Evilcoder.org

It’s that time again, I released an alpha version for check_honeynet v2.0 (v2.0.a2 to be exact); which adds some minor new stuff to the setup. Next thing is to extend the minor new stuff (statistics, we dont warn everytime anymore, and stuff like that) and rewrite the entire codebase so that it’s even easier to use and read (hopefully); with as less packages (Externally) as possible (one should not have to install the entire perl-cpan repository to be able to use the script

Check it out in the downloads section!

written by Remko

During BSDCan I took the liberty to see what BSDA is all about. It’s a real good certification in my eyes to get you up and running with the BSD’s, not very difficult (or at least not for me), but attractive enough for people that need papers to show and to have a goal for studying. All the basics are in there and a couple of more advanced questions as well (security related for example).

I got mine with 83%, goodluck for others that are also persuing this

written by Remko

Today is almost coming to an end wrt talks and stuff like that, which will finish the second day of BSDCan (the official days), which started three days ago for Ed (mr TTY), Denise (my gf) and myself. We flew in through Heathrow towards Ottawa (very nice plane btw) and arrived in the middle of the day in Canada.

We went to the Royal Oak after settling down, we saw a couple of fellow BSDCan visitors in the plane already (like Poul-Henning said: 5 1/2 BSDCan visitors ;-)) and plenty of space to move around (not entirely full the plane, so we had not only three seats, but also used three other seats to talk etc).

In the Royal oak we had dinner, and talked a bit with a few developers, and headed to bed “early” (21.30 .ca time, which equals 03.30 .nl time); and we woke up between 0400 and 0600 am (first me, then Ed, and then Denise).

First day: Nice talks, BoF’s and good networking with all people. Ed did his TTY Presentation, which was received very well! People were excited and they discussed a few items with Ed, like Poul-Henning, Robert, Marcel (Moolenaar), Philip, and a few others :-). We again went to bed not that late, we were broken again!

Second day: Ed woke up too early again ;-), and we visited some nice talks again and again a couple of BoF’s, we skipped the Vimage part, because it was way over my head

Now heading for dinner (indian food if I saw correctly) and a few more days here.

More updates to follow..

written by Remko

So, I just returned from Tunesia with Denise and we both will be flying out to Canada within 2 days to visit BSDCan. We will be joining Ed Schouten (mpsafetty, facilitated by Snow BV) and Poul-Henning Kamp and Robert Watson in the plane towards Canada. Denise, Ed and myself will be flying under the Snow BV waiver, to show a bit of presence there

Ed will also be doing a talk, and I am sure that will go just fine.

BSDCan updates to follow when possible

written by Remko

For FreeBSD I am busy creating a CUPS article, written by Chess Griffin and being moved to article format by me. I did some minor rewording already; and a preview can be found here:
/cups/index.html. Apart from that I am also updating the documentation set to read more information about our CSup application and demote CVSup as client side CVS client a bit (it will still be used, and it’s -the- tool to offer CVSup facilities, since csup is not yet capable of doing that, though clientside can and should be taken over if you do not need to mirror the entire cvs tree for others). I’ll hope to finish that as soon as possible! (Yes Martin I know that you are waiting for it ;-))

written by Remko

So, one of my little personal posts that will popup every now and then. I have a new look, and a new car :-), and a brandnew laptop! I am very happy with the three of them, if you are interested in knowing more about this, contact me and I could probably share a few details here and there :-).

written by Remko

Well well, All my services are migrated from the We-Dare colocated facilities to Germany, where I obtained a couple of accounts through hetzner.de, delivering me faster machines, more bandwidth, better agreements etc, for more or less the same price. I found myself a fool if I wasn’t going to persue this. So my personal colocated services and JR-Hosting colocated services moved over to Germany now, residing on dual core machines with a bit more ram then before, a lot more diskspace, and better bandwidth agreements.

Everything had been moved over now; so if you spot something interesting, please let me know so that I can fix it.

Sadly this will also call the end of the days for a couple of websites run by friends of mine, whom didn’t want to move over to Germany, so they will be resting in peace soon (since the contracts will be terminated at We-Dare), they are www.grunn.org, and www.elarial.com , with all attached subdomains with them. I think the three of us learned a lot with those mentioned websites, and I would like to thank HuMPie and Kees (Elarial founder) for their continues support and trust in me maintaining our shared colocated machine. I’ll post updates about the new machines soon (in the my machines list) and mark the soon to be dismantled onces as *A(rchived).

written by Remko

On a work related note: I obtained my CCSA exam today. I passed with 81% out of the required 70%, so this is a nice start of the weekend!

written by Remko

So, Saturday and today I spend a bit of time updating my honeynet check mirror application, which retrieves information from various mirrors to do an educated guess on when the mirrors did a last sync (all in perspective ofcourse because it doesn’t tell the actual status, but at least it’s a guide, and if properly done, we can see what happends).

That ofcourse doesn’t mean the tool is honeynet only, you can easily change it for your own needs to enlist several own mirrors etc. It’s just that I named it for the honeynet project: check_honeynet, one could argue to name it “evil-mirror-validator” or something (evil- are prefixes of most of my projects).

Anyway: back to the discussion: v1.7 has a new way of parsing configuration records which is rather straight forward. I will be implementing the same for 2.0 (which is actually just a continued development on top of 1.7). This makes use of the Config::Simple module, which enables me to write it all ini-style based (it was already like that, but then resolved more ugly then it is now).

If you browse to the downloads section, you will find it there, with a published web-frontend and so on. If you have any comments please let me know. From what I saw from my local tests this just works fine.

For 2.0 I will be issueing a seperated statistics file, which I will write ini based (from the application) to gather statistics about [ok] [bad] [banned] hosts. This way we can more selectively send messages to the bogus mirror, and even ban them (which could result in an automated removal from the main site for example) if they trigger the (adjustable) thresholds.

written by Remko \\ tags: download, Honeynet, honeynet.pl, Mirror checker, Mirror., Perl

Hello,

It was a time ago already that I posted some updates to the site, I had been very busy with work and things around that, so E_NOTIME to bring in updates. Because I dont see that change anytime soon, I’ll stick with some Technical Contributions to the internet. I am playing a lot with Checkpoint at the moment, and I would like to document some trivial things, as well as some other things that are not as trivial as they seem. I know that others can use the information (hence even Elsevier contacted me recently to help write a book about Checkpoint NGX) so lets try to share and document it properly.

In the menubar you can see that I moved a lot of technical items to the “Technical” menu, I’ll place nice information there. I will probably bring in a seperated category for Checkpoint under the FAQ as well so that it’s even easier to spot.

I am also writing up more for FreeBSD in the near future (if time permits) and I am pondering in documenting a few PoC’s that I did recently.

So expect information back on the board soon, but not regarding my private life anymore, I just dont have enough time to do so.

written by Remko