I’m a big fan of pyenv, a slick way to manage Python on UNIX or Linux systems. It can be installed on MacOS systems, but it’s not quite as straight-forward.
brew install readline xz
homebrew install pyenv
CFLAGS="-I$(xcrun --show-sdk-path)/usr/include" pyenv install -v 3.7.1
pip install --upgrade pip
In step #2, substitute
3.7.1 for whatever version of Python you wish to install with
You’ll need tzsp2pcap, git, and some development libraries.
Configure on Mikrotik Router
Configure on Security Onion
sudo ufw allow 37008
sudo apt install git build-essential libpcap0.8-dev
git clone h[tt]ps://github.com/thefloweringash/tzsp2pcap.git
sudo cp tzsp2pcap /usr/local/bin
sudo tzsp2pcap -vv -f | sudo tcpreplay --topspeed -i <capture interface> -
You will now be capturing traffic from your selected Mikrotik interfaces and dumping it to your Security Onion capture interface.
An excellent use case for this is monitoring your wireless network (if using a combination wireless and wired router) or other interfaces such as PPoE or VPN tunnels that might not otherwise be tapped without additional hardware.
Note that this can have severe impact to the performance of your Mikrotik device. The more interfaces you choose to sniff, the more processing overhead when those interfaces become loaded with traffic. As an example, a Mikrotik RB2011 loaded with 50Mbit of ethernet traffic from a total of three sniffed interfaces maxed the CPU (“overlocked” to 750MHz) at 100% and started severly impacting other services running on the device.
I had been struggling with Index Pattern issues after updating Security Onion. After logging into Kibana you are greeted with the following:
In order to visualize and explore data in Kibana, you'll need to create an index pattern to retrieve data from ElasticSearch.
I was also experiencing ElasticSearch stability issues; it often had a status (
sudo so-status) of FAILED when trying to troubleshoot the indexing issues.
What I ended up doing is resetting Elastic, and reconfiguring the dashboards.
*:logstash-*as the default index.
Note this is the nuclear option, but it does get the job done.
Enter the CAR816A2. I’ll skip the history lesson, instead watch an informative Youtube video by Small Arms Solutions to get educated.
Opening the box you receive a number of items in addition to the rifle itself:
The OTIS cleaning kit is nice. It includes everything you need to maintain the rifle from a cleaning and lubrication perspective in a nice portable package.
The sling is less impressive but functional. This sling has QD sling attachments, both of which are noticeably thinner than Daniel Defense or Magpul equivalents. The strap material is acceptable.
Upon inspection of the rifle it was immediately obvious it is well made. The rifle was well oiled from the factory, including grease on the safety selector, buffer tube, and buffer spring. For comparison, the fit-and-finish rivalled a factory-new Daniel Defense M4V5.
The bolt carrier and inside of the upper was wiped down and lubricated with LSA (Lubricating Oil, Semi-Fluid) prior to taking to the range.
175 rounds were put through the rifle; a mix of steel 62gr Wolf .223 and brass Federal .223 55gr. Weather was intermittent rain and cold (approximately 36F), with no wind.
Initially there were several failure-to-feeds with the Wolf .223. After firing a round, the bolt would completely slide over the next round without extracting it from the magazine. Recharging the rifle would fix it until the next failure-to-feed.
The gas setting was changed to adverse which fixed the issue for 20 rounds, afterwhich the problem returned. I was handed a spare Magpul PMAG M3 magazine which proved reliable for the remainder of the shooting session, even when changing the gas setting back to standard.
The brass Federal ammunication did not cause a problem during the shooting session, even when used with the Lancer magazine.
Interestingly the rifle did not require sighting in. The iron sights were on the money out-of-the-box and hits to a 12” target at 110 yards were immediately possible. Nice.
Recoil was slightly more than a carbine-length direct impingment gun, nothing that would cause you to change the way you shoot.
Obviously 175 rounds isn’t enough rounds to make any reasonable determination of reliability, but I doubt I’ll be reaching the round counts needed to pass NATO testing anytime soon. Between that and the combined pedigree of the designers, I’m confident in the rifle.
Something that I would like to see from Caracal is an extended handguard option. The included handguard works, but it is short. The current length is perfect for the 11” upper, but we’re missing out on several inches of real-estate with a 16” barrel. Food for thought.
I’ve been using OnlyKey for nearly two years, starting with the “first” generation model (no RGB led, shown in photo) and currently with two “second” generation models (RGB led).
Both models have been used heavily on a daily basis. One model by a non-technical user configured as a simple gate to LastPass.
Instead of remembering a password or passphrase, you just need a pin code or remember a pattern. This allows you to extend the idea of password managers to a physical key, which can further increase the security of your password manager.
Works as a USB keyboard. I like this feature as it lets me enter passwords quickly in situations that would otherwise require a work-around (nested RDP sessions as an example).
Multiple two-factor options supported. I use OTP and U2F daily without issue.
Durability. One of the concerns I had is the pads tarnishing. This would indicate which pads were used in a pin sequence, greatly reducing the amount of guesses needed for brute-forcing a pin. Fortunately this has not proved to be a problem even after hundreds or thousands of button presses over the past few years. The backside of the hardware key is wearing to show some copper underneath the resin board, however this hasn’t caused any problems.
Support. The developer has been continually improving the device and software since I’ve been using it. Software development is slow, but this has been put together by a very small team and I’m betting this isn’t their full-time job.
Speaking of brute-forcing a pin; one of the downsides to the device–that I’m not sure can be overcome without non-volatile memory on the device–is that the lockout feature/protection is useless. You can reset the tries indefinitely by removing the device from the USB slot and re-inserting, which effectively resets the amount of tries. Time consuming, but a weakness nevertheless.
Configuration is difficult, especially for non-technical users. This has gotten better as the software (Chrome App) is improved. Recent changes include firmware updates from the application instead of requiring command-line knowledge.
Configuration more or less requires Google Chrome. This might dissuade some users who are dead set on using other browsers such as Firefox.
OTP functionality requires the OnlyKey Chrome App be on with some exceptions (such as once it’s set, you don’t have to do it again as long as the hardware remains plugged into a powered-on system). Until the hardware includes an on-board clock with memory this will always be a requirement.
I highly recommend these devices for technical users. I’d get two and keep a backup within short driving distance if using for work-related or otherwise critical duties.
I’d recommend these for non-technical users in conjunction with a password manager such as Lastpass. Once you have them setup with a pin and they understand the simple repeatable workflow, they should be set.
This has come in handy for situations where I’ve been unable to install software, but could execute portable software.
You now have a portable Python interpreter for Windows.
Assuming you are in the root directory you extracted Python to:
.\Scripts\pip install <package>