Successful Muzzleloader Deer Hunt

Pennsylvania's early muzzleloader antlerless deer season was last week. PA was one of the first states to have a muzzleloader-only season but for decades this started the day after Christmas and was flintlock-only. That season is still available and is for antlered or antlerless deer, but the early antlerless-only season is a more recent addition. In the early season, any .44 caliber or larger muzzleloader is legal, so a lot of guys use percussion or inline rifles.

My friend N. owns about 65 acres in Tioga County, which is in north central PA, just south of NY. We went up there last week to catch the tail end of the early antlerless season.

Late Friday, he took a shot at a doe but it was a clean miss. He shot high because the sights on his rifle are difficult to see especially in the wrong light. (He has plans to fix this.)

Saturday morning we got on stand. At 8:05 AM I heard a shot from the direction where he posted up and when I got to him, saw that he'd bagged a button buck. The .440 round ball from his Euroarms Kentuckian Carbine flintlock had passed through both lungs and must have hit a major blood vessel, because the deer bled out almost immediately and collapsed after running 15 feet.

I went and got my truck while N. field dressed it. We loaded it into the back of my Xterra and took it up to the campsite where we skinned and quartered it, and put it on ice. We had that done by lunchtime.

After eating lunch, then relaxing for awhile with a Guiness and a cigar each, we headed back out to a different part of the property at about 3:00 PM (closing time was 6:49 PM). He came with me to help with dressing and dragging out a deer if I got lucky.

At about 5:40 PM I had to stand up and stretch. I noticed a doe grazing in the field in front of us, about 60 or 70 yards out. I sat back down and a second doe appeared. I signaled to N. that we had a couple deer in sight.

Both of the deer were large. There's a cornfield and a couple pear trees across the street from N.'s land so they've been feeding well.

For a few minutes I peered over the burlap blind as the deer slowly worked their way towards us. At one point both were broadside but one was behind the other and I didn't want to risk wounding it if I shot the one closest to me.

Eventually, I had a clear broadside shot presented to me and I stood up to clear the blind, placed my front sight bead behind her shoulder and touched off the shot. The .490 round ball from my Cabela's (Investarm) Hawken caplock hit right where I aimed.

Strangely, the other deer didn't immediately bolt. Rather, it stomped and snorted at us, and even advanced a little towards us before turning and running. If N. hadn't already tagged out that morning he probably could have shot this one.

As we eventually discovered, the ball didn't exit and because it was a high lung shot the blood trail was poor, but we tracked it down in about 15 minutes. We decided not to wait before tracking it because we were running short on daylight. Normally we'd wait 30 minutes to allow the deer to lay down and expire. But all's well that ends well, and we got the second deer of the day up to the campsite, skinned and quartered, and on ice.

Something we noticed on these deer was that they both had large quantities of fat reserves under their skin. I saved a gallon Ziploc bag of fat to be rendered down into deer tallow, which will make good patch lube.

N. has an extra fridge that the deer is now in. He wound up having to bone out all the meat because the legs wouldn't fit in his meat bins. With the bones and fat cut out we have over 80 pounds of meat! I'll be going over to his house next weekend to help process it.

We always try to learn lessons and do better. N. is going to put better sights on his rifle. I'm planning to experiment with heavier powder charges in my rifle to improve the chances of a complete pass through if I shoot another large deer with it. Aside from increasing the powder charger to more than 70 grains, I also have some Hornady Great Plains bullets and may try some Maxi balls.

Made an aluminum field rod for my Cabela's Hawken

I wanted a ramrod that was a bit longer than my Cabela's Hawken's 29" barrel, and one I won't have to worry about breaking in the field. I rummaged around in my shop and found a piece of aluminum rod that was 36" long x 3/8" diameter, the same as the factory wood rod.

I put the rod in the bore and then marked it a few inches about the muzzle then cut it off with a hacksaw. Then I used my lathe to face the ends, then drill and tap each end to accept 10-32 threaded accessories like cleaning jags, worms, and ball screws. Finally, I sanded it with some 220 grit sandpaper so that it's smooth but not too shiny.

The aluminum rod is slightly heavier than the wood rod but not nearly as much as a brass rod would be.

Testing my threading job with a .58 caliber jag that was on my workbench:

With a long .50 caliber jag on the end it sticks out several inches, to give me a decent grip:

And finally, stowed in place under the rifle. I'll keep the jag in my shooting pouch when in the field.

By drilling and tapping both ends I can affix an extension or T-handle to one and a jag or ball puller to the other.

The primary use for this rod will be when hunting. I use a thinner, stainless steel range rod with a muzzle guide when practicing. I might use it if I even shoot on a woods walk.

This is another example of why it's handy to have a small lathe and some drills and taps if you're a shooter.

