Security Classification Guide Changes

AIR FORCE

Rockwell Collins, Richardson, Texas, has been awarded a $12,010,975 definitization (P000013) to previously undefinitized contract FA8204-18-C-0010 (P00005) to implement Security Classification Guide changes. Work will be performed at Richardson, Texas, and is expected to be completed by Dec. 3, 2020. Fiscal 2018, research, development, test and evaluation funds in the amount of $818,227 are being obligated at the time of award. Air Force Nuclear Weapon Center, Hill Air Force Base, Utah, is the contracting activity.

 

Source:  https://dod.defense.gov/News/Contracts/Contract-View/Article/1660999/source/GovDelivery/

Professer Messer Security+ Videos

A good video supplement to Mike Meyer’s Videos for Security + is the Professor Messer set of videos:

Professor Messer Security+ Videos and Notes

These videos are 100% free.  And they are transcribed for those who prefer audio or visual learning.  Professor Messer also has detailed notes for a reasonable fee.

Vertamax 3000W Inverter Review

I have used the Vertamax 3000W inverter on and off over the past two months with various types and configurations of solar panels and batteries. It performs well under a load of up to 1200W and probably performs well beyond that, although I have not tried. It is well built.

One thing that I have noticed is that, as stated in the description, it does shut off under low voltage. However, the shutoff voltage is around 11.8V or 11.9V – not the 10.5V (+/- 3V) shown in the instruction manual. Of course, this is good for a lead acid battery under load because the inverter will shut down before the battery completely runs down. Running the battery completely down will dramatically shorten its life.

The description/manual also states that “When the input voltage rises to approximately 11.4 – 11.9V DC, the inverter restores to normal operation and the red FAULT indicator will turn off.” This is not correct. Even after a battery is fully charged to 12.9V, the fault like still blinks and the inverter does not come back on. I called WindyNation and spoke with a knowledgeable gentleman who verified that the only way to get the inverter to resume normal operation is to manually toggle the ON/OFF switch. This means that, at a remote unmanned site, a low voltage condition will cause the power to be off until someone can visit and reset it.

WindyNation told me a good rule of thumb to minimize the likelihood of batteries being run down below 50% – which is about as low as it is safe to go without damaging lead acid batteries. The rule of thumb is that choose a bank of deep cycle batteries that have as many amp hours as your solar panels have wattage. For example, six 100 watt solar panels should have a battery system rated at 600AH. This is general guidance and the exact ratio depends on the amount of sunshine in your location and the season. But, my experience over the past few months in North Texas is pretty much in line with this recommendation.

APT and RAT

An APT is an Advanced Persistent Threat.

An APT is underway when an attacker targets a particular system over a long period of time.  The goal is to gain information – not to damage or destroy the system.  His attack is perpetrated against well-chosen targets and the attackers have specific objectives.  For example, an enemy government may want to target a nuclear weapons facility.  Or an attacker might want to target a credit reporting company to get access to credit card numbers.

APTs usually target corporations, banks, government entities, and national defense systems for espionage purposes.  The attackers seldom want the target to discover their presence.

The steps to an APT attack are to gain access to a system, create backdoors and tunnels so that attackers can move around unnoticed, crack passwords and use other methods to gain enhanced privileges (like administrator rights), and then transfer targeted data to their own systems.

They often repeat this process until they are detected.

A Remote Access Trojan (RAT) is a program that includes a backdoor for the attacker to access administrative privileges on a target system.  These programs may be part of freeware programs from dubious sources.  Or they may be sent as an attachment to an email that the attacker entices the recipient to open.  One famous RAT is called Back Oriface.

 

Honeypots

The unfortunate reality is that, despite the best attempts at network security, attack attempts will occur.  Sometimes they will be successful. One way to detect an attack in progress is to set up a honeypot.

