Little bit of history
Apart from operating .CZ top level domain, CZ.NIC does a lot of other interesting things contributing to the common good. Part of it is running Czech national CSIRT team, doing security research and raising awareness about potential security issues. As part of our security research, we started wondering a long time ago how much are the average Joes and Janes attacked, by who and how. People that are just connected to the internet, run no public service and are just consumers. If only there was some kind of probe that would allow us to see what is going on there…
One of the most comprehensive open source intrusion detection systems Suricata held its annual conference in Prague. And because CZ.NIC intensively uses Suricata in its Turris routers to protect users, we have become a proud partner of the event. There, we shared our experience with other Suricata users and showed the technological solution of the Turris Omnia router, where Suricata can be operated with ease.
A golden opportunity: the bank we’re about to rob is moving to new premises today. To our luck, they’re also testing alarms until 4 PM, so it won’t be suspicious if we accidentally set one off. There is an open window on the first floor protected by a single sensor. Our inside man among the staff has placed an IP camera into the sensor cabinet, so we can see if the sensor we are trying to break has the ‘status OK’ or the alarm is screaming. The IP camera is streaming to YouTube — alas with a delay. The problem is that the sensor communicates via radio waves: every 15 to 30 seconds the diode beeps and the device sends a signal. We’re listening, trying to imitate it, and when we’re sure, we’re gonna shut down the sensor and turn on our little imitation that we built. What is left is just to arrange the tin foil between the antennas, like this… the sensor alarm’s blaring! We are holding our ears and will try again in half a minute.