New Video from the Folk Firearms Collective

My favorite black powder shooting videos on YouTube are from Denny and Alina at the Folk Firearms Collective. After a few years with no new videos, they have a new one up today.

Check it out.

 

Tested the Workmate Shooting Bench Today

I took the Workmate and gun holder insert over to my friend's house today, where we can shoot in his yard.

The rifles are my Steve Krolick Cossack rifle and my friend's Euroarms Kentuckian carbine. This setup could not have worked better. I left it with him since he has more room in his van than I do in my Xterra. Hell bring it with him when we go upstate in a couple weeks.

Black and Decker Workmate 225 Craigslist Score

This morning I picked up this slightly used Black and Decker Workmate 225 that I found on Craigslist, from a seller about 10 minutes away, and it only cost me $15. I just had to clean off some dirt and cobwebs, and then I lubed all the pivots with Pedro's Ice Wax dry film bike chain lube. I used that because once it dries it doesn't leave behind an oily film that will collect dust.

I'm going to make another gun holder insert and take this one up to my friend's off-grid cabin. He's got a vise we can leave up there as well, and we're also going to make a set of sawbucks to use with it.

Compared with the cheap Harbor Freight portable folding workbench that I already had, this is a lot more robust.

This unit is older but Black & Decker still makes it. If you cannot find a used one they are available at home centers or on Amazon.

A Portable Shooting Table for Muzzleloaders

Now that my canoe gun is back in one piece I want to prevent a recurrence of having the gun fall over and breaking something.

I have this portable foldable workbench that I bought years ago from Harbor Freight. The current price is $19.99 but I paid only $5 for it. It's a cheap knock-off of a Black and Decker WorkMate. Inspired by this thread on Bushcraft USA, I threw together an insert that I can use to turn it into a portable loading and cleaning table for my muzzleloaders.

I used scrap lumber I had laying around along with a few drywall screws and some Titebond II wood glue.

The center piece is a length of 1x3 that's been laying under my shed, hence the weathered appearance. The end on the right is made from some 1x4, doubled on the "wings" to help prevent splitting. I know my cuts look like crap. I should have used a saw with a finer blade to prevent splintering.

The notches on the right side and the other end give me plenty of options for holding guns and range rods, and I can put a range box on top.

Got the Lock Back from Cabin Creek Muzzleloading

I am really impressed with Brad Emig at Cabin Creek Muzzleloading. Last Monday, he received the Siler lock that I shipped him and he called me on Wednesday to let me know that it was fixed. The cost was more than I expected but the lock was a real dumpster fire inside, not just due to the tumbler I broke. He also had to replace the sear and bridle.

Brad shipped it back to me last Friday and I received it today. It looks great inside and after remounting to the canoe gun, it has a nice trigger pull.

I really couldn't be happier at this point.

SANS SEC504: Hacker Tools, Techniques, and Incident Handling Course Review

Yesterday I finished up the SANS SEC504 Hacker Tools, Techniques, and Incident Handling training course. This was paid for by my employer as part of an internal cybersecurity training program that I'm in.

I first learned about the SANS Institute shortly after changing careers into IT. However, they've always been too expensive for me to take if I had to pay out of pocket. When I first learned of them a 5 or 6 day class cost around $2500. Nowadays, they are north of $8000 and it's another $949 if you want to take the related certification exam. Way too rich for my blood.

Anyway, the agenda for the course I took was as follows:

• 9/26 - Incident Response
• 9/27 - Recon, Scanning, and Enumeration Attacks
• 9/28 - Password and Access Attacks
• 9/29 - Public-Facing and Drive-By Attacks
• 9/30 - Evasion and Post-Exploitation Attacks
• 10/1 - Capture the Flag event capstone

On Monday class ran from 0830 to 1915 but I tapped out at 1830. By that point we were looking at bonus material related to Linux and PowerShell, both of which I'll go through again in preparation for the certification exam.

Tuesday through Friday class ran from 0900 through about 1730, and the CTF event on Saturday was 0900 to about 1500. Of course, we got breaks in the morning and afternoon, and for lunch.

Although the days were long and by Thursday I was feeling it, they went by quickly.

The session I took was presented live at SANS Baltimore made available for remote students via Zoom and Slack for text chatting. This approach worked extremely well except for an hour or so on Thursday afternoon when the hotel hosting the convention lost its Internet connection, and they had to fail over to a backup connection. Rather than losing any productive time, we just worked on labs.

I've been lucky enough to take a lot of training classes over the years, paid for by my employer. Vendors have included Nortel (yeah, I'm old), Alcatel, Red Hat, and Cisco, among others. I have to say this was probably the best out of all of them.

The instructor, Jon Gorenflow was knowledgeable and engaging. The material was well organized and interesting, and reinforced with a large number of labs.

