Researcher. Builder. Hacker. Traveler.

Category: Uncategorized

10 Questions You Should Ask Every Leader

Publish Date259 Views

I am reading a book called “The Art of Authenticity” and in the book over a couple of chapters it talks about understanding what makes strong leaders and deciding who you should follow.
I have pulled these 10 questions out of those chapters:

  • ​What was your first leadership role?
  • When you think about the process of becoming the leader that you are today, what experiences stand out for you as turning points? ​​​
  • How do you choose people to hire for your team?
  • Do you look from resume virtues or eulogy virtues first when you make a hiring choice?
    (Resume virtues are the skills you bring to work,  Eulogy virtues are things people say about you when you die.)
  • What kinds of behaviors irritate you in colleagues?
  • Whom do you admire?
  • How would you describe yourself as a leader?
  • What kinds of situations bring out the best in you?
  • What kinds of situations bring out the worst in you?
  • What is the hardest thing you have ever done as a leader?

​I will be spending the next couple of weeks with my mentors and leadership team finding out their thoughts on these questions and this is one of those non-technical things I felt inclined to share.  I am sure this book will spawn a few more these short posts.

Getting The Most Out Of RSA

Publish Date312 Views

The RSA conference starts next week and lets be honest it is becoming known as a stuffy management conference with very little useful technical information but if you know where to look you can take some deep dives.  I have put together a quick guide of some amazing talks and events I am looking forward to.

Talks:

BSidesSF –  Coming into town a few days early just to attend this conference.  There is so much good stuff on the schedule but I do not want to miss the Advanced Internet dataset combinations for #ThreatHunting & Attack Prediction talk.
Google Cloud Talks –  If you have cloud “stuff” in your company you need to swing by and catching some of these talks.  I am really looking forward to the Container Security Panel and while not technical Humanising DDoS: the technical and emotional impact of large-scale attacks on an organisation looks ridiculously intriguing.
IOActive –  IOActive always does an amazing job with their IOASIS and talks.  I am really looking forward to the Implementing Inexpensive Honeytrap Techniques  and the Hardcore Cloud Forensics talks.
DevOOPS: Attacks and Defenses for DevOps Toolchains –  This talk by Ken and Chris is the one RSA talk I will not miss.

Events:

I ♥ Cisco Umbrella Soirée – My friends at OpenDNS always do an amazing job with their RSA party and I cant wait to see what they do on Valentines day with 20,000 geeks stuck in San Francisco. 
Forescout – One, two, three and to the Snoop Doggy Dogg is at the door Ready to make an entrance so back on up.   Snoop provided the soundtrack to my 7th grade basketball team and I am really looking forward to seeing him in person.

Tenable -Tenable is having an 80’s party on Sunday and to quote Jay-Z:
Wanna bring the 80’s back?
That’s okay with me, that’s where they made me at.
BJJ Smackdown – For $50 you can be punched in the face by Jeremiah Grossman and maybe pickup some BJJ skills.
Rsaparties.io – Has a list of about 500 more parties you can attend.
If I am missing something I should be at or if you want to say hi next week you can catch me on twitter at @jgamblin.

RaiNmap Container

Publish Date2070 Views

I use nmap all the time at work and recently came across rainmap-lite which is an amazing web interface for nmap that allows you to easily schedule and email scan results.  I wanted to be able to share it with a class I am teaching so I did what I  have been doing lately and put it into a docker container:
Screen Shot 2016-08-30 at 8.21.19 PM
Running it is as simple as:
docker run -ti -p 8080:8080 --name rainmap jgamblin/rainmap
Then access:
http://yourip:8080/console 
You can now run a ton of nmap scans and get the results emailed to you and your team:  Screen Shot 2016-08-30 at 7.47.54 PM Screen Shot 2016-08-30 at 7.53.10 PM
Here is the DockerFile:
FROM ubuntu:latest
RUN apt-get update && apt-get install sqlite3 git nmap python-pip  -y
RUN pip install --upgrade pip
RUN pip install lxml
RUN pip install Django
RUN git clone https://github.com/cldrn/rainmap-lite
WORKDIR /rainmap-lite/rainmap-lite/
ADD  run.sh /rainmap-lite/rainmap-lite/run.sh
RUN chmod 777 /rainmap-lite/rainmap-lite/run.sh
CMD ./run.sh
Here is the run.sh:
#!/bin/bash
sed -i "s/8000/8080/g" "nmaper-cronjob.py"
echo What is your public IP address?
read ip
sed -i "s/127.0.0.1/$ip/g" "nmaper-cronjob.py"
echo What is your SMTP user name?
read user
sed -i "s/[email protected]/$user/g" "nmaper-cronjob.py"
echo What is your SMTP password?
read pass
sed -i "s/yourpassword/$pass/g" "nmaper-cronjob.py"
echo What is your SMTP address?
read smtp
sed -i "s/smtp.gmail.com/$smtp/g" "nmaper-cronjob.py"
python manage.py migrate
python manage.py loaddata nmapprofiles
python manage.py createsuperuser
python manage.py runserver 0.0.0.0:8080 &
while true
do
python nmaper-cronjob.py
sleep 15
done
Protip:  SendGrid offers a free SMTP server. 

