Browse Tag: how to

Fix Xbox Live Achievements not popping up when using Pi-Hole

About: I’ve been using Pi-Hole on my Raspberry Pi for the past year to block ad’s on my whole network. It works great however some of the ad blocking lists end up blocking the Xbox Live servers which cause weird issues like being unable to update your Xbox or unable to access Netflix or Youtube or just simply not allowing you to connect to the Xbox Live servers. I have compiled a list of domains that should be white-listed to avoid these issues, check out the white-list here.

The issue I was having was my achievements would take up to a week to show completed and show up on my Xbox. I usually don’t play many games that unlock achievements but I was suspicious when the achievements would unlock at random times, often when I am not even playing the game. I did some investigating and seeing what domains were being blocked on my Pi-Hole while the Xbox was sitting idle and found a few Microsoft domains that were being blocked. I compiled the short list below.

Objective: To fix Xbox Live achievements not showing up when using Pi-Hole due to blocking of Microsoft servers.

Material: You will need the following:

  • Xbox One (Click the link to check out the price on Amazon. Usually under $250 with free shipping and some bundles let you choose your own game)

Continue Reading

3 steps to take to improve the security of your Raspberry Pi server

About: The latest version of Raspbian disables SSH by default to improve security of the Raspberry Pi. This is a great step of improving internet and network security and I congratulate the Raspberry Pi team for moving forward with this step and making it super easy to enable SSH by simply adding a file called “ssh” into the /boot/ directory.

Enabling SSH allows you to use your Raspberry Pi headless, meaning you can use it without a keyboard and monitor by connecting to it from another computer. The problem with enabling SSH on your Raspberry Pi server is that if you expose your server to the internet you will notice many hackers will attempt to connect to your server and try to access it using brute-force attacks.

I will shows you 3 things you can do to improve the security of your Raspberry Pi server today if you have SSH enabled. These steps will improve your Raspberry Pi’s security as well as your personal network. We will learn how to change the default SSH port number, install Fail2Ban to ban IP addresses if they attempt to brute-force our user passwords and finally I will show you how to create SSH keys so that only the computer you create a key for will be able to access your Raspberry Pi server.

Objective: To improve security on the Raspberry Pi by changing the SSH Port Number, Installig Fail2Ban and generating SSH keys

Material: You will need the following:

  • Raspberry Pi (Click the link to check out the price on Amazon. Usually around $37 with free shipping)

Continue Reading

How to setup SSH Keys on the Raspberry Pi

About: SSH Keys are a secure way of connecting to a server without needing a password. The way it works is a private and public set of keys are generated and the private key is held on our main computer and the public key is put on the server, in this case it would be our Raspberry Pi. The keys generated are a minimum of 512-bits with 1024-bits being the default. The recommended bits to use for a server are 2048-bits but you can go up to 4096-bits.

SSH Keys allow you to login to your server without a password and the client and server will use these keys to authenticate the client allowing it access. This is safer because it prevents brute-force attacks. You can however add a passphrase to your key, meaning that you would need to have a private key as well as a passphrase to connect to the server. Adding a passphrase would really lock-down our server and make it virtually impossible to connect into without the SSH key and passphrase.

Objective: To generate and setup SSH Keys between a client and Raspberry Pi server

Material: You will need the following:

  • Raspberry Pi (Click the link to check out the price on Amazon. Usually around $37 with free shipping)

Instructions: First we will start off by generating the SSH key on our main computer that we will be using to connect to our Raspberry Pi. I will assume you are using a Linux based computer. Look up how to generate SSH keys on Windows or MAC if that’s what you are using. I am using Linux Mint so this tutorial will show you how to generate SSH keys using Linux. Start off by opening the terminal on your computer.

Continue Reading

How to install Fail2Ban on the Raspberry Pi

About: Fail2Ban is a daemon that scans defined log files and bans IP Addresses that show the malicious signs. It protects your Raspberry Pi from too many password failures or hackers seeking for exploits. It is a must have tool to protect your from intruders to your server or network especially if you allow outside SSH traffic or any traffics from an outside network to your Raspberry Pi. Fail2Ban supports a lot of services (sshd, apache, qmail, proftpd, sasl, asterisk, etc) and can be integrated with your IPTables.

Fail2Ban is very easy to install and setup and will drastically improve security on your Raspberry Pi. Fail2Ban works by monitoring your logs for failures and depending on the settings you setup it will ban or timeout an IP Address for a certain amount of time if it fails to login to your server. It is a great tool and a must have tool to protect your from brute-force attacks.

Objective: To install and setup Fail2Ban to increase security on the Raspberry Pi

Material: You will need the following:

  • Raspberry Pi (Click the link to check out the price on Amazon. Usually around $37 with free shipping)

Instructions: Let’s start off by opening the terminal on your Raspberry Pi or by connecting to it over SSH

Continue Reading

How to change your SSH Port on the Raspberry Pi

About: The latest version of Raspbian disables SSH by default to improve security of the Raspberry Pi. This is a great step of improving internet and network security and I congratulate the Raspberry Pi team for moving forward with this step and making it super easy to enable SSH by simply adding a file called “ssh” into the /boot/ directory.

Enabling SSH allows you to use your Raspberry Pi headless, meaning you can use it without a keyboard and monitor by connecting to it from another computer. The problem still persists that if you have SSH enabled on port 22 hackers can still scan your network looking for an open port 22. They can then attempt to enter your network from the Raspberry Pi and attempt to brute force your username and password.

Changing your SSH port will increase your security assuming a hacker scans your network for default ports only. You will still need to have a secure password and think of using SSH keys to improve security even further. Changing your port number will simply decrease the amount of probe attempts on your port. A non-standard port means that you don’t automatically show up in Shodan or other places that list machines listening on port 22.

Objective: To change our default SSH port number from 22 to another random port number to increase security

Material: You will need the following:

  • Raspberry Pi (Click the link to check out the price on Amazon. Usually around $37 with free shipping)

Instructions: Let’s start off by opening the terminal on your Raspberry Pi or by connecting to it over SSH

Continue Reading

How to Phish Usernames and Passwords from a Rogue Access Point using the Raspberry Pi

About: Setting up a Rogue Access Point on the Raspberry Pi is very easy. Our Access Point will act as a fake network providing free WiFi for our victim. It will have a captive portal which means any website that a user visits will be redirected to our login page where they will need to enter in their credentials to login. You can set the login page up to look like a Facebook or Google login page and name your network “Free Facebook WiFi”. The network I am setting up will not have any internet so everything will be contained on the Raspberry Pi. You can eventually bridge your connection with a 4G network or Ethernet to provide full internet access for users.

The tutorial today will demonstrate how unsafe public WiFi’s are and to never send any personal information over a public WiFi network. We can also setup our Access Point SSID to “attwifi” or “Starbucks”. If you set your access point’s SSID to a popular WiFi SSID then your victims phone will automatically connect to your network if they have been connected to the same SSID before.  The reason for this is that your phone just looks at SSID names and not a MAC Address for a wireless network. This doesn’t apply to phones only, laptops or any WiFi enabled devices will all act the same way.

Objective: To setup a Rogue Access Point and make our network act as a Captive Portal to Phish Passwords

Material: You will need the following:

  • Raspberry Pi (Click the link to check out the price on Amazon. Usually around $36 with free shipping)
  • USB Wireless Adapter (I use the Alpha AWUS036H in this tutorial)

Instructions: Lets start off with a fresh Raspbian install. I installed Rasbian-Lite on my Raspberry Pi since I will be running it headless and will use SSH to connect to my Raspberry Pi.  After you setup your Raspberry Pi lets run the update and upgrade Continue Reading