2015-04-01

Raspberry Pi random host generator

Say you have a really watchful network/systems administrator that keeps a close eye on new devices being joined to the network...

You know where this is going. It's April 1st.

Toss this into /home/pi, then make it executable.

#!/bin/sh
while true
do
  mac=`echo -n 00:03:BA; dd bs=1 count=3 if=/dev/urandom 2>/dev/null | hexdump -v -e '/1 ":%02X"'`
  newhost=`dd if=/dev/urandom bs=35 count=1 2>/dev/null | tr -dc "a-z"`
  echo $mac $newhost
  ifconfig eth0 down
  pkill dhclient
  hostname $newhost
  ifconfig eth0 hw ether $mac
  rm /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_dsa_key
  ssh-keygen -f /etc/ssh/ssh_host_rsa_key -N '' -t rsa -P ''
  ssh-keygen -f /etc/ssh/ssh_host_dsa_key -N '' -t dsa -P ''
  ifconfig eth0 up
  dhclient eth0
  ip addr show eth0 | grep "inet "
  echo "Sleeping..."
  sleep 60
done


You can add the below line before "exit 0" line at the end of /etc/rc.local on Raspbian to make it start up at boot.  You have a random host generator that spawns a new MAC Address, random host name and new SSH keys every minute or so.

nohup /home/pi/mac.sh >> /tmp/mac.out&

A few notes:

  • This will totally hose all of your SSH host keys on the pi.  Make backups of them if they're important to you.
  • I chose an OUI (00:30:BA) that I knew would not match anything else on the target network. You may wish to do some research and change the hard-coded OUI prefix in the code above.
  • The interface fluxing will also make remote management troublesome unless you have a wireless adapter that's on a more stable network, but this can betray you, as the host keys keep changing to match the wired interfaces. 
  • I took the additional step of leaving the Pi powered on for a few minutes before attaching the ethernet cable, so that it wouldn't ever show up on the network with a Raspberry Pi MAC address, since it had time to generate a new fake address before I hooked it in.
  • There are some very simple ways to defend against something like this.
  • It goes without saying, but pranks at work can lead to disciplinary action.
Also, thanks to the target of this April Fool's day prank for giving me a few extra ideas (included here, but not in the original implementation) after catching me in the act. 

2014-11-01

OpenBSD 5.6

OpenBSD 5.6 was released to the world today. The first things I noticed was a hint of better laptop support via an extra prompt from the installer, and the fact that they have finally ditched a functioning version of the apache fork in the base distribution, requiring users to rely on either nginx or the all-new relayd-based httpd, both of which are provided in OpenBSD 5.6. I've already updated the walk-through for OpenBSD/nginx/MySQL/PHP-FPM (ONMP Stack). As Apache is now out of the base distribution, I will transition the OAMP Stack page to cover Apache2 from the package repository. I plan on working out the details of getting MySQL/PHP working with the new httpd as well, but that could take a while.

2014-10-30

It's a loop recorder for your network!

I haven't written here much lately. I've been swamped with work and real life.

Recently, my wife wanted me to clone one of my VMs so she could play around with running a MUD for some friends. Yes, my wife's a nerd like me. As anyone who's ever run a game server can guess, it didn't take long for the griefers to show up. She asked me to log everything going to her VM. I could have probably compiled DaemonLogger or something similar, but I decided tcpdump was more than capable enough for us.

sudo tcpdump -i eth0 -wPacketLog -W10 -C100M

Throw that in the background (or in a tmux/screen session) and enjoy a 1GB looped recording of everything you can see on the network, broken into 100MB chunks (named PacketLog0 - PacketLog9), overwriting old files as it goes. You can also add typical tcpdump filters (e.g. "tcp port 80") to the end if you want. Adjust -W to increase/decrease the number of files it saves and -C to adjust the number of MB of data kept in each file. File prefixes, as you guessed, are controlled by the -w option.

If you want to monitor your whole network, this works best if you have a span/mirror port set up, or you can make a passive network tap.

To review the contents of the saved file, use tcpdump -nvXs0 -r PacketLogN (displays the contents in Hex/Ascii side-by-side format) on the file you want. You can also use tcpdump filters here to watch specific connections, protocols and/or hosts.

2014-05-09

OpenBSD 5.5 PHP/MySQL walk-throughs are updated

As of last night, the walk-throughs for setting up PHP/MySQL stacks on OpenBSD have been updated for OpenBSD 5.5. In November, OpenBSD is planning on dropping Apache from the base distribution, so now is the time to bone up on nginx. Don't worry, Apache will still be in the package repository (likely only apache2), but expect the Apache walk-through to have some dramatic changes later this year.





