So I saw this the other day while cruising through the local grocery store. I walked by it and laughed at the sight of a BIOS screen on an ATM (of sorts) before returning to take the photo. [Nevermind the man and baby in the background.] Oh, the fun we could have if I were an after-hours stock boy. 😀
It’s been a while since I’ve been around these parts. 409 days, if you’re the nerdy track-all-the-things type.
Maybe I’ll sling some content on the blog and see what sticks…
A couple weeks ago I blogged about my downloadOTX.sh script, which automates the collection of AlienVault OTX reports. I hadn’t used this script in about a week, so I was surprised to see some 404 errors this morning:
$ ./downloadOTX.sh 22.214.171.124 --2015-03-09 10:47:29-- http://www.alienvault.com/apps/api/threat/pdf/?ip=126.96.36.199 Resolving www.alienvault.com (www.alienvault.com)... 188.8.131.52 Connecting to www.alienvault.com (www.alienvault.com)|184.108.40.206|:80... connected. HTTP request sent, awaiting response... 301 Moved Permanently Location: https://www.alienvault.com/apps/api/threat/pdf/?ip=220.127.116.11 [following] --2015-03-09 10:47:29-- https://www.alienvault.com/apps/api/threat/pdf/?ip=18.104.22.168 Connecting to www.alienvault.com (www.alienvault.com)|22.214.171.124|:443... connected. HTTP request sent, awaiting response... 404 NOT FOUND 2015-03-09 10:47:30 ERROR 404: NOT FOUND.
As you might have noticed form this week’s blog posts, I enjoy writing code to automate tedious or time consuming tasks. Well, maybe it might be a stretch to say I enjoy it — but I certainly reap the benefit of putting in the hard work to automate tasks that I otherwise hate performing. I do, however, enjoy publishing much of this code on the Internet in hopes that others will find it useful and I occasionally hear from them stating such.
In a past life, as a Network Engineer, I wrote a small application which automates the ability to search a Cisco router for a VRF VPN profile and back it up to disk. (If you’re making changes to your Cisco routers and you don’t back up your configurations before you change them, then you obviously haven’t broken one yet.) I received a lot of feedback from other people who found this tool to be useful and use it regularly. I also recently received word that it doesn’t work under Cisco IOS 15.4.
Specifically, it blows up right about here:
VRFSearchAndBackup.py v1.0.1 (2014-03-17) ----------------------------------------- --> Index found and appears up to date. Enter the VRF Name or IP Address you are searching for: USG-10195 +--------------------+--------------------+--------------------+ | VRF NAME | REMOTE IP ADDRESS | LOCAL IP ADDRESS | +--------------------+--------------------+--------------------+ | ABC-12345 | 192.168.1.1 | 192.168.2.1 | | ABC-12345 | 192.168.1.1 | 192.168.2.1 | +--------------------+--------------------+--------------------+ Do you want to back up this configuration now? [Y/n] --> Logging into 192.168.2.1... --> Backing up ABC-12345 ... Traceback (most recent call last): File "<string>", line 534, in <module> File "<string>", line 413, in searchIndex File "<string>", line 176, in backupVRF AttributeError: 'NoneType' object has no attribute 'group' C:\Applications>
One of the least glamorous parts of network security is capturing information on Internet hosts that exhibit malicious intent. Here is a script that I’ve created to help automate the process of collecting AlienVault’s Open Threat Exchange (OTX) reports:
#!/usr/bin/sh # # downloadOTX.sh # # This script uses AlienVault's Open Threat Exchange (OTX) to download a PDF # containing the IP reputation of the IP Addresses provided. # # USAGE: # $ ./downloadOTX.sh 126.96.36.199 # $ ./downloadOTX.sh 188.8.131.52 184.108.40.206 220.127.116.11 etc. # # Set path to save files: path=/Downloads/ # Set filename prefix and/or suffix: prefix= suffix=\_otx.pdf for args in "$@" do wget http://www.alienvault.com/apps/api/threat/pdf/?ip=$args -O $path$prefix$args$suffix done
One of the least glamorous parts of network security is capturing information on Internet hosts that exhibit malicious intent. Here is a script that I’ve created to help automate the process of collecting WHOIS information:
#!/usr/bin/sh # # downloadWHOIS.sh # # This script uses native whois command to return the WHOIS information # of the IP Addresses provided. # # USAGE: # $ ./downloadWHOIS.sh 18.104.22.168 # $ ./downloadWHOIS.sh 22.214.171.124 126.96.36.199 188.8.131.52 etc. # # Set path to save files: path=/Downloads/ # Set filename prefix and/or suffix: prefix= suffix=\_whois.txt for args in "$@" do whois $args > $path$prefix$args$suffix done
Regular readers, assuming I have any left, may have noticed activity around here has been pretty quiet the past few months. Major work projects with deadlines in November last year sucked up all my available time outside family life. In a very short timeframe I was able to successfully integrate both a new network performance monitoring tool and an intrusion detection system into our network. Now that those things have (mostly) settled down a bit, I have more time to continue exploring activities that interest me and the margin to blog about them.
In 2014 I began capturing basic metrics on the blog and I thought it would be fun to look back at the year to see what was hot and what was not. In the approximately 86 blog posts I made in 2014, one post practically dominated the majority of my inbound traffic. I’m not a paid subscriber to StatCounter, so I can’t provide you with a detailed history, but if the last 9 days are any indication, you can see just how popular my How To Rip P90X3 DVDs With Handbrake post was:
Thanks to everyone participating in the comments section on that post. I never imagined there would be so much interest in this topic when I wrote my guide. Continue Reading…
I wanted to salvage that mini breadboard and I had some Adafruit Perma-Proto PCBs that were looking lonely, so I moved all everything over and soldered it into place. It turned out pretty well, but I wasn’t so sure by the time I had arrived to the end.
I started by placing the 555 timer directly in the center of the board instead of counting out my spacing to ensure I’d h ave enough room the way everything was laid out. As it turns out, I did, but I was right on the edge of the board when I soldered the capacitor on. Had I started one space closer to the edge of the board, I wouldn’t have had enough room.
You can see the finished product posted on Vine:
In closing, I wanted to say a few things about my experience with DerbyCon CTF 2014.
This year was much different than years past simply because I had my family with me this year. Although I had my wife’s blessing to experience the con as I always had, it just felt different because my family was present and therefore I acted different.
When I was in the CTF room my attention was divided between trying to discover the next flag and taking a break to spend time with my family. When I was with my family, my mind was secretly trying to solve a problem I hadn’t yet answered. In other words, it wasn’t much fun for me or the family. Well, it wasn’t awful — it just couldn’t be both.