WiFi network with a simple password. So I setup a Linksys EA3500 router (flashed with LEDE) and configured it to use a variation (changed capitalization and punctuation on the end) on a simple password from …


read more...

Contact Us