DEV Community: ODOT!

Decided Network +

ODOT! — Wed, 14 Feb 2024 00:43:50 +0000

Greetings,

I first want to say to the readers who love my posts, thank you. I try my hardest to continue the blogging during the studies of cyber. It's a bit hard because there is so much to learn. Nevertheless, the goal of gaining a cyber security role will be accomplished. Today I wanted to discuss the beginnings of gaining a certification called Network +. Yes, prior posts I've stated that one may not need to focus on certs for cyber. However, I feel that with the cert it holds weight in the world of I.T. Let's talk a bit about what I am doing to learn the studies of Networking.

CompTIA is a highly respected company who provides many certifications. One that they offer is Network + which proves you know the topics within networking. In my past work history, I've dealt with cables and wire, automation and more, but never knew the exact terminology for things. That's good, but then it's bad because when working with others you don't want to say the "thing" isn't working. What is the thing your describing would only be the correct response. Today I took the time to work on some studies provided by Professor Messer. He is incredible with the information that's needed, breaking everything down piece by piece. He provides much free content surrounding CompTIA certs and many would recommend him.

CompTIA Networking exam I am working towards is the N10-008 which expires on March 2025. This expiration date is provided because they update the exam every few years. The exam cost to take it and I am willing to pay every penny. Once you pay for a voucher, you then schedule a date at a testing center. There are 90 questions at 90 mins to complete and the score must be a 720 out of 900 to gain cert. My goal is by March to pass the exam so there's so much to do. I am currently deep diving into the OSI 7 layers, Network Topologies and also common ports. I also did a review of the Wireshark tool which is better to understand now. TCP and UDP was so foreign to me, but after taking studying just the first 3 videos of Messer, he went right into it to discuss Wireshark a little. As always, I will leave some resources, but please if in cybersec take a moment to study networking. Even if you don't want the cert, it helps out a great deal understanding how everything operates.

Peace and Light

Resources:

Professor Messer - N10-008 Training

CompTIA Network +

Picked The Red Pill

ODOT! — Sat, 10 Feb 2024 21:37:15 +0000

Greetings,

Organizing notes and determining the roadmap going forward in cybersecurity. Mastery within a set of tools within the field is quite important, but what's the ultimate goal. I've lately been on the Red Team of things learning more about how to do great Reconn and deploying exploits. Then again, my passion is also shared in protecting others and making sure awareness is there. Currently, I found there is great urgency in finding this path or I will be learning forever. We all know how tutorial hell can be. It's time for me to get connected with the right people in the cybersecurity realm.

They say don't ever doubt yourself. Dream Big! Never think you cannot make a goal if you create a plan. After careful study, I think my plan is to become a great red team pentester because it's a way of hacking on the good side. To wear a hoodie in front of a large monitor coding at times make me feel like Eliot (Mr. Robot character). Learning more and more about exploits and how they are deployed have me thrilled. So much you can do to help secure good people digital goods has also became a passion of mine. Being a fan of the great movie series "The Matrix" I thought of this as myself deciding which pill. You can take the blue which in this case is the defensive side of things. Another option is the red in which is the offensive side of things. Now it's time to make a roadmap for the red pill revealed many things once researched.

Try Hack Me

A great platform to learn and practice on is TryHackMe. They offer amazing content in depth with photo examples. The goal of each lesson is to 'capture a flag' which gives access to the next lesson. Some questions provided after lessons have hints, but if you read well you can learn. THM also includes attack boxes that simulate the linux distro while completing the projects. They also use OpenVPN for a local connection to their servers which is great as well for protection. With much offered if going with the Paid tier, there is so much they provide you for free. It feels gamified so I've been collecting badges while going through the lessons. Yep, they are visited daily for the studies so I recommend them highly to all.

Nielsen Networking

There are many YT videos out there with great content, however Nielsen really sticks out to me. With in depth descriptions provided without the 'blah blah blah', they are truly a goto in my book for the red team pentesting. Examples of tools such as NMap, Metasploit, Hydra and many more are provided not letting me down at all. Yep, they are also on the roadmap of the red pill consumption. I will be diving deeper in their content to grasp info as much as possible.