SSHoneypot*

Publish Date822 Views

I am at Security Summer Camp this week  and you always hear about how how dangerous these networks are with no real proof so I decided to see how dangerous they are*.  I built  the most insecure docker container I can think of. It runs SSHD with the root password set to  root* to see see what happens when I expose them to the blackhat and defcon networks.
I put the container here: jgamblin/sshoneypot
If you want to build and modify your own here is my base dockerfile:
FROM bashell/alpine-bash:latest
RUN apk update && apk upgrade
RUN apk add openssh openssh-sftp-server byobu tmux && \
/bin/sed -i -e 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config && \
/usr/bin/ssh-keygen -A && \
echo "source /etc/profile.d/color_prompt" > /etc/skel/.bashrc && \
cp /etc/skel/.bashrc /root/.bashrc && \
echo "root:root" | chpasswd && \
su - root -c "byobu-launcher-install"
EXPOSE 22
CMD ["/usr/sbin/sshd", "-D", "-e"]
I have been running on a DigitalOcean droplet for a few hours and surprisingly, none of the bots have been successful yet.
Screen Shot 2016-08-01 at 10.08.45 AMI will have a blog post next week with full pcaps and copies of the containers for any that have successful logins.
*This is like a really bad idea.  

Building A Security Lab

Publish Date350 Views

My mentor and I are in the middle of spinning up an information sharing group with local security professionals and next Friday is our first “working session” and we are discussing what building a security lab* looks like and costs.

We really hope to start walking through the tools in future meetings but here is what my security lab build looks like and roughly costs.

image

(Not sure why my blog doesn’t like tables. Here is a link to the excel spreadsheet.)

I really hope to pick up some information on what other people have in their labs that I am missing. 

*I am not sure if the correct term here is lab, toolkit or security testing platform. You pick.

You Should (Probably) Turn Off Wi-Fi Assist

Publish Date244 Views

If you do not have unlimited data on your iOS device you will want to turn off Wi-Fi Assist in iOS9. Wi-fi Assist uses your data connection when you are on a slow Wi-Fi network.

To turn it off go to Settings > Cellular > Wi-Fi Assist > Off.

MotionPie – The RaspberryPi Security System

Publish Date473 Views

I have been looking for sometime to get a few security cameras setup around my house.  I have thought about the dropcam and oco options but they were both fairly expensive and didn’t have the options that I wanted. 

What I did have was a raspberry pi 2, two old web cameras and a 6 year old who likes to build stuff.   We spent some time this weekend working with a project called MotionPie based off of MotionEye this weekend and we really like it. 

It does take a fair amount of computer, network and linux knowledge but if you have a raspberry pi and google I am sure you could figure out.

I hope to see added (and help since it is an open source project):
Dropbox support.
Ability to select motion detection area.
Ability to change the theme colors. 

Here are a few pictures from the project.

The 10 Minute Free* Private VPN

Publish Date2190 Views

People ask me all time what the one thing they should do to “stay safe” on the internet is.  If I had to pick one it would be to use a VPN when you are on a network you dont own or trust. 

It has always taken a little bit of technical skill to setup a private VPN but my friends at WebDigi have done an amazing job of making setting up a free (if you dont use it too much) private VPN on AWS easy. 

Here is the blog post on how to set it up. 

Here is the projects github page. 

Here is the walkthrough video:

Here are some tips from me: 

  • Use LT2P and not PPTP.  It is safer. 
  • Try to delete and rebuild the image twice a month to delete the logs and get a new IP address (Yes, I am paranoid).  
  • It is free to start but if you send a lot of traffic through the VPN it can end up costing you a few bucks a month. Setup billing alerts. 

What are you passionate about?

Publish Date427 Views

What are you passionate about? 

My mentor asked me that question this week as we were talking about what “true success” looks like.   In the end you will never feel truly successful if you are not doing what you are passionate bout.  There are people who are passionate about being amazing help desk technicians who feel (and are) more successful than the CIO who would really rather be the CFO. 

As a reminder to do everything I do with passion I now have this as the lock screen on my phone: 

Older Posts
Newer Posts

Site Footer