At any rate, belhold, the updated guides:

2014-04-30

OpenBSD 5.5: It's aliiiiive!

Several mirrors are live with OpenBSD 5.5 available for download. ftp5 is my go-to.

I think the most interesting changes are crypto-signed release and package files (see signify(1) for details) and the addition of an automated unattended install (see autoinstall(8)). As always, more hardware support, some bug fixes, and interesting new features. This weekend, I'll probably make sure that our OAMP and nginx walk-throughs still work, with minor tweaks.

Recent Baofeng vs. Classic Yaesu

My first real ham radios were a pair of outdated Yaesu handhelds -- The VX-7R, and the VX-2. Both of them entered production more than a decade ago, and while I believe Yaesu still makes the VX-7R, the VX-8 series de-throned it as Yaesu's Flagship Handheld radio in 2008. The VX-2 was replaced by the VX-3 in 2007.

When I got my license a few years ago, inexpensive handheld radios were just starting to become popular. I've had more than a year to put two polar-opposites head-to-head against each other.

I won't dwell much on my VX-2 or the newer VX-3. These diminutive Yaesu handhelds pack a lot of features into a small package, but with a maximum of 1.5 watts when running on battery power, they aren't very practical for most hams. It's a good, compact radio if you only want to monitor or scan ham and business band channels.  Much of what I write below will hold true for the VX-2 and VX-3 compared to the similarly-sized, low-power Baofeng UV-3R radios.

To provide some context, I've been using the Baofeng almost daily since early March of 2013. The stock battery in my Yaesu had become almost unusable, and the cheap ($20) replacement battery failed within 9 months. A new "official" Yaesu battery for the VX-7R costs between 70 and 100 dollars depending where you look. I opted to spend half of that on a new, cheap Baofeng UV-5R. After more than a year of using it, I figure I'm qualified to make a comparison.

On with the show.

Left: Baofeng UV-5RA (Circa 2012)
Right: Yaesu VX-7R (Circa 2007)

Let's start with the Baofeng, because this radio, and ones like it available under brand names such as Wouxun and TYT, have become quite popular among new ham radio operators mostly due to their low prices, ranging anywhere from $30 to $160. Many of these radios were designed to be programmed for Business Band (FCC Part 90) use, and some even bear type certification for this use. They are clearly competing with Motorola and Kenwood in the business radio arena. Others, like my UV-5RA, bear no type certification and can only be legally used for ham radio frequencies.

The Good:
  • These radios will get you on the air for 2m and 70cm repeaters, which is many peoples' first step to becoming an active ham radio operator.
  • On simplex freqencies, they make excellent walkie-talkies (assuming everyone's licensed, of course) and will provide much better range than a pair of FRS or hand-held CB radios. Highly recommended for camping, bike trips, road convoys, the bug-out-bag, etc.
  • This radio can receive broadcast FM, and can receive and transmit in the 136-174 MHz and 400-480MHz bands including weather radio.
  • Relatively inexpensive
  • Long battery life, even for long-winded ragchews or an active day helping with a public service event (marathons, bike races, storm spotting)
  • The backlight is very bright and the display is fairly easy to read in all lighting conditions.
The Bad:
  • Although it displays two frequencies at once, it cannot actually use both at the same time. "Dual Watch" tries to emulate simultaneous use of both tuners.
  • Dual Watch functionality can be problematic and lead to you inadvertently transmitting on the "wrong" tuner if you're not careful. 
  • Scanning is very slow: in 5kHz steps, it takes exactly one minute to scan 1MHz. 
  • Poor interference rejection either due to or causing RF squelch to be over-sensitive
  • When using CTCSS tone for squelch, the speaker still un-mutes when no CTCSS carrier is present on occasion
The Ugly:
  • The backlight is very bright and cannot be turned down, only off. You can change the color between a reddish-orange, purple and blue. At night, the display seems far too bright to me.
  • The construction is cheap.
  • Ambiguous menu abbreviations are difficult to navigate without a manual.
  • Complaints of parts failures are common.
In short, this makes a good back-up radio, or one to lend to a new ham for a few weeks while they save up for a rig, but it leaves plenty to be desired. I'm not sure I'd recommend that a new ham goes out and buys one as their only radio.

The Yaesu, by comparison, has quite a bit more going for it, at the expense of... well... money.

