7 April 2020

Home VPN with a Raspberry Pi

VPN actually stands for virtual private network. What that means is that when you connect to a VPN, you are essentially creating a secure encrypted tunnel from your device to the network on the other side. A VPN prevents “snooping eyes” from seeing the actual network traffic that crosses the wire, meaning that you only you and the other end know what you are doing. That traffic will be visible from the other end as it comes out there, but that is a network you “trust”, and that traffice is protected as it traverses across the Internet.

You’ve probably heard of VPN services before or you might already use one. They are common for work places to use, to connect back to your office. As well commercial VPN services for individuals looking to bypass geo-location filters when they are overseas to make it appear that you are in the U.S., or users as an attempt to anonymize their internet traffic. Those are all great examples of VPNs. But those are not what I am going to cover….

So what about if you want to access resources you have at home while you are away? (i.e. – printers, file storage or file backups, remote support of a non-tech-savvy family member)

Or what if you want to use the Pi-Hole adblocker you set up at home while your at school/work/traveling?

This is the type of “home VPN” that I am talking about. This “home VPN” will keep your browsing secure while you are hopping onto free WiFi hotspots all across town, but it will not anonymize your traffic at all. All of your traffic is [securely] going to go thru your VPN and it will be as if you are surfing the Internet from home. So don’t think that just because you setup a VPN on your Raspberry Pi at home that you can blindly surf the Internet and download illegal torrents without consequence, because you’d be wrong. You will however, be able to connect back home and retrieve those files you forgot to put on your thumb drive before walking out the door.

The magic that will make it happen is called PiVPN. It’s a small piece of software that can be installed on a Raspberry Pi with a single line of code, and can be configured, ready-to-go, in less time than it take to watch a sitcom episode on Netflix.

Follow the articles below to get setup.


5 October 2019

Getting your Comptia Security+ Certification

A few months back I was encouraged by a friend to get my Comptia Security+ Certification. After about 4-6 weeks of studying, I took the exam and passed with a score comfortably exceeding what Comptia considers to be its’ passing score. Woohoo!

The current iteration of the Security+ exam is call the “SY0-501” exam, and contains a maximum of 90 questions of both multiple choice and performance based questions. To pass, Comptia requires you score at least a 750, on a scale of 100-900, Which is harder then it might sound. It really is a pretty big exam, both in terms of subject matter and the sheer scope of security topics that it covers. Many people find it to be daunting and a bit intimidating – and rightly so. Comptia is also a little secretive about it’s grading policy and how it scores each question, meaning some questions might be worth more than others.

To give you an idea of what all it covers, here are just its’ overarching domains, straight out of their “Exam Objectives“:

  • Threats, Attacks and Vulnerabilities
  • Technologies and Tools
  • Architecture and Design
  • Identity and Access Management
  • Risk Management; Cryptography and PKI

That means that there is a lot of stuff that can be covered under all those topics. It’s literally all things security, and well, that is naturally a lot of stuff. I was lucky in that I have worked with many of the various aspects that the exam covers, in one form or another. I was able to draw upon that knowledge, and I know it helped me greatly. For me, using my personal knowledge and reviewing the video series I mention below was enough to enable me to pass.

The good news though is that it is not an impossible exam, even for those that don’t have any pre-existing knowledge of the subject matter. Comptia literally gives us the “Exam Objectives” in a pretty clear and concise document. Everything someone needs to know to pass, is listed right there in that document. I’m not saying it’s going to necessarily be easy… Just that they aren’t hiding what they are going to be asking you questions about. Use that as a guide. Review it and make sure you can describe what each item is and how it might be used or applied. Those objectives should be the very last thing you are reviewing before you walk into your exam.

They aren’t going to quiz you so much on vocabulary and definitions, thought it does help to know those. Their questions are going to be more along the lines of which would be the better choice in this scenario, using ‘A’ or ‘B’ or ‘C’, type of questions. One of great things about the Comptia exam is that they allow you to flag, skip over, and later revisit any question on the exam. My personal exam taking suggestion is to do all of the multiple first, then go back and do the performance ones. My reason for that is time management. It’s easy to get caught up in those performance questions and end up not having enough time to finish all the other questions. So power thru all of the multiple choice questions, then do the performance questions, then circle back and revisit and multiple choice questions you flagged and were unsure about.

In my opinion, one of the best (if not the best) resources I was able to find in my studies was, Professor Messer. He has a complete YouTube series that walks though the exam objectives, covering every bit of it. He gives lots of examples of how/where you might encounter those subjects or topics in the real world. I find having a real world example helpful. He also has some other resources like a monthly study group where he spends time going a little deeper into a study question, then follows it up with a “open line” where he takes questions about anything live on the air and answers them.

The most amazing part is that his video content and study groups are FREE! He does offer a more in-depth study guide book and notes for sale on his website, which if your particular learning style requires a book to read from, you will probably find it beneficial. You can cruise right to his YouTube channel and watch all his videos on the exam and his monthly study. And if you buy his book, you can follow right along with notes. Here is a link to Professor Messer’s YouTube Channel about the Security+ as well as his website. If you’re going to go for your Sec+ exam… Definitely check him out.

Category: Comptia | LEAVE A COMMENT