You are currently viewing Catching Up: pt 2

Catching Up: pt 2

See, I told you I am terrible at writing these things consistently,  I am just now edging out some time to sit down and work on this second post that was promised over 2 weeks ago. Something always seems to come up, and like I said in the previous post; most days I don’t even look at my laptop after I get home from work.

The point of this blog post is to discuss a conference presentation that I gave at the beginning of the month at a local security/hacker conference that takes place every year in Charleston, WV; SecureWV/Hack3rCon. This was my 3rd year attending and every year that I go I end up learning something new. The first year I attended I learned how to solder, and that is something I have done and will continue to do each year that I attend even though I am not that great at it, it is very interesting and each time I do it, I get better and better at it.

However, this year was much different than the previous two years because this year I gave my first ever conference presentation. Back in the Spring I noticed they had posted a Call For Papers (CFP) and were looking for speakers, I was curious so I submitted a proposal on a Python script that I had wrote that would scan and monitor my home LAN (network) whenever I was not home. Long story short, I wrote this script a while back when I noticed some odd behavior on my network. All connections would randomly drop while we were watching Netflix or while using the internet in general, I immediately had my suspicions and that is what led me to write the code for it.

In a nutshell, the program runs two different types of scans against the router and checks whether or not an unknown device has connected to my network. The scans are done using nmap & arp, the output from both tells me two different things. The nmap scan output shows what devices are currently connected to the network, and the arp scan output shows what devices have been recently connected and which ones are currently connected. After the scans are completed, I iterate and parse the results from both, check the MAC addresses against a predefined dictionary of MAC addresses for currently known devices that I know SHOULD be connected to the network. If any of the MAC addresses that are parsed from the scans output are not listed within that predefined dictionary, the unknown MACs are stored in a list and once there are no more MACs to check, the unknowns are spit out into a string, and that string is sent to me in an SMS message. Technically, it’s an email, I set up the script to use my Gmail account to send the SMS message.

If you would like to checkout the code for the script. Just please look up the “email/SMS” address for your carrier and use that, and change out the bit where it has my phone number. I gave the code to someone shortly after the conference and they didn’t take my number out and replace it with theirs and I was getting with their scan results (lol). For those of you who have been asking for the code, and have been waiting for me to send it or to post this blog with it included. Sorry for the wait!

What has surprised me the most is all of the positive feedback I have gotten from people who were there or who have watched my presentation online. Personally, I thought my talk was fairly mediocre and too short (I was allocated an hour long slot, and only used 20 or so minutes), I was extremely nervous and forgot to talk about half of what I wanted to discuss. So thank you to everyone who sent me an email, Twitter, or LinkedIn message telling me you enjoyed it, it really means a lot and has eased my anxiety about the whole thing quite a bit. I even had a coworker tell me for it being my first time giving a conference talk that I did very well.

Leave a Reply