Security Links

Average Security Guys

Secure Planet






Linux tips :: Various

Custom prompt

$ export PS1=”[\d \t \u@\h:\w]$”

2015-10-28 09_35_45-caab@wrksedfsh_ ~

Logging #1

Use Putty to log commands. Can be handy for documentation

  • Change Settings… –> Session –> Logging
    • Session logging –> Printable output

PuTTY Reconfiguration

Logging #2

Turn on continuous logging

export PROMPT_COMMAND='if [ "$(id -u)" -ne 0 ]; then echo "$(date "+%Y-%m-%d.%H:%M:%S") $(pwd) $(history 1)" >> ~/.logs/bash-history-$(date "+%Y-%m-%d").log; fi'


Then, to find a specific command or text string is as easy as

# grep -h nmap ~/.logs/bash-history-2016-06*

Tor + proxychains + Kali

  1. Update Kali
    1. apt-get update
  2. Configure apt sources
    1. leafpad /etc/apt/sources.list
      1. add ‘deb wheezy main’
  3. Install Tor gpg keys
    1. gpg –keyserver –recv 886DDD89
    2. gpg –export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | apt-key add –
    3. apt-get update
    4. apt-get install
  4. Install Tor
    1. apt-get install tor
  5. Configure proxychains
    1. leafpad /etc/proxychains.conf
      1. uncomment ‘dynamic_chain’
      2. comment out ‘static_chain’
      3. add ‘socks5 9050’ at the end of the file
  6. Start Tor
    1. service tor start
  7. Execute proxychains
    1. proxychains nmap

Aircrack-ng + reaver + pixiewps


  • Kali Linux
  • Do a “apt-get update && apt-get dist-upgrade -y” in your Kali Linux machine

1) Install reaver

r0ot@kali:~# apt-get install reaver aircrack-ng

2) Put your interface in monitor mode:

ro0t@kali:~# airmon-ng start wlan0

Note: You should now have a monitor interface named ‘wlan0mon

3) Identify AP in-scope for testing

ro0t@kali:~# airodump-ng wlan0mon –wps

Note: Identify in-scope AP mac address(BSSID) & channel it runs out of

4) Run reaver with gathered info 

roth@kali:~#  reaver -i wlan0mon -c 11 -b 12:34:56:78:90:12 -K 1

5) Behold pixiewps magic

You’re presented with WPS PSK wihin seconds, thanks Kali, reaver & pixiewps …that’s what a call an alliance of power

Sophos UTM Home


For a long time now i’ve been thinking of how to step up the security of my home network. Inspired by The Network Guy i decided to give Sophos UTM Home a go.

Considering the vast amount of cybersecurity threats out there (0 day, FUD, Spear-/Phishing etc) Sophos  UTM Home sounds like an good solution. My aim is to find out how good in a couple of blog posts.

High-lights at a glance:

  • Network protection
    • Network Firewall
    • Intrusion Prevention System
    • Advanced Threat Protection
    • Secure VPN Access
    • Site-to-Site VPN
  • Wifi protection
    • Multiple WiFi Zones
    • Mobile NAC
    • Guest WiFi Hotspots
    • Secure Encryption
  • Web protection
    • Web Malware Protection
    • URL Filtering Policies
    • SafeSearch, YouTube, and Google Apps
    • HTTPS Scanning
  • Endpoint
    • Anti-Virus and Malware Protection
    • Device Control
    • Web in Endpoint
    • Single console management



  • Sophos UTM Home iso file – . Choose ‘UTM v9 software appliance’
  • MyUTM license – You will need to create a account and free license to upload to your newly created UTM.
  • Reflect over your existing network setup – If you like me have  a existing wireless router setup as only router(Wireless Router) including DHCP you will want to turn it into a accesspoint to cooporate with your new UTM.
  • Hardware – Sophos UTM Home have moderate hardware requirements so any old dekstop/laptop should do. I decided however to build my own box with the following h/w:
    • Chassi:            Compucase
    • Motherboard: Gigabyte J1900N-D3V, Embedded CPU, 2 NIC’s
    • Disk:                Kingston SSD 120GB
    • Memory:          Corsair DDR3 4GB



1. Boot Up

Make sure to set correct boot device order in BIOS IMG_20150207_081730

2. Installation. Be warned, everything on the disk will be erasedIMG_20150207_081917IMG_20150207_082001

3. Everythings detected


4.  64bit if possible


5. We wish to install all capabilities


6. WebAdmin next




  1.  Basic configuration


2. License file installation – If you havent done so already, surf to, create an myutm account, create an license file & download it for installation into your newly created UTM box.


End of part #1