Category Archives: Daemons

Building GPS Clock on Pi w/ Debian Stretch

Start with Raspbian Stretch Lite

Install most current packages:
apt-get update
apt-get upgrade
apt-get dist-upgrade

Clean up packages:
aptitude search ‘~o’
apt-get autoremove


Test GPS Sentences:
cat /dev/ttyAMA0

Limit GPS Sentences:
/bin/echo -e ‘$PMTK314,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0*29\r\n’ > /dev/ttyAMA0

/bin/echo -e ‘$PMTK314,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0*29\r\n’ > /dev/ttyAMA0

Configure Pi:
configure local >> [*] en_US.UTF-8 UTF-8
timezone >> Chicago
advanced >> Expand filesystem


Get and Unpack NTP source:
tar -zxvf ntp-4.2.8p12.tar.gz

Compile NTP:
apt-get install libcap-dev

./configure –disable-all-clocks –disable-parse-clocks –without-lineeditlibs –enable-NMEA –enable-LOCAL-CLOCK –enable-SHM –enable-linuxcaps –enable-ATOM –enable-pps –with-sntp=no –prefix=/usr

NTP Spoof Attacks

Apparently 2 out of 3 of our GPS clocks were being used in a spoof/DDOS attack.

The basic premise is that time requests are sent to the service with a spoofed IP for the response. Add in 100/1000/10000 clocks send results to a server/service that did not request them results in a denial of service attack.

Both clocks have been removed from the pool, scheduled for February 6th. has port 123 UDP closed at this time. The maintainer of has been notified.

Email Server Attack

Type: Brute Force
Protocol: POP3
OS: Linux 3.6.11+ armv6l
Platform: Pi Rev. B
Memory: 512M
Daemon: Dovecot 2.1.7-7
Backend Daemon: MySQL 5.5
Backend OS: Linux 2.6.32-5-amd64
Backend Platform: Generic AMD A4-3400 APU Dual Core
Backend Memory: 3.5G
Total Attempts: 13356
Avg. Attempt/s: 2.71

Postmortem: was *unable* to successfully authenticate to any valid user.
Attack was mitigated at the firewall (DROP). was contacted about this event.

Pi GPPS Clocks

Use Chris’ PPS kernel (until I have time or am compelled to compile my own).

Compile ntp 4.2.6p5 as follows (from aquarat):
But first: apt-get install libcap-dev

./configure --enable-ATOM --enable-NMEA --enable-linuxcaps; make; make install

Disable TTY on /dev/AMA0 in /boot/cmdline.txt
dwc_otg.lpm_enable=0 console=tty1 root=/dev/mmcblk0p2 rootfstype=ext4 elevator=deadline rootwait

Set baud rate in /boot/config.txt

Disable GPU sdram pause
# Disable GPU sdram mem pause

Comment out getty in /etc/inittab:

#Spawn a getty on Raspberry Pi serial line
#T0:23:respawn:/sbin/getty -L ttyAMA0 115200 vt100

Add pps-gpio to /etc/modules