Category Archives: Daemons

Daemons, Linux, ntp

Building GPS Clock on Pi w/ Debian Stretch

December 2, 2018 Null

Start with Raspbian Stretch Lite

Install most current packages:
apt-get update
apt-get upgrade
apt-get dist-upgrade

Clean up packages:
aptitude search ‘~o’
apt-get autoremove

reboot

Test GPS Sentences:
cat /dev/ttyAMA0

Limit GPS Sentences:
#GPZDA
/bin/echo -e ‘$PMTK314,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0*29\r\n’ > /dev/ttyAMA0

#GPRMC
/bin/echo -e ‘$PMTK314,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0*29\r\n’ > /dev/ttyAMA0

Configure Pi:
raspi-config
configure local >> [*] en_US.UTF-8 UTF-8
timezone >> Chicago
advanced >> Expand filesystem

reboot

Get and Unpack NTP source:
wget http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ntp-4.2.8p12.tar.gz
tar -zxvf ntp-4.2.8p12.tar.gz

Compile NTP:
apt-get install libcap-dev

./configure –disable-all-clocks –disable-parse-clocks –without-lineeditlibs –enable-NMEA –enable-LOCAL-CLOCK –enable-SHM –enable-linuxcaps –enable-ATOM –enable-pps –with-sntp=no –prefix=/usr

Postfix Forwarding

April 14, 2015 Null

Forward all email from a linux host to an SMTP server.

vi /etc/postfix/transport
* smtp:mail.mydomain.com

vi /etc/postfix/main.cf
transport_maps = hash:/etc/postfix/transport

postmap hash:/etc/postfix/transport

postfix reload

Permalink (25 words)

Daemons, Hardware, Network, ntp

NTP Spoof Attacks

February 2, 2014 Null

Apparently 2 out of 3 of our GPS clocks were being used in a spoof/DDOS attack.

The basic premise is that time requests are sent to the service with a spoofed IP for the response. Add in 100/1000/10000 clocks send results to a server/service that did not request them results in a denial of service attack.

Both clocks have been removed from the pool, scheduled for February 6th. Hickory.kulish.com has port 123 UDP closed at this time. The maintainer of Dickory.kulish.com has been notified.

Email Server Attack

February 23, 2013 Null

Type:	Brute Force
Protocol:	POP3
OS:	Linux 3.6.11+ armv6l
Platform:	Pi Rev. B
Memory:	512M
Daemon:	Dovecot 2.1.7-7

Backend Daemon:	MySQL 5.5
Backend OS:	Linux 2.6.32-5-amd64
Backend Platform:	Generic AMD A4-3400 APU Dual Core
Backend Memory:	3.5G

Total Attempts:	13356
Avg. Attempt/s:	2.71

Postmortem:
67.136.48.186 was *unable* to successfully authenticate to any valid user.
Attack was mitigated at the firewall (DROP).
abuse@integratelecom.com was contacted about this event.

Pi GPPS Clocks

February 5, 2013 Null 2 Comments

Use Chris’ PPS kernel (until I have time or am compelled to compile my own).

Compile ntp 4.2.6p5 as follows (from aquarat):
But first: apt-get install libcap-dev

./configure --enable-ATOM --enable-NMEA --enable-linuxcaps; make; make install

Disable TTY on /dev/AMA0 in /boot/cmdline.txt
dwc_otg.lpm_enable=0 console=tty1 root=/dev/mmcblk0p2 rootfstype=ext4 elevator=deadline rootwait

Set baud rate in /boot/config.txt
init_uart_baud=9600
and
Disable GPU sdram pause
# Disable GPU sdram mem pause disable_pvt=1

Comment out getty in /etc/inittab:
#Spawn a getty on Raspberry Pi serial line #T0:23:respawn:/sbin/getty -L ttyAMA0 115200 vt100

Add pps-gpio to /etc/modules

TECH.kulish.com