A honeypot is a system that is set up to attract an attack attempt and direct the attacker to a safe system where his actions can be tracked and assessed without compromising the system that we are really trying to protect. The honeypot could be:

  • A dedicated server
  • A simulated system or state machine
  • A service on a selected host.  An example would be Tiny Honeypot, which listens to ports not in legitimate use.
  • A virtual server
  • A single file with special attributes.  This is sometimes called a honeytoken.

A honeypot is never meant for authorized users to use.  So, any access to it is either accidental or hostile.

Renogy Rover Monitoring with the Raspberry Pi

The information, below, was posted on the Renogy Forum by a user with the screenname lindsey.  The forum recently moved and the documentation was temporarily lost.  The information was reposted; but I wanted to put it here for easy reference in case it gets lost again.

This information is about connecting the Renogy Rover to the Raspberry Pi for monitoring.

First, here is a general link discussing connection of the Raspberry Pi to a solar battery charger.

https://www.rototron.info/raspberry-pi-solar-serial-rest-api-tutorial/

Here is the wiring diagram that the Renogy Forum post provided:

Here is a sample output on an Android from the Python scripts.

Here is a sample database query.

DatabaseQuery

The diagram, below, is a diagram of how the Rover’s RJ-12 port splits out into RS-232 signals.  Note that only TX, RX, and ground are used.

The link below was put together by lindsey.  It describes the needed hardware (in addition to the Pi) as well as the general functionality of the Python code.

Raspberry PI Writeup

Finally, here is a zip file with the Python code.  Unfortunately, I do not have a way to contact lindsey.  The code comments say that her name is Lindsey Crawford.  If anyone knows how to contact her, please let me know.

SolarMonitor

NONAP – Nonlinear Adaptive Processor

NONAP stands for Nonlinear Adaptive Processor.

NONAP suppresses interference in direct-sequence spread-spectrum communications receive systems. It accomplishes this by optimizing the detection process dynamically against the current received interference.

The characteristics of interference are estimated statistically and then, using this information, are used to derive a nonlinear transform
to apply to the combination of signal and noise. As the statistical characteristics of the interference change, the resulting transformations change to match. Large improvements (tens of dB) can be achieved for a wide range of interference modulations.

For more information see J. H. Higbie’s paper, ADAPTIVE NONLINEAR SUPPRESSION OF INTERFERENCE, presented at MILCOM 88.

Network Protocols Port Numbers for Security+

Here are some of the common network protocols covered by the Security+ exam, along with their port numbers:

File Transfer Protocols

Name Definition TCP UDP Port Number
FTP File Transport Protocol X 20, 21
SSH Secure Shell X 22
SFTP Secure File Transport Protocol (uses SSH) X 22
SCP Secure Copy (uses SSH) X 22
TFTP Trivial File Transport Protocol X 69
FTPS File Transport Protocol Secure (uses SSL) X 443

Email Protocols

Name Definition TCP UDP Port Number
SMTP File Transport Protocol X 20, 21
POP3 Secure Shell X 22
IMAP4 Secure File Transport Protocol (uses SSH) X 22

Remote Access

Name Definition TCP UDP Port Number
Telnet Telnet X 23
TACACS Terminal Access Controller Access-Control System X 49
TACACS+ Terminal Access Controller Access-Control System+ X 49
SSL VPN SSL VPN – Secure Sockets Layer virtual private network X 443
ISAKMP (VPN) Internet Security Association and Key Management Protocol (virtual private network) X 500
L2TP Layer 2 Tunneling Protocol X 1701
PPTP Point-to-Point Tunneling Protocol X X 1723
RDP Remote Desktop Protocol X X 3389

Other Protocols

Name Definition TCP UDP Port Number
DNS Domain Name System X X 53
DHCP Dynamic Host Configuration Protocol X 67, 68
HTTP Hypertext Transfer Protocol X 80
HTTPS Hypertext Transfer Protocol Secure X 443
Kerberos Kerberos X X 88
NNTP Network News Transfer Protocol X 119
SNMP Simple Network Management Protocol X 161
SNMP Trap Simple Network Management Protocol Trap X X 162
LDAP Lightweight Directory Access Protocol X X 389
Syslog Syslog X 514