Labs were done using one or both of two virtual machines. One was Slingshot Linux, which is a hacking-oriented distro based on Ubuntu 18.04. The other was a Windows 10 Enterprise VM for which SANS arranged a four-month product key.

I ran the VMs using VMware Fusion on my work MacBook Pro. You can use Fusion or VMware Workstation to run the VMs. My Mac had plenty of power to run both VMs simultaneously, even after I increased the RAM on the Windows VM to 6GB from the default 4GB.

Note that if you plan to take this or other SANS classes, you need a computer with an Intel CPU. I would not have been able to run the VMs on my personal MacBook Air which has an M1 ARM CPU, even though otherwise it has plenty of horsepower to do so.

If you take a SANS course, do not use a laptop with less than 16 GB of RAM, a 512 GB solid state drive, and an Intel i5 CPU with an i7 being better. (I'm sure an AMD processor would be fine but I can't speak to specs.) If you can get a larger SSD it would be better. The SANS VMs and course materials take up a lot of space.

Your laptop's host OS should be Windows, Linux, or macOS if you have an Intel Mac. You'll need administrative rights on the machine and be able to access the network. If you're taking the class remotely and can connect to Ethernet that's better than WiFi.

My original plan was to run the VMs on my Intel NUC which runs the free version of VMware ESXi 7U3, and access their graphical desktops via NoMachine and Remote Desktop Protocol. However, I ran into a problem with the Windows VM. Because they were built on VMware Workstation they wouldn't boot without first converting their virtual disks into ESXi format*. That's not a problem with Linux but on Windows it breaks Windows activation because it sees that the hardware changed. I probably could have run the Windows VM with the OS not activated but I did not want to chance having problems during the class, so I just ran them on my laptop.

However, I learned in the class that running the VMs on a headless ESXi box would not have been optimal anyway. The VMs are configured to use a private network for most of the class, so that they cannot access or be accessed from other hosts on your LAN. This is done because they are in deliberately insecure configurations, especially the Windows VM.

Saturday's capture the flag event was a lot of fun and helped tie everything together. We broke up the class into teams of four people and accessed the CTF environment through a VPN from the Slingshot Linux VM, which was reconfigured to access the network for Internet access.

After the CTF event completed the instructor did a walkthrough, taking a bit of a different approach to hacking into the systems than the CTF instructions presented.

Two of the tools we learned about during the course that I plan to do deeper dives into were Metasploit and netcat. I've used the latter just a little but have only scratched the surface.

As you'd expect, we used nmap quite a bit. This is another tool I use regularly whether to do ping sweeps or for port scanning.

Another tool which we got exposure to is an old school UNIX/Linux utility: awk. We used it a few times in the class to extract useful fields such as email addresses and user names from text files and .csv files. I decided it would be good for me to get a copy of O'Reilly's sed & awk Pocket Reference.

As a long time Linux user, I'm familiar programs that can display the contents of a text file, such as less, more, and cat. The instructor showed us a way to use cat that I've never seen before.

Here's a demonstation done on my MacBook Air, which includes cat as a command line utility (macOS is UNIX under the hood). First, I'll create an empty file using touch, then add text to it using cat and a shell redirect:

Davids-Air:Documents dave$ touch foo.txt

Davids-Air:Documents dave$ cat > foo.txt

Hello

Hello

Hello

^C

Davids-Air:Documents dave$ 

Davids-Air:Documents dave$ 

Davids-Air:Documents dave$ cat foo.txt

Hello

Hello

Hello

Note how by issuing the cat command and immediately using the redirect ( > ), it presents you with a way to input text until you hit CTRL-C. I then used cat to show the contents of foo.txt on STDOUT.

Neat!

Another tool we learned about was RITA from Active Countermeasures for analyzing network traffic logs collected by Zeek. When used properly, this combination should help you spot network traffic indicating naughty behavior.

I've experimented with Zeek a bit and it's a part of Security Onion, which I've used on the job. To learn more about RITA I built a Debian 11 VM** on my Nuc running both of them. I may get this running on the networks I help to support.

To continue my learning I grabbed a copy of Metasploitable, another deliberately vulnerable Linux VM. As with the class VMs, it was built on VMware Workstation so you'll need to convert the disk to ESXi format if you want to run it on that platform.

For the past few years cybersecurity has been an increasingly important part of my job. It's also a rapidly growing field. I'm looking forward to immediately putting to use much of the info I learned SEC504.

* For this you need to ssh into your ESXi host and use vmkfstools to clone the disk. An overview of how to do so can be found here: https://thunderysteak.github.io/workstation-vmdk-2-esxi

** Most of the VMs I've built in the current iteration of my home lab have been based on Debian Linux 11. I find it easy to create a stripped-down VM and the dependency resolution is excellent. Ubuntu Linux is based on Debian but for my use it doesn't really add much value, so I go right to the source, so to speak.