Friday, 17 April 2015

DNS Stress testing with hping3

1. Compile our program to generate the DNS payload (sipher@utensil)(~/dnsstress)$ gcc gr2.c -o gr2 2. Generate DNS payload (sipher@utensil)(~/dnsstress)$ ./gr2 (sipher@utensil)(~/dnsstress)$ hexdump -C dns.txt 00000000 24 1a 01 00 00 01 00 00 00 00 00 00 06 67 6f 6f |$| 00000010 67 6c 65 03 63 6f 6d 00 00 01 00 01 || 0000001c 3. Get the size of the request (Important for passing to hping3 -d paramater) (sipher@utensil)(~/dnsstress)$ ls -lah |grep dns.txt -rw-rw-r-- 1 striemer striemer 28 Apr 17 10:30 dns.txt (sipher@utensil)(~/dnsstress)$ 4. Fire!! use --flood if you're brave. Use --rand-source to test state tables. (sipher@utensil)(~/dnsstress)$ sudo hping3 localhost --udp -V -p 53 --file /home/sipher/dnsstress/dns.txt -d 28 --fast Alternate way to deliver the packets... NOTE: Won't be as fast since it's not using raw sockets and it's waiting for reply. (sipher@utensil)(~/dnsstress)$ nc -u localhost 53 < dns.txt

Friday, 2 January 2015

DNS Cache busting

DNS Cache busting is a very simple attack against a caching DNS server. All you need is a domain which is confiured to answer for a wild card (Example: *, etc.).
This attack is being used in the wild.

UPDATE: ISC has since introduced some features to bind to mitigate this attack.

fetches-per-zone The maximum number of simultaneous iterative queries to any one domain that the server will permit before blocking new queries for data in or beneath that zone. This value should reflect how many fetches would normally be sent to any one zone in the time it would take to resolve them. It should be smaller than recursive-clients. When many clients simultaneously query for the same name and type, the clients will all be attached to the same fetch, up to the max-clients-per-query limit, and only one iterative query will be sent. However, when clients are simultaneously querying for different names or types, multiple queries will be sent and max-clients-per-query is not effective as a limit.

Apple Pay...Just another way to use a credit card

Is Apple pay really that revolutionary? What does this mean for the world of crypto-currency?
My opinion is that Apple Pay doesn't address any of the features delivered by Bitcoin (and similar altcoins). For example, the decentralized ledger which automates accounting or the ability to transfer funds anywhere in the world with limited infrastructure. The list goes on. Apply Pay just another way to use a credit card in a brick and motar market.

Wednesday, 31 December 2014

iptables log traffic to port

Here is a rule to log traffic to SSH.
iptables -A INPUT -p tcp --dport 22 -j LOG

Tuesday, 30 December 2014

Crypto shake up

XRP, Stellar, Paycoin, Counterparty? WTF is going on in the crypto world? Is bitcoin in trouble?

Saturday, 15 November 2014

Justice for mintpal

What a debacle this has been...again. This is what gives crypto a bad name.