UFW, Docker, and Tailscale: Lessons Learned

This is a cautionary tale about something that happened to me in the past few weeks. I’m posting it because I believe a lot can be learned by professionals (and others such as me) posting their security fails and problem-solving processes. I have a server at Hetzner for a personal project. It’s running Ubuntu with Docker and there are a few Docker containers running, Postgres and RabbitMQ among them. Last week I logged into the server to do some work and noticed it was running a bit slow.

Running Docker on Proxmox

There are a few different ways to run Docker on Proxmox. Here are some instructions and unscientific benchmarks comparing them.

Tumblr Has a Spam Problem

I have an account on Tumblr, though I seem to be one of the few people still on the site. Over the past few years, I’ve noticed an uptick in the amount of spam accounts following me. A considerable increase, in fact, so I decided to try to quantify how pervasive the problem was. Searching for Spam The first thing I had to do was create some criteria to use for categorizing accounts as “spam”.

AttackDefense - Cracking Hashcat Guide

AttackDefense is a new site with all sorts of awesome labs and CTFs for training. Best of all: the site is free. In this guide, I’ll detail how to complete the “Cracking MD5 Hashes” lab, though this strategy should work for most labs in the “Hashcat All” section. If you are unfamiliar with Hashcat, I’d strongly recommend reading the wiki or following Youtube tutorials elsewhere before trying this challenge.

Cyber Security Summit 2018 Highlights

I was fortunate enough to attend the 2018 Cyber Security Summit in Minneapolis, MN. Here I’ve tried to summarize each talk I attended into a small, digestible format, mostly written in their voices. Student Breakfast By: Ryan Aniol - State of Minnesota This was a super informative informal breakfast hosted by Ryan who aimed the talk at the students like myself. It was really nice to hear information directly relevant to my situation.

HackTheBox 'Poison' - Own User Guide

Note: If you are currently trying to get access to this box, I highly recommend you try it yourself first and only use this guide if you really are stuck. Intro Now that the Poison box is retired on hackthebox, we can talk publicly about how to gain access to this machine. While this machine was active, I only took the time to gain user access, not all the way to root.

Running Oracle 18c on MacOS

Update: May 14, 2019 This article originally contained instructions for running Oracle 12c. The Docker image that was being used was deleted by the author and so was not usable. I have updated the instructions to work again, though the image it uses now runs Oracle 18c. If you need to run 12c specifically, you’ll need to look for instructions elsewhere. Some screenshots may now be out of date. In this post, we will go through the steps of installing Oracle 12c in a Docker container and connect to the database using SQL Developer on a Mac.

Electroneum - First Impressions

A coworker recently sent me a link to Yet Another Cryptocurrency. Like most people, I’m pretty burnt out with all these new coins and ICO’s popping up each week. In fact, I get about 5-10 ICO spam emails in my Junk mail folder. This one looked to be just a little different, though. He was excited because this one allows you to use your phone to mine. I talked to him about how it’s a neat idea, but ultimately probably won’t be profitable, especially compare to a multi-GPU setup.

2017 Cyber Security Summit

Student Breakfast - MN IT Services w/ Chris Buse $400M budget for MNIT 0% unemployment rate MNIT wants to train/develop IT skills. Everyones wants skilled people but no one wants to train Lots of operational jobs Looking for interns with lots of general skills Flexible hours/locations Q/A with Chris “Are certifications worth it?” “Focus on certs, even though I don’t think they’re very useful. They’re mostly just to get passed HR.

WiFi Security Testing Cheatsheet

Prepare Wireless Card View Network Cards: iwconfig Kill Wireless Processes: airmon-ng check kill View Networks airodump-ng wlan0 Capture traffic airodump-ng --bssid 04:A1:51:9F:98:BB --wps --write ISSO-WPA2 --channel 6 wlan0 where: --bssid - MAC of router --wps - Output WPS information, may be able to try Reaver --write - File name to write to. No extension --channel - Statically set a channel. Don't need to unless de-authing wlan0 - Wireless interface Deauth - Do while capturing aireplay-ng --deauth 0 -a 04:A1:51:9F:11:11 -c E0:AC:CB:DA:1B:1B wlan0 where: