CITC 2023 All of this has happened before. All of this will happen again.

This presentation covers the MITRE ATT&CK matrix and it’s application in an Oxford or Cambridge College (or indeed any intuition) to gain increased awareness of exposure to cyber attacks and what can be done about them. Note, it looks like OBS captured the audio from the videos that wasn’t played back to the audience – sorry for talking over them!… Read more

FIDO2 Security Key Sign-In to Windows – Your credentials couldn’t be verified.

When setting up Passwordless security key sign-in Windows and attempting to sign-in to the first machine you have setup (although it could be any machine!) you may encounter the error: Your credentials couldn’t be verified. (code: 0x000006d, 0x0) This error message appears even though you can sign-in with the key to AzureAD and other web services. The cause is likely… Read more

Ruckus Cloudpath – setting an SMTP server does not allow disabling of CAPTCHA

A bit of an odd one here (and has been reported to Ruckus as something that either needs clarifying or fixing) in that if you want to remove the requirement for CAPTCHA when self registering in a ‘out of band’ workflow block you need to configure your own SMTP server. Now that’s all fair however even with the server configured… Read more

CITC 2022 Integrating systems through their APIs

After a few years on hold it’s great to be back at CITC this time in the British Motor Museum. The video presentation covers a short (if speedy) introduction to Node-RED and it’s ability to integrate systems through their APIs. Demo 2 is of note and shows how a user visiting a malicious website can have their internet access revoked… Read more

Aruba Instant – PAN Syslog Parse Profile

A little treat that I hope will help someone at some point, for those with Palo Alto Networks Next Generation Firewalls (NGFW) and Aruba Instant Wi-Fi you can forward syslog messages from the controller to the NGFW and parse them with the profile below to map users to IP addresses. There is plenty of information on syslog to User-ID at… Read more

Palo Alto Networks GlobalProtect and Azure AD – AADSTS700016: Application with identifier was not found in the directory.

When setting up a GlobalProtect Portal/Gateway with AzureAD you may find you receive the error message: AADSTS700016: Application with identifier <Entity ID> was not found in the directory ‘<Directory ID>’. The fix here is easy – the GlobalProtect client injects a :443 at the end of the domain name which isn’t mentioned in the guide from Microsoft (https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/palo-alto-networks-globalprotect-tutorial) but is… Read more

EE (UK) fibre to the home (FTTH) on pfSense

Having recently moved home I have become a part of the privileged few (hopefully not for long) in the UK to have fibre-to-the-home (FTTH sometimes known as fibre-to-the-premises or FTTP). Not wanting to use the EE provided all in one modem/firewall/router/switch/access point I have a setup that uses the pre-installed BT Openreach Nokia modem (ONT) a pfSense firewall/router along with… Read more

ESPHome and the Waveshare E-Paper ESP32 & ESP8266 Driver Board

Having recently setup a Home Assistant server (in getting ready to move home) I’ve been playing with ESPHome as a way to easily integrate my projects into the home. With a view to make life a little easier for the next person I’ve included some sample config below which can be used with the Waveshare E-Paper ESP32 and ESP8266 Driver… Read more

Interacting with the Ruckus Cloudpath API using PowerShell

It’s been a while since posting and I do hope to sort that out but for now another quick mention of some work with Ruckus Cloudpath. Although massively flexible in its design I’ve come into a few niche cases where administrators would like a single DPSK pool (which is bound to a single SSID) but where different users have different… Read more

Ruckus Cloudpath, using custom CSS

Ruckus Cloudpath is quickly turning into one of my favourite add-ons for a wireless network in a residential/University setting. It’s doing this by letting users bring all manner of ‘smart’ devices into an ‘enterprise grade’ network and connect them securely with a personal WPA2 pre shared key. Even better Cloudpath has loads of options for customizing the onboarding portal –… Read more