jelu

jelu

jelu

; Taken from https://github.com/dnstap/dnstap.pb
; Changes:
; - rename Message.Type to message-type/MessageType since it collides with Dnstap.Type

Dnstap = {
    ; DNS server identity.
    ; If enabled, this is the identity string of the DNS server which generated
    ; this message. Typically this would be the same string as returned by an
    ; "NSID" (RFC 5001) query.
    ? identity => bstr,

jelu

[sendrecv]
timeout = 5
jobs = 16
time_delay_min = 0
time_delay_max = 0
max_timeouts = 10

[servers]
names = pcap, google

jelu

package main

import (
    "log"
    "github.com/DNS-OARC/ripeatlas"
    "github.com/DNS-OARC/ripeatlas/measurement/dns"
)

func print(r *dns.Result) {
    if r != nil {

jelu

cd ~/pbuilder
mkdir -p local/jessie local/sid local/wheezy hooks
cat >hooks/D05local <<EOF
#!/bin/sh -e
if [ -f "/home/$USER/pbuilder/local/\$DIST/Packages" ]; then
  echo "deb [trusted=yes] file:///home/$USER/pbuilder/local/\$DIST ./" | tee /etc/apt/sources.list.d/local.list
  apt-get update -o Dir::Etc::sourcelist="sources.list.d/local.list" -o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0"
fi
EOF

jelu

pgrep -u `id -u` gpg-agent >/dev/null || gpg-agent --daemon --enable-ssh-support --write-env-file "${HOME}/.gpg-agent-info"

if [ -f "${HOME}/.gpg-agent-info" ]; then
  . "${HOME}/.gpg-agent-info"
  export GPG_AGENT_INFO
  export SSH_AUTH_SOCK
fi

GPG_TTY=$(tty)

jelu

sudo vi /etc/apparmor.d/lxc/lxc-default
  mount options=(ro, rw, bind),
sudo service apparmor reload

lxc-create -t download -n ubuntu-lucid-amd64 -- -d ubuntu -r lucid -a amd64
lxc-create -t download -n ubuntu-precise-amd64 -- -d ubuntu -r precise -a amd64
lxc-create -t download -n ubuntu-trusty-amd64 -- -d ubuntu -r trusty -a amd64
lxc-create -t download -n centos-6-amd64 -- -d centos -r 6 -a amd64
lxc-create -t download -n debian-wheezy-amd64 -- -d debian -r wheezy -a amd64

jelu

Here is a code snippet that will check your installed certificates on Ubuntu (or other GNU/Linux) against the list on GitHub [1] specified by the article "Apple and Microsoft trust Chinese government to protect your communication" [2].

Use sudo dpkg-reconfigure ca-certificates or equal tools to remove them.

t=`tempfile` && \
wget -O - 'https://raw.githubusercontent.com/chengr28/AntiChinaCerts/master/README.md' 2>/dev/null \
  | grep 'SHA-1' | sed 's%.* %%' > "$t" && \
for crt in `find /usr/share/ca-certificates /etc/ssl/certs -type f`; do \
 sha=`openssl x509 -in "$crt" -fingerprint | head -n 1 |sed 's%.*=%%'|sed 's%:%%g'`; \

jelu

SEC-T 2014

Summary

As last year, this year the conference was a lot about LangSec and that you have to think about your software as something that parses and executes "code" (the input). The less you test your handling of the input the more vulnerable you are. Also as we get more and more devices, the Internet of Things, that are connected which means we have more and more vulnerabilities at home. Most devices today come without any authentication at all, because they need to be simple, and that allows for more and more drive-by attacking to succeed and in a lot of cases permanently infect the devices with malicious code.

My top 3 talks in random order are:

• Andreas Lindh on Attacking Mobile Broadband Modems Like A Criminal
• Hugo Teso on Going deeper on aviation security
• Travis Goodspeed on A neighborly surprise talk