Watching Hacking Movies / Shows

They say in order to beat them you have to learn how to think like them. That is the truth because if you don't know the mind of the hacker, how can you beat them at the game?! Lately, I've been diving in full of watching hacking movies and shows that will answer the questions that may arise. How does an hacker operate daily? What are some notorious hacks that have occurred in history? This led me to watching more than the recommended hacking movies such as Mr. Robot, Hackers, Swordfish and etc. Now I am diving deeper into documentaries and getting a bigger picture of hacks affect millions of security isn't applied properly. An large view of things bring a better understanding in my opinion. Yall, I am over here even thinking of a Hacker handle for DEFCON32. Yep, that's a post for another time. LOL.

Gaining Certification

Not sure of the certification that I want to take on going forward. Should it be CCNA or what about Network +? How about I choose the Pentest + after I get the Security + cert? Yea, I can see how that can be a rabbit hole in itself for explaining it made me think of the countless Udemy courses I've not complete. I think the better thing to do is to build, connect and grow. Build because the projects will allow me my knowledge to be seen as proof. Connect because when you have a network of ones in the field you desire anything is possible. Grow because it's only the option provided if the first two steps are placed consistent. Wow! That's coming from a guy who just stopped smoking and started focusing on changing his lifestyle. LOL. Don't let me confuse you, I think anyone taking on a certification is awesome because they do hold much weight. In my journey, I am just focusing on the pen-testing and as knowledge is gained hopefully it fills a bucket of a cert I can commit to at later time. All listed prior are great and I will provide more info in the resource section of the blog so you don't have any confusion.

*Maximize The Mind, Body, Soul *

Wealth without health is... well... what is wealth defined? Lately I've been learning that you can't spend a dollar on what you desire if it's all going to the hospital. Workouts daily and spending much time outside is the focus now. Eating correct foods and making sure I keep on the direction of greater health is key to a true 'wealth plan'. Nah, money comes and goes, but when you need a heart... you just can't ask for another you know?! Today I started detoxing my lungs from toxins prior by drinking Mullen tea. It helps with cleansing of lungs and if you've been smoking like I have it's a must to have. Watching inspirational videos and listening to podcast that provide great motivational tips allow me to keep the energy active on the road in hacking also. At times one can get discouraged, so keeping aware of whats consumed such as music, conversations, and etc must be in tact. No distractions for now the GPS is set and I'm ready to travel the studies to succeed. A schedule for workouts and more has been created with a martial arts focus. Strength training and applying mediation techniques will be researched. I want not only to be a smart ethical hacker, but also a healthy one.

Peace and Light.

Resources:

Red Team x Blue Team

What is PenTest +

What is Security +

PenTesting Certifications for 2023

Thrash with BASH

ODOT! — Sat, 10 Feb 2024 18:54:28 +0000

Greetings all,

If you read my last post you would understand the focus behind cybesec right now. Writing notes this AM, looking at the glitching phone screen, it's time to make things happen in a major way. Booted up Youtube via the Raspberry Pi 4 and began looking for project ideas. Before doing so, I sat and thought for a moment. Let's work on BASH deeply! Grabbing my coffee mug I start to search for how to automate the daily tasks. This is simply what the scripting language made for. First things first, let's begin with the basics. What is BASH?

BASH (BOURNE AGAIN SHELL) scripting saves the user time so certain commands aren't written repeatedly. Bourne shell (sh) is used as the format for bash files but not required at end. The script is a series of commands that make of the file. When executed, they are read line by line so it's easy syntax to write and read in my opinion.

To start a script, you first would need a shebang. This combo consist of bash # **and **bang ! followed by the path of the bash shell. There's much more behind the shebang, but that will be added in the resources below.

shebang example:

`#! /bin/bash

To find the path of the bash shell, use the following command:

which bash

output for kali is :

/usr/bin/bash

so the ending of result would be the following when using a shebang in Kali linux:

`#! /usr/bin/bash

*Nano * is an incredible text editor that is built-in most linux distributions. The Nano text editor allows users to create BASH scripts.

Installation of Nano
sudo apt install nano

Open Nano
nano
nano <filename> (this option creates the name of script)

Example:
nano myscript.sh

Navigation of the GUI is quite simple. The commands I use the most thus far are Save, Copy, Paste and Exit. There are many more commands that are great to use, but like I tell all please do your research. Don't just read my blog, but check out the resources I add below. Respectfully.

