Sunday, September 29, 2013

Installing and Configuring OpenVPN Access Server

I've used ssh before to connect to my home router and send web traffic through it when I was out on untrusted public networks.  I thought that it would be nice to take that to the next step and set up a VPN server at home.  That way, I'd be able to connect to my home network securely from the internet.  I can also use it to secure my network traffic when on a public wifi connection.

Now that I have an ESXi server up, I thought that I'd try to use a dedicated virtual machine.  I searched for existing appliances, and found the OpenVPN Access Server appliance here.  The directions for configuring it are here.

There is a great description of what OpenVPN Access Server is on this page.
OpenVPN Access Server is a full featured SSL VPN software solution that integrates OpenVPN server capabilities, enterprise management capabilities, simplified OpenVPN Connect UI, and OpenVPN Client software packages that accommodate Windows, MAC, and Linux OS environments. OpenVPN Access Server supports a wide range of configurations, including secure and granular remote access to internal network and/ or private cloud network resources and applications with fine-grained access control.
It comes with two free licenses, which supports two concurrent connections.

I configured it using most defaults.  I then set up my router to forward TCP traffic on port 443 to the appliance, which I gave a static IP address.  The web interface is actually on port 943, but the server will automatically route https requests on port 443 to port 943.  There is also a UDP daemon on port 1194.

I was able to connect to the server using my phone and an OpenVPN client.  I downloaded the configuration from the server and connected with my username and password.

This was nice, but I'd much rather use certificates (public/private keys), especially because this is exposed to the internet.  My next step is to configure the server and clients to use PKI (Public Key Infrastructure).


Posted by at No comments:
Labels: , ,

Saturday, August 31, 2013

Software Defined Radio on Raspberry Pi

I've been playing around with this USB dongle for software defined radio.  I got it to work in Kali Linux (VM).  I was able to send ADS-B packets from the Kali VM to the windows host which was running adsbSCOPE 2.63.  I saw that some people have used a Raspberry Pi to receive the signals and rebroadcast over a network, so I wanted to try that next.

I first looked for the rtl-sdr drivers using apt-get in Raspian.  Of course, that package wasn't there.  Thankfully, there are some simple instructions for getting the source code for the driver and building it here.

Here is what I did.

  1. Update my version of Raspian.  This updates the package lists and then installs any updated packages.
    • root@rapberrypi:~# apt-get update
    • root@rapberrypi:~# apt-get uprade
  2.  Install packages needed to build packages from source.
    • root@rapberrypi:~# apt-get install git
    • root@rapberrypi:~# apt-get install cmake
    • root@rapberrypi:~# apt-get libusb-1.0-0-dev
    • I tried to install build-essential, but it was already installed
  3. Create a new directory.  I used the pi home directory.
    • root@rapberrypi:~# cd /home/pi
    • root@rapberrypi:/home/pi# mkdir src
    • root@rapberrypi:/home/pi# cd src
  4. Get the source code
    • root@rapberrypi:/home/pi/src# git clone git://git.osmocom.org/rtl-sdr.git
  5. Build and install it
    • root@rapberrypi:/home/pi/src# cd rtl-sdr
    • root@rapberrypi:/home/pi/src/rtl-sdr# mkdir build
    • root@rapberrypi:/home/pi/src/rtl-sdr# cd build
    • root@rapberrypi:/home/pi/src/rtl-sdr/build# cmake ../
    • root@rapberrypi:/home/pi/src/rtl-sdr/build# make
    • root@rapberrypi:/home/pi/src/rtl-sdr/build# make install
    • root@rapberrypi:/home/pi/src/rtl-sdr/build# ldconfig
ldconfig updates shared libraries cache.  It is useful in that it keeps programs from having to search through all of the library paths to find the correct version of a shared library.
  1. Test it.  I ran rtl_test and then rtl_adsb to see if I got any output.
    • root@rapberrypi:/home/pi/src/rtl-sdr/build# rtl_test
      Found 1 device(s):
        0:  ezcap USB 2.0 DVB-T/DAB/FM dongle
      ETC...
    • root@rapberrypi:/home/pi/src/rtl-sdr/build# rtl_adsb
      Found 1 device(s):
        0:  Realtek, RTL2838UHIDIR, SN: 00000001

      Using device 0: ezcap USB 2.0 DVB-T/DAB/FM dongle
      Found Rafael Micro R820T tuner
      Tuner gain set to automatic.
      Tuned to 1090000000 Hz.
      Sampling at 2000000 Hz.
      Exact sample rate is: 2000000.052982 Hz
      *aa7b30d2cec4af08045508ad3d47;
      ETC...
Once I got that working, I tried to send it to adsbSCOPE on the windows machine using netcat.  The command is given in the rtl_adsb help.
root@raspberrypi:/home/pi# rtl_adsb | netcat -lp 7000

