mac/arpwatcher firestorm preprocessor and PIX tomfoolery

I’m currently working on a preprocessor for the Firestorm NIDS to detect dodgy looking arp activity. So far it keeps track of hardware and protocol addresses in arp packets and alert if things change. It will soon monitor IP traffic too (and IPX/Appletalk etc. I guess) and detect a bunch of other ettercap style trickery.

I’m also working with some Cisco PIX firewalls to make them play nice with FreeS/WAN on Linux. I’ll put some example configs up here at some point. I’m going to take the Cisco VPN exam and be one step closer to a CCSP (I’m really not sure if this is a good or a bad thing career-wise). The original Cisco press VPN book has some serious problems with factual content. The authors seems to have little understanding of the underlying technology. I guess you don’t need to know it to parrot-type the Cisco commands in (or copy and paste them, as I often see) and charge 200 quid an hour, but it would be nice to be a bit professional about things.

My Mozilla/Galeon is broken on Debian unstable. Using gdb I found /usr/lib/mozilla/components/ to be the culprit, so just moved it out the way. I now have Galeon working with no images which suits me fine. In fact, as everything loads so quickly and is far less offensive to the eye, I may keep it this way permanently.

Program received signal SIGSEGV, Segmentation fault.
0x0de9de98 in NSGetModule () from/usr/lib/mozilla/components/

Leave a Reply