ODROID boards are perfect for building custom Linux based firewall solutions. A friend of mine recently asked me for instructions on how to do that. So here they are.
There are many articles on the internet on how to generate a TLS certficate with the Subject Alternative Name (SAN) extension, but most of them won't work anymore. So here is another one, which hopefully works.
Cheap bluetooth adapters often share the same bluetooth address (BD_ADDR). That is especially a problem if you want to use both at the same time with the same device. Fortunately one can change the address of a bluetooth adapter with the
bdaddr command (delivered with recent versions of bluez-utils). This is a quick howto for recent versions of bluez.
One way of verifying that a CD/DVD matches an ISO image is to calculate a hash sum (e.g. SHA-256) of both the CD/DVD and the ISO image and compare them afterwards.
For the ISO image this could look like that...
$ sha256sum original.iso
...and for the optical drive:
$ sha256sum /dev/cdrom
Though you might get matching hash sums in many cases you won't. This post is about why that happens and how you can compare them the right way.
USB is not secure. The way a USB device looks, doesn't necessarily indicate its real functionality. A device which looks like a USB flash drive could act as a keyboard once it is plugged into a machine and inject arbitrary key strokes (thus possibly allowing arbitrary malicious stuff). With BadUSB or devices like the USB rubber ducky such attacks are even more easy to achieve and available to the masses.
This post is about how you can use the Linux kernel's USB authorization support to lockdown USB and check a USB device before you allow the kernel to load the driver.