Then in adsbSCOPE under 'other | Network' menu, I set the network setting to listen to the Raspberry Pi's IP address and port 7000 for the RAW-data-client.  I made sure the the RAW-data-client was active under the 'other | Network' menu.  
adsbSCOPE Network Setup Window

I was receiving packets and displaying aircraft location.  Not too many, but that might have to do with the antenna and location that I was receiving from.

adsbSCOPE Main Window, Decoding Location of One Airplane





Posted by at 1 comment:
Labels: , , ,

Kali 1.0.4 VirtualBox Guest Additions and Resolutions

I installed Kali 1.0.4 64bit on VirtualBox.  After updating it, I installed Guest Additions to get custom resolutions and better mouse support.  However, I was only able to get various 4:3 ratio resolutions, and definitely not custom sizes.

The solution is in this post.  What I needed to do was to uninstall Guest Additions, then install three packages using apt-get: dkms build-essential linux-headers-amd64.

The command was:
root@kali-vbox:~# apt-get install dkms build-essential linux-headers-amd64

After that, I reinstalled Guest Additions and rebooted.  I was able to use any resolution window after that using the normal command:
root@kali-vbox:/media/cdrom# sh ./VBoxLinuxAdditions.run
Posted by at No comments:
Labels: , , ,

Sunday, August 25, 2013

Software Defined Radio

Every once in a while, I look up information on Automatic Dependent Surveillance-Broadcast (ADS-B).  What is that?  It is a broadcast from airplanes that gives information about aircraft like their identification, speed, altitude, position, etc.  It will be replacing radar as the primary tracking and surveillance tool worldwide.  It is already in use by many aircraft.

What is neat (and stupid) is that this information is broadcast in the clear on 1090MHz.  So for a while, people have been using satellite receivers and hacking them to pick up the signal, or building their own board, or creating kits.  It seems to be pretty popular now with several software decoders and "radar" software to display the information.

I was looking for information again and saw that there was an easier way to receive data now.  There are $20 USB dongles for European Digital TV that work as Software Defined Radios (SDR).  They have ranges from 24MHz to 1700MHz for the newer tuner (R820T).

I bought one from amazon for $12.95.  This is the listing, but the price changes.  This one is $19.95, is recommended, and is identical to what I got.

A good place to get started is to google rtl sdr.  RTL is the name of the utility drivers for the Realtech RTL2832U receiver.  This blog looks good, and I used this page a lot.  I also decided to do my dirty work in a Kali (Linux, Debian based) VM because I didn't want to install a bunch of dodgy software on my windows laptop first.  It looks like there are some windows programs, but I was particularly interested in gqrx, which is linux based.

To get it to work on Kali, I followed this, which recommended building GNU Radio and gqrx from scratch.  I ended installing a fresh version of Kali 1.04, and then just installing gqrx using apt-get.  That took care of the dependencies, and it worked fine.  It couldn't have been much simpler.

After that I was able to tune in FM radio stations and receive 1090MHz ADSB broadcasts.  I downloaded a simple display tool (adsbSCOPE) to verify that I was getting good information.  This is windows software, so I ran it on my laptop.  I set it to get information from my VM on port 7000, then I used rtl_adsb piped through netcat on the Kali VM to deliver the ADSB data.  They were running on the same machine, but this could be distributed.  Even to a Raspberry Pi...

The next steps are to get a PAL to F connector adapter so that I can use better antennas, then create some better antennas.  This page does a great job of listing the software and antennas that you can use to get ADSB.  adsbSCOPE was one of four "radar" softwares listed, with three of the four being free.  

One of the other ADSB radar programs is Virtual Radar.  I didn't want to try it because it uses Google maps.  It is also a web server, so I figured it probably wouldn't work great offline.  Many of the installations are published to the internet.  To find them, execute this Google search: inurl:”VirtualRadar/GoogleMap.htm”.  The second one I looked at had this:




I'm looking forward to getting better antennas and decoding other information.  In theory, most transmissions in the 24MHz - 1700MHz range should be receivable with this dongle.  There are tricks to shift frequencies so that it can receive even lower frequencies.  This should cover AM, FM, ADSB, police, aviation, ADSB, and many others.  My next step is NOAA satellite broadcasts, but I'll need to make a better antenna.
Posted by at No comments:
Labels: , , , , ,
Subscribe to: Posts (Atom)