Save File

Ctrl + s

Exit Nano

Ctrl + x

Copy

Ctrl + Shift + C

Paste

Ctrl + Shift + P

Now that you have the basic commands, let's create a simple bash script that will say "LINUX IS POWERFUL!" using Nano. No worries, I will walk you through it so you don't have to sweat. Are you set. Let's get to it.

Steps:

nano myscript.sh

#! /usr/bin/bash

echo 'Linux is Powerful!

Ctrl + s * add file name "myscript.sh"

Ctrl + x

Congrats! You have completed your first BASH script. Now you are asking the question of how you run the script eh!? Hmm... I guess I'll provide that for you. When executing the script you first need to make it executable. To make it executable we use the change **file permissions **of the script.

chmod +x myscript.sh

Then to to execute the script use:

bash myscript.sh

Ha! Now your good to go with the first script fully built and ran successfully! Now, do you want to make it a bit more interesting?! Let's take it up a notch and work with variables. Here's an example of a simple variable being created and used below.

name = ODOT
echo $name

Now I suggest you to try! See if you can create simple variable to add to your script. BASH has so much more to offer allowing users to automate workflows endless. As always I provide just a insight into the world then it's up to the reader to decide if they want to learn more. Resources are always provided below to help you on your journey. Well until next blog. Peace!

*Resources *

What is Nano Text Editor?

Quit Smoking, Start H@ckN!

ODOT! — Sat, 10 Feb 2024 17:14:07 +0000

Greetings,

For the year I've been working hard on stopping vices and one of them is smoking. Over the years, I've been a great cannabis consumer, but found that it doesn't do anything for me any longer. As a fan of Nipsey Hussle, I remember he had a interview that really gave me some perspective. The conversation was about how he was taking a break from smoking weed. This shocked me because he always was seen with some leaf. Watching the interview repeatedly, I started to become inspired to do the same. Not because he is a great in my book as an artist, business man and much more. It's actually deeper and while watching the interviews more it started to make sense. I am not a fan of the cannabis smoke, but actually became addicted. This also gave me a bit of perspective of my journey in life thus far. Damn. Something gotta change!

Over the years I've found that it was an escape from my reality. Much self destruction has occurred leaving me in disbelief that much time has passed. You never see what things do to you while being involved and with the "leaf", I started to think of its pros. Outside of the feeling it gives when good music is added, nothing else really came to mind. Creativity for the techie ideas occur while sober for most part so why do I really consume the herb? Couldn't think of anything else except the phrase 'Built Bad Habits'. Immediately I thought to myself that it doesn't fit into my future vision of me. It was then I shed a tear because life has been quite a ride. Much will be shared in future post, but I at that very moment gained clarity. While sitting back in silence for hours a voice came to me with one message. Not sure where the voice came from because it sounded as if another person was in the room with me which was a bit strange. The voice simply stated, "Quit Smoking and Start Hacking". Yo... what the hell is going on tonight?!

Right after hearing the 'voice' I spill my coffee on my smartphone with no insurance having the screen to glitch. Ahhh shit! This can't be life for I am looking for a new job now due to a layoff in January. The hot-spot works due to still being connected and I fall to the ground with relief. As discussed prior, the PI is my only source of studying due to no laptop and now the pressure is on. Typically in the past I would stay angry, but I've learned lately that conversion of energy is necessary in order to become what my vision of future self will exist. I believe tonight was a lesson that was needed in order for me to get to unlock the next "chamber" in life. Quit Smoking, find a job in cyber and make a lifestyle change for my family is now the mission and fast. Not only that, but teach ones who have walked similar paths the way of greater so we can help the world in some way positive. Now with no phone, distractions such as social media can't influence. Yep, I think this setback is only for a comeback. In the words of Nipsey, "The Marathon Continues...".

Peace and Light to All.

Resources

Who is Nipsey Hussle

Nipsey Hussle Interview

Rap Radar X Nip Hussle Interview

Understanding Ethernet and Fiber Op

ODOT! — Thu, 08 Feb 2024 20:24:55 +0000

Greetings all,

Back at it and not wasting time at all. I mean eh, it is 2024 right?! Goals were drafted and now the skill must be crafted. In the prior post, I spoke a bit about the world of networking and the basics. Things such as switches and routers were discussed as well as type of networks. Now I go a bit more into the interfaces and cable side of things. Yes, many would say to skip this part, but in my case I want to be a master of the field cybersecurity. I also have a background in electronics so a bit of this is a review well needed. Well, let's not wait and get into more of the notes surrounding networking. Specifically Ethernet and Fiber-optic cable will be reviewed with much in addition. Ok... I'll hush. LOL.