The Good:
  • VERY fast scanning: 1MHz at 5hKz increments in 10 seconds. 
  • Dual VFO functionality can receive from two channels at the same time. 
  • Can receive almost every frequency between 500kHz and 1GHz, with a few gaps in coverage for legacy mobile phone frequencies that the FCC forbids reception of. This includes weather radio, AM/FM broadcast radio, CB, shortwave and most analog two-way radio transmissions.
  • Quad-band transmitter that's capable of operating at full power on 2m and 70cm as well as limited power on 1.25m (220 MHz) and 6m (50MHz). 
  • Alloy case is an excellent heatsink and construction is very solid
  • Water-resistant to 10 feet, which makes it my go-to radio for storm spotting if I need to be outside my home or my car.
  • "Smart scan" loads in-use ham frequencies into memory for you automatically (requires a few hours of scanning)
  • "Frequency counter" mode, which isn't really a frequency counter, but is good for finding the frequency being used by almost any nearby RF transmitter
  • "Spectrum analyzer" mode that I've found comes in handy for rough calibration of transmitters, identifying spurious emissions and visualizing how wideband certain transmissions are (hint: my 900 MHz wireless headphones use almost 100KHz of bandwidth!) 
  • Severe weather alert mode
  • Superior interference rejection
  • Can be hacked in interesting ways with software. Don't get yourself into trouble.
  • Menu options are pretty self-explanatory.
The Bad:
  • Cost! The radio, brand new, retails for $350 or more, making it literally 7 times more expensive than the average Baofeng on Amazon. Used, expect to pay $250 for one in good condition.
  • Most official parts and accessories from Yaesu are also expensive, especially batteries.
  • Overwhelming number of menu options might daunt some users.
 The Ugly:
  • The alloy case is prone to superficial cracks and blemishes.
  • The display has very flexible options for large numbers, but seems difficult to read with default settings. 
  • The backlight is adjustable, but its highest setting isn't very bright.

Programming either of these radios is a task best left to the software, which may cost money, and requires a programming cable, which definitely costs money. Programming either of them from the keypad can be a chore, but that's how I opted to set mine up. Overall, the Yaesu's menus make programming channels in with meaningful labels a lot easier than the Baofeng.

There are quite a few websites dedicated to hacking and using the cheaper radios. The one I stumbled across most often was http://www.miklor.com. Without the programming guide there, I would have never figured out how to get the local repeaters plugged into my Baofeng.

This week, the Baofeng experiment ended, as I finally caved in and bought a new battery for the VX-7R. The moral of the story is that you really do get what you pay for a lot of the time, and the more expensive handheld radios can pay off in the long run. The Baofeng will still be my backup radio. It's proven to be reliable, and when you just need to get on the air, that's what counts.

2014-04-12

Baofeng Antenna Hacking

The infamous Baofeng. Specifically, I have the UV-5RA model. This is a lot of new hams' first handheld radio, and perhaps first radio period. I picked this one up because it was half the price of paying for a new battery to get my Yaesu VX-7R back on the air, and I had to get a reliable handheld radio quickly. I've had this one for about a year. I'm not sure I'd recommend it as a first radio unless you're really on a budget, but for what it is, I've been pretty happy with it. Lack of features compared to my Yaesu radios aside, my only complaints are that it poor intermod rejection, and the receive CTCSS squelch frequently fails to keep RF noise from coming through the speaker when there's not a real carrier there.

One thing that a lot of people complain about is the OEM antenna, but people complain about stock antennae on all handhelds. I stay pretty close to the repeaters I use frequently, so mine hadn't given me any problems until recently. A few weeks ago, I noticed that I had trouble picking up a repeater that's REALLY close during the weekly storm spotter net. Checking into these discussions weekly, even in the off-season, is one way to check that your equipment works. Mine wasn't. After testing everything else, the OEM antenna turned out to be the culprit. I cut it open to see what's inside. In my case, the wire going from the center SMA pin to the antenna coil had broken loose. You can see the antenna guts below.

I have a lot of antennae with male SMA connectors for my Yaesu handheld radios. A lot of these inexpensive Chinese radios (Baofeng included) use a female SMA antenna for whatever reason. Instead of coughing up $20-$40 at the local candy store for a new antenna that works with my Baofeng, I picked up an SMA coupler similar to one you can find at Radio Shack. It has flats on the sides, so I used a pair of needle nose pliers to screw it tightly into the Baofeng. You don't want to strip the coupler or the radio's connector, but it should be pretty snug there, so that it'll stay in the radio when you unscrew antennae from it. I had this Comet SMA-24 laying around, and chose to use it on the Baofeng. It comes with a rubber spacer, which comes in handy for this install. The new antenna fits on nicely with the addition of the spacer. Without it, a little section of the coupler shows through. The end result is that all my other HT antennae now work perfectly on this radio.