Archive for the ‘Tech’ Category

PKI Revisited

A little more than two years ago, I set up a PKI and did a post on it. The main goal was to get a certificate on my EdgeOS router to get proper HTTPS support without the annoying red X. When I did it, however, I didn’t do it quite right, and so I decided to redo it all. Some of the major problems:

  • The cert for my router expired after two years. Hence, I as of today I need a new cert anyway.
  • The intermediate cert also expired after two years. Lame!
  • To trust the chain, I had to import the intermediate cert into Windows, not the root cert. I should just need the root cert.

So I decided to do it right, and do it all over again for posterity, again largely following this post from Didier Stevens and again having the same old issues. Details below.

Read the rest of this entry »

Netflow and Splunk

Yesterday, I told the tale of getting netflow data out of my EdgeOS router. Once I started actually receiving data, I wanted to get it into Splunk. I figured that I would have to set up a directory for netflow log data from nfdump, then set up a reader to have Splunk ingest the data. After doing some Googling, though, I found the Splunk Add-on for NetFlow, which handles all of that automatically! Once you get it up and running, that is.

Read the rest of this entry »

EdgeOS and Netflow

I’ve written a lot about getting stuff working on my Ubiquiti EdgeOS router. Recently, I got the idea in my head to enable netflow on the router to do some traffic analysis. My router does support exporting netflow data, so I thought it would be fairly simple to set up. In the end, it wasn’t too hard, but it did take some research and at least one dumb mistake.

Read the rest of this entry »

EdgeOS and IPv6 Revisited

About a week ago I noticed that my browsing was no longer using IPv6. How, you ask? I use IPvFoo, a Chrome extension that shows you in your address bar whether you are browsing a site using IPv4 or IPv6. True, only Google and Facebook are the sites that I browse regularly that use IPv6, but I still noticed that something was amiss. Not a high priority, I forgot about it for a few days until I saw a thread in the IPv6 subreddit which solved the mystery for me: Comcast had stopped giving out /60 address blocks to residential customers.

Read the rest of this entry »

Monitoring my UPS with Splunk

Last time, I had set up my UPS monitoring software on my CentOS logging server. But I wanted more: what good is having a UPS if I can’t monitor things like voltage, battery charge, and load on an ongoing basis? Of course, the answer to this is to log to Splunk, which is what I ended up doing.

Read the rest of this entry »

Installing NUT on CentOS

Getting a UPS (Uninterruptible Power Supply) has long been on my tech wish list, so that I could keep my network and logging server up and running during transient power outages. Fortunately, aside from a brief outage right after we bought our house three years ago, power has not been a problem, unlike when I lived in Uptown, with nearly monthly outages. Nevertheless, you never know when the power will go out, so a UPS is a good insurance policy.

So when I recently got the opportunity to pick up one for a steal, I took advantage. Like most UPS appliances, this one came with monitoring software to allow for managing the UPS, as well as safely shutting down a linked computer if the battery backup lost juice, but it was for Windows only. Since I wanted to attach this to my CentOS server, that would not do. Never fear, though, since there is a Linux application that fits the bill: NUT, or Network UPS Tools. Below, I talk about what I did to get it up and running on my server.

Read the rest of this entry »

mDNS Update

My last update on getting Bonjour/mDNS working on my network ended with “If it ain’t broke”… Sadly, the broke state cropped up at some point between then and now. Home sharing with the Apple TV was no longer working, and nothing had changed on my end to break it. Apple may have changed things on their end, breaking stuff, but regardless of the cause, my network wasn’t working right.

Fortunately, the fine people on the EdgeOS boards had already fixed this, amusingly enough even before my earlier attempts to get it working right. Instead of using mDNS reflector, using mDNS repeater apparently works much better. Specifically, following the instructions here fixed things nicely. Until the next time something breaks, that is…

Splunk Reporting: Port Scans

It’s been a while since I’ve done some Splunk work on my home network, but lately I’ve been thinking about port scans, specifically about reporting on port scans against my environment. I’m not terribly worried about people scanning my network since it is quite locked down, but why not check on it to see if anything interesting is going on? Before too long I had a new dashboard; details below the jump.

Read the rest of this entry »

Crypto 1

I’ve been taking my first MOOC via Coursera, Crypto 1, taught by Dan Boneh. I’ve just finished up the final, and it’s been a fantastic experience, something I’d recommend to anybody with an interest in the subject.

This course is more about theory that how to implement crypto in the real world, but the theory is very important and shows exactly what drives a lot of the implementation decisions that implementations make. A lot of people think that MOOCs are easy classes, and this one is certainly not: it’s a fairly technical course, full of things like number theory, but it it doesn’t require a deep mathematics background. It also doesn’t require any programming knowledge, but if you do code, there are a number of extra credit assignments where you can put what you learn into practice, doing cool things like breaking RSA. It’s programming-language agnostic, but the examples are all written in Python so I used this course to try to pick it up, and managed to complete all of the programming assignments.

Crypto 1 focuses on symmetric-key crypto and hashes, with some asymmetric thrown in at the end. There is a sequel to this course, Crypto 2, which focuses more on asymmetric-key crypto. I’ll take that one eventually. I’m also going to go through the Coursera catalog and see what other interesting things I can take. Sure, I don’t get official credit, but I love learning.

Replacing Chef’s self-signed certificates

Having gotten my home network and logging to a point where I wanted it, my next project was going to be Chef. Life intervened before I got too much involved with Chef, but now that things are approaching a sense of normalcy, I’m trying to pick up where I left off. My ultimate goal is to set up my CentOS server as a Chef server, and control my virtual machines via Chef automation. One minor speed bump along the way was the web interface for Chef, which uses self-signed certificates and so gave me the annoying warning when accessing it. I fixed that problem by replacing the certs with my own, below the fold.

Read the rest of this entry »

« Older Entries