What are bits and bytes?

Bit:

A value represented by 0 and 1. When communicating over copper cable, the data is sent is interpreted by the receive device using 0 or 1.

Byte:

A series of 8 bits. 8 bits = 1 Byte.

Remember, speed is measured by bits per second. Kbps, Mbps, Gbps, etc. Never bytes per second.

1 Kb = 1,000 bits
1 Mb = 1,000,000 bits
1 Gb = 1,000,000,000 bits
1 Tb = 1,000,000,000,000 bits

What is Ethernet?

A collection of network protocols and standards.

What is RJ-45?

RJ-45:( Registered Jack- 45 )ie: Ethernet Connection

What are Ethernet Standards?

IEEE 802.3 standard in 1983. (Institute of Electrical and Electronics Engineers)
ie: 10-BASE-T, 100BASE-T, 1000BASE-T, 10GBASE-T)
Be sure to look up the standards listed above.

Listed in the standards are the following:

Speed
Common Name
IEEE Standard
Informal Name
Max Length

What are UTP Cables?
(ie: Cat 6 cable )

UnShielded Twisted Pair (No metallic shield which it vulnerable to electrical interference)
The Twist protects against EMI (Electromagnetic Interference)
Lower cost than fiber-optic
Shorter max than fiber-optic (up to 100 meters)
RJ45 ports usd with UTP are cheaper than SFP ports.
Emit (leak) a faint signal outside of the cable which can give security risks.

What are Fiber Optic Cable?

Sends light over glass fibers having one connection to send and one connection to receive.

Two Types of Fiber-Optic Cable are below:

Single-mode Fiber Optic Cables:

core diameter is narrower
light enters at a single angle mode from a laser based transmitter.
allows longer cables than both UTP and multimode fiber.
more expensive than multimode fiber (due to more expensive laser-based SFP transmitters)
They use separate cable to send and receive connections
1. fiberglass core
2. cladding that reflects light
3. a protective buffer
4. the outer jacket of the cable.

Multi-mode Fiber Optic Cables (Cheaper than Single Mode):

core diameter is wider than single-mode fiber
allows multiple angles (modes) of light waves to enter the fiberglass core.
allows longer cables than UTP, but shorter cables than single-mode fiber.
cheaper than single-mode fiber due to cheaper LED-based SFP transmitters.
Does NOT emit any signal outside of the cable (=no sec risk)

What is a SFP Transceiver?

(Small form-factor pluggable): Connect a fiber optic cable to them.

Resources:

What is Ethernet?

What are Ethernet Standards and Protocols?

Straight-Through vs Crossover Cable

What are Fiber-Optic Cable?

Let's Start Networking

ODOT! — Thu, 08 Feb 2024 19:03:47 +0000

Greetings,

Well, well, well. The knowledge gained within the world of security thus far has been great. Understanding how many tools are used is important, but learning networking fundamentals is key to the protection and security ones system. Personally, I've always understood how the internet works, but didn't really have the terminology down pact. Because of this, I am taking time while undergoing cyber studies to also grasp the knowledge of networking. Hopefully while studying I'll be able to gain my networking certification. Not sure which one due to more research, but one that stood out was the CCNA. It's provided through Cisco and they offer many great resources to learn. Well without further or due, let's get into day one of networking concepts I took notes of. More will be added in future post, but this can provide a jump start.

What is a network:
A system of interconnected devices that can communicate using some common standards called Internet Protocol Suite (TCP/IP)

Types of Networks
Local Area Network (LAN):
Personal Area Network (PAN):
Metropolitan Area Network (MAN):
Wide Area Network (WAN):
Wireless Local Area Network (WLAN):

Server:
A device that provides functions or services for clients

Client:
A device that accesses a service made available by a server

There are two types of endpoints or end hosts, these are servers and clients.
The same device can be both depending on the situation.

What are Switches?

Have network interfaces/ ports for end host to connect to (usually 24+)
Provide connectivity to hosts within the same LAN (Local Area Network)
Do not provide connectivity between LANs/over the internet.

What are Routers?

Have fewer network interfaces than switches
are used to provide connectivity between LANs
used to send data over the internet

What are Firewalls?

monitor and control network traffic based on config rules
placed outside the router or inside the network protecting the end host (PCs and switches, etc) of the network.

