What did I learn?
It is time to dig deeper.
The Raspberry Pi really is just too small for me to do all the compilations necessary to build a Linux distro from scratch in just a weekend. I thought the time constraints would all be on my learning. But, no, I needed a faster machine or more time to make the project successful.
Live and Learn
I have been using cp to copy files for so long I no longer think about what it is doing. But I / we can't use cp to overwrite a hard drive with a disk image. This is because the cp tool has to work within a filesystem. For disk image creation I used dd, which allowed me to overwrite the partition tables and filesystem with a disk image.
This means you can use dd to create disk images.
It turns out that most setups only allow for four standard partitions. I have no idea why. But if you want more than that, you use the "extended partition", which you can then carve up to your heart's content.
So the extended partition serves a purpose, because of the four-partition limit.
Here is a nice AskUbuntu question about it.
I never really understood why we have so many different bash/etc profiles. This StackOverflow answer had the best summary I could find:
/bin/bash
The bash executable
/etc/profile
The systemwide initialization file, executed for login shells
~/.bash_profile
The personal initialization file, executed for login shells
~/.bashrc
The individual per-interactive-shell startup file
~/.bash_logout
The individual login shell cleanup file, executed when a login shell exits
~/.inputrc
Individual readline initialization file
Early on in the planning stages of this hack-a-thon I thought I would do something more InfoSec-related. That was abandoned, but I did a lot of reading first. Most of that I won't summarize here.
It would be cool to contribute to an open source InfoSec or Pen Testing project.
GitHub keeps a list of popular security projects here.
These projects are in languages I know well and might otherwise be a good place for me to start looking:
- Metasploit Framework - pen testing
- MozDef - Mozilla Defense Platform
- GRR - Google Rapid Response forensics and investigation
- Cuckoo - sandbox for malware analysis
I finally sorted all of these out in my head.
- InfoSec - A very general term for keeping all kinds of information secure.
- NetSec - Usually more concerned with Firewalls, VPNs, IDPs, and router-level penetrations.
- AppSec - Related more to software design and practices.
- ITSec - Inside the system: host-based security, domain controllers / auth servers, access controls systems.
- OpSec - The physical end of security, including social engineering defense.