Network Firewalls:
Are hardware devices that filter traffic between networks. One will is a Next Gen Firewall.

Next Generation Firewall:
Combines traditional firewalls feats with more advanced filtering functionalities

Host based Firewall:
Are software apps that filter traffic entering and exiting a host machine like a PC. Not a network firewall.

Resources

Basic Knowledge of Networks

What is CCNA?

CCNA Online Study Tool

Dorking of Google

ODOT! — Wed, 31 Jan 2024 23:59:34 +0000

Greetings,

Today I wanted to discuss a great topic surrounding Google. Did you know that there is something called Google Dorking that is very popular within the cybersecurity community? Oh yes, Google 'Dorking' sounds crazy, but the community refers to it as ethical hacking.Results found from Google Dorking are found on publicly accessible documents, which Google has indexed. If sensitive info is found within these files, its a risk created by the site owner and is up to them to resolve issue. Let's say someone uploaded private info on a webserver or a open connection to a webcam? When using Google Dorking, you can find the vulnerability. It's used for ethical hacking in the step of recon so one can know more about the target. The passive recon that we are using is defined as such because we are searching for public info.

To use it, simply go to Google.com and use search operators to find information. Here are a list of the search operators in which can be used and it's all legal.

Google Dorking Operators

Site: Searches within a particular website
site:starbucks.com
Filetype: Searches for specific file types
site:starbucks.com filetype:pdf
Inurl: Finds URLs that include specific words
inurl:admin'site:starbucks inurl:admin`
Intext: Searches for text within a webpage's content.
site:starbucks intext:admin
Intitle: Looks for terms in a webpage's
tag. site.starbucks.com intitle:login

Now it comes illegal when you take the info and you use it for another attack. Without permission, the use of this info to attack the target would be a 'black hat' hacking which is illegal. Be sure to keep it passive when doing your recon great people. Another great tool is Google Hacking Database.

Google Hacking Database (GHDB) is a filled with potential search strings in which can work. A compilation of search queries and query operators that help us in Google Dorking. It is arranged into categories such as Files containing passwords, vulnerable servers, footholds and error messages. Each category contains search queries and operators crafted to reveal specific info about a target. Keep in mind that all queries in the database may be outdated so verify the info obtain through the operators.

For more info, I will leave the resources below. Take a moment to use the operators reviewed as well as visit the GHDB. You will find many things on there, but I highly advise to NEVER use unethical practices. If you like me, I am trying to gain a role, not become an inmate.

Peace and Light

Resources:

FCC - Google Dorking

HackTheBox - Google Dorking

Google Hacking Database (GHDB)

Mapping A Network (NMap)

ODOT! — Wed, 31 Jan 2024 00:44:43 +0000

Peace,

Been gathering all the notes over the prior moons to provide amazing blog posts surrounding Linux. Must say, I am impressed in what I have learned thus far. Still much more to go and I am ready! Today we will discuss the mighty tool called NMap. NMap (Network Mapper) is a tool that scans IP addresses and ports in a network. NMap also detects installed applications. This is one of the tools I would say ALL cybersec resources would recommend using so don't go rogue on me now! For Kali Linux users, NMap is actually preinstalled. Before we speak about the commands, let's first see why this tool is a great one in the books of Ethical Hacking.

NMap is a free open source tool that is used to check for vulnerabilities. It was created in 97 and still used to this day. It has a large community of developers who maintain and keep it up to date which is amazing. The heart of the tool is port scanning. It designate a list of targets on a network that they want to learn by compiling a range of ports. To be brief, it provides several information gathering techniques to use for a target.

Many of the activities in which Nmap is used for are the following:

Network Mapping
Port Rules Discovery
Shadow IT Hunting
OS Detection
Service Discovery
Vulnerability Scanning

Now that we have that covered, let's speak about the great commands that NMap has to offer. Again, many use it for the information gathering stage gaining insights such as IPs, OS versions, open ports and more.

There are four types of Nmap scans that are used. These are the following:

TCP SYN scan
Version Detection Scan
OS Detection Scan
Vulnerability Scan

When working with NMap keep in mind that the types of scans are of the prior. There is actually a list of all the Nmap scans on their website in detail. I am just going to provide a overview so you will have the information.

Here is a full list of the scans NMap has to offer.

TCP Scan
UDP
SYN
FIN
ACK
NULL
XMAS
RPC
IDLE

When using the scans it's always best to make a plan first of how you will gain the information of the target. I came across a model called: kill Chain, in which I highly recommend reading. Once understanding a great philosophy on how to attack targets, I think you'd be good to go with the commands provided shortly. Before we get there let's first speak about a recommended practice for successful network vulnerability discoveries.

Best Practices for Network vulnerability Discovery.

Choose the right tool (Nmap)
Plan the scan
Run the Scan
Scan frequently
Analyze The Vulnerabilities
Document the Scan

While studying through the endless Nmap notes, I was able to truly understand how different commands work. A great video I would recommend is by :. He speaks about the top 7 Nmap scans that you should know. I started to memorize and even made a handy cheat sheet I will provide for download. Well, let's not waste time and list the top scans for Nmap.

Top 7 NMap Scans

os enumeration (Find the OS of the target)
nmap -o (ip of device or subnet)

network discovery (ping scan)
nmap -sP (ip of device or subnet)

Scan for a specific port
nmap -p (port of service) (ip of device or subnet)

Find Service Version Identification
nmap -sV (ip of device or subnet)

Combines all prior into one scan. (but very gpu heavy)
nmap -A (ip of device or subnet)

Using the Nmap Scripts
nmap -script (Script Name) (ip of device or subnet)

A great resource I would look at for NMap scripts would be the NSE (NMap Scripting Engine). I will speak about it in future posts however if you practice the last script provided it may bring you to a whole new world NMap has to offer. A great resource to test your Nmap commands would be Scanme.nmap.org. It's a vulnerable site provided by Nmap that allows scans to occur for pen testing practice. If you already practiced the prior commands how did it make you feel? Do you think you can push the boundaries of the tool to handle tasks such as CTF (Capture The Flags) and much more? Well I think you can if you stick to the studies thus I am. As always I will leave resources for you below to further your studies in cybersec.

Until next time.

Peace.

Resources

What is Nmap?

Top 7 Commands by Neisen

Best Practices for Vulnerability Scanning

Networking Basics for Cyber Security (Highly Recommended)

Hardening The Home Lab

ODOT! — Wed, 31 Jan 2024 00:13:59 +0000

Peace,

Back at it with another post and today I wanted to speak about securing your home lab. Why have a home lab and there is no security yet daily practice security? After reading that question does it even make sense? Seriously with a bit of humor it really doesn't. That's why I wanted to take a moment to speak on the topic. Too many people I've came to meet in the field of cybersecurity have been showing me their labs. While able to browse the home lab, I notice that many aren't securing themselves leaving much vulnerability. I can only imagine someone practicing pen testing at home and find to be hacked themselves. No worries though, after reading this post it may help and bring perspective to why this should be done right away!

Like stated before, security of the home lab is important. This is what most would call "Hardening" your system because you are making it harder for actors to penetrate. You will hear the term "Hardening" sometimes so I wanted you to be familiar with it. There are several ways to execute hardening a system so don't feel as if this the only way. It's up to us all to continue to research so please be sure to read the resources listed below each blog post.

Hardening A System

Create a Hardening Checklist document
When creating a checklist, be sure to include the following in the document.
- Machine Name
- IP address
- MAC address
- Name of person performing the system hardening
- Date
- Asset Number
Use SSH:
- Each server should be configured to use SSH for remote login.
- IPTables are configured to restrict SSH access to known IP addresses only.
- Consider also disabling SSH on a not needed ports.
- Key-based authentication should be used instead of password-based authentication
- Client keys should be encrypted to prevent their use in case they are stolen
- When configuring the server, root login should also be disabled and certain users have access when logged in.
Close all Open Ports:
- Use netstat to find which devices are listening for incoming connections.
- If you find an unnecessary service listening to inbound connections, disable the port or remove the application.
Enable Firewall:
- iptables keep tab on incoming, outgoing, and forwarded practices can help you secure your server.
- In the cloud, the VMs should be config to run in a ZERO Trust network.
- Virtual Machine (VM) to VM communication is considered secured.
Disable USB and Thunderbolt Devices:
- put a password protection on the BIOS so it can only be changed by authorized users.
Turn On SELinux:
- Security-Enhanced Linux is built-in access control mechanism.
- It operates in 3 modes:
- Disabled: SELinux is completely off. Avoid this!
- Permissive: doesn't enforce a policy, but logs and audits all actions.
  - Enforcing: most secure and enforces all polices. Default mode of SELinux and recommended.
Strong Password Policy Implementation
- Disable accounts with empty passwords and ask users to set passwords for their accounts.
- Encourage stronger passwords and harder to guess passwords by requiring guidelines.
Purge unnecessary packages
- Eliminate all packages that you aren't using frequently.
Keep kernel packages updated
- sudo apt-get update
- sudo apt-get install upgrade
Disable ICMP
- allows internet hosts to notify other hosts about errors and helps system admins in troubleshooting.
- Attacks that can happen when ICMP is enabled:
  - Ping Sweep:
  - Ping flood:
Logging and Auditing
- Syslog logs all the messages in /var/log dir by default.
- keeping detailed logging and audits can later be used to detect any attempted intrusions.
Regular backups of the server.
- Use Rsync and other tools to back up the server consistently.
- Recommendations of cloud, offsite and onsite is provided but it's truly up to use case.

Like stated prior, there are more options available for hardening your system. I wanted to give you a insight on things to focus on when starting the system hardening, but feel free to explore more. There are so many techniques and most apply to cloud systems / servers as well.

Well, until next post.

Peace.

Resources

Linux Server Hardening

Manage Those Users

ODOT! — Tue, 30 Jan 2024 19:33:02 +0000

Peace,

Linux is an amazing kernel to work with thus far. Learning more and more about the system and each time I think I know something, another topic becomes interesting. Today I wanted to speak about User Management which is quite important if you are a studying for cybersecurity. Why O? Well I learned that if you are running your system as root, it might not be a great idea. Great security practices recommend that you create a sub user that will have 'root' aka 'sudo' privileges. Let's speak on how to work with the user management in detail so you can gain understanding.

First off, let's define what a 'user' is. A 'user' is referred as individuals or entities that interact with the OS by logging in and performing various tasks. There are two types of users as well, System and Regular. A 'System User' is created by the system during installation and are used to run system services and applications. A 'Regular User' is created by the admin and can access the system and it's resources based on their permissions. Yes, you as the admin can make the 'regular user' gain access to certain files on the system which is great! I mean eh, there are those who can be trusted, but may not need ALL the access ya dig?! When users are created there are many properties that make of a such. The properties are the following: User ID, Group ID, Home Directory, Default Shell and Password.

Now that we have that out of the way, let's speak on how to manage these users using a few commands. Remember if you need any assistance when using the commands, always refer to the manual built within Linux.

User Management Commands

Creating a User
useradd <username>

When using the command you may be prompted to add details to the user. It's a common practice to fill as much as needed for the user as possible. I don't typically fill it out because I'm the sub user who just want my system to be secure.

Delete a User
userdel <username>

See all user accounts on system
sudo nano /etc/passwd

Sudoers file config
sudo nano /etc/sudoers

Change user password
passwd <username>

Give user the sudo (root) privilege
`sudo usermod -aG sudo

Switch users
su - <username>

Add users to a group
`sudo usermod -a -G '

Add users to multiple groups
sudo usermod -a -G group1,group2 username

There are many additional commands to execute user management, but these are just a few to start. Be sure to practice using a regular user with root privileges. This is recommended on just about every cybersec tutorial videos studied and it makes much sense. I'll provide resources for the commands and why user management is important in cybersec.

Until next post.

Peace

Resources

User Management

Don't use Root as a User if Possible

Linux On The Go (Termux)

ODOT! — Tue, 30 Jan 2024 18:50:52 +0000

Peace,

While undergoing the daily Linux usage, I came across an app via smartphone that allows a shell emulator on the go. It's called Termux, and it's available via F-Droid. Now if you aren't familiar with what F-Droid is then there is no worries. I gotcha covered with this incredible tool that allows users to download apps that aren't distributed on the Google Play Store. Let's speak a bit about the mighty emulator Termux shall we?!

Termux has been used for some weeks now and the amazing features it offer really makes it feel like a laptop in the pocket. Linux runs exactly like any other distro enabling the same commands to be used as well. Files and directories are stored on the SD card within the smartphone. This is great for massive users like myself who have larger storage on the smartphone. While going out for a bite of lunch to having appointments, the Linux shell is right there ready for small projects and more.

Lately, I've been practicing different ssh connections and networking commands to get in the hacker mindset from mobile devices. Nano text editor is included in Termux as well for great development ideas on the go. I've been scanning networks just to practice pen-testing ideas then sending contents to a txt file. After executing a few ideas, I started to research more about Smartphone Ethical Hacking and came across a few resources I'll link below. It's quite interesting what tools are out there which 'actors' can use to attack via mobile. Exploits were explored as well which are scripts that 'actors' use to send malware and much more. One thing that was quite amazing is that you can also install Kali Linux on the Android device as discussed prior blog post. For more info on that, feel free to click the resource links below. Welp, let me get back to the daily grind.

Until next post.

Peace.

Resources

F-Droid

Termux

Nethunter Pro

Mobile Ethical Hacking

Pi Minimal Workstation

ODOT! — Mon, 29 Jan 2024 02:18:54 +0000

Greetings!

While traveling the journey of Linux, I wanted to share the setup I have to learn more about cybersecurity. Like I shared last post, my laptop has been down so the setup is minimal. One thing many need to keep in mind is that you don't need to spend many dollars to have a great workstation. Before setting up a workstation you first need to have a plan for the workstation. What is the purpose behind the workstation? How much do you really need to begin your journey? For me, it was simple. Let's go cloud with what we can and everything else, we can place on USB or external drive. Let's break down the workstation of the mighty ODOT shall we?! Aiight... let's go!

Raspberry Pi 4

The brain of my workstation would be the Rapsberry Pi 4. The performance this device provides has been beyond the expectation. Here, I am able to plug in my usb doggles for keyboard and mouse connections. Also I have the external hard drive connected for there are 4 usb ports on the device. The monitor is connected to the HDMI port while the power is connected via wall outlet. SD card holds the distro of choice and the RAM chosen for the Pi4 is of 8GB which is enough for now. If you know about the Pi, it can be used without the case. I suggest you use a case to protect the board for important components must be protected. You don't want wires and more to show out of your laptop right?!

Display

Currently using a Sanyo 60 inch screen for a display which is connected to the Pi via mini HDMI. I wanted a wide screen because I always seen in movies the actors with them. The screen was literally $40 at a local pawn shop on a special. Came with a remote so I installed Kodi for media. I'll explain more about Kodi in another post.

Case / CPU Fan / LED

The case of the PI was purchased off of Amazon, but must be assembled. As a lego fan, it was great for me so I began to connect everything to build this amazing LED case. This case took about 20 minutes build time and the Raspberry Pi 4 fits perfectly. A CPU fan is included which is great for power users like myself allowing the Pi to keep cool.

Micro SD Cards (2)

When using the Raspberry Pi, you must have a SD card to run any software. In my case I have two so I can switch distros such as Rapsbian and Kali Linux. There are other options out there, but I decided SD route. Upgrades will be on the way, but this is for the budgeted workstation.

External Hard Drive

For the media of much, I always save to the external hard drive to save space of the SD card. Backups are also done here as well as the cloud giving multiple instances of files and more. USB connected and your good to go having a great backup for your convenience. My drive is a 1TB which is more than enough for what I am focused on at the moment.

Onn Keyboard | Onn Mouse | Onn Mini Speaker

Yeah yeah yeah... devs love grabbing those expensive mechanical keyboards. That's great for a social media pic, but when your money is low... go grab this Onn keyboard & Mouse. Portable, light and great on the fingers when typing. You can't go wrong with the price point as well for it's located at your local Walmart. Batteries are included like most if not all products so don't worry. I use the speaker to listen to my audio selections instead of headphones when possible. It's a must to have in the workflow for also those great podcast and tutorials visited often.

Smartphone

Currently I am using the Android smartphone instead of Iphone. Yeah yeah I know you iPhone users are going to go crazy, but once you dive into the world of Linux you will understand. Much can be done with an Android device and with the right knowledge you can remotely use your workstation on your smartphone. I do it daily and in time I will teach you in future posts.

Coffee

As a developer now heavy in Linux and Cyber, coffee is MANDATORY. I don't know too many developers who don't have coffee while they are at the workstation, unless it's tea. A great roast while going though hours of syntax, notes and videos ... yep I can't explain the feeling.

Welp, now you have a basic setup, I hope this inspires you to create your own. Again, save that dollar and make it happen on a budget with a focus around the Pi. Great thing as well is you can take this setup anywhere if you are innovative.

Peace and Light.