I built some Ximian Evolution debs for powerpc. The details are on my Debian page
mac/arpwatcher firestorm preprocessor and PIX tomfoolery
I’m currently working on a preprocessor for the Firestorm NIDS to detect dodgy looking arp activity. So far it keeps track of hardware and protocol addresses in arp packets and alert if things change. It will soon monitor IP traffic too (and IPX/Appletalk etc. I guess) and detect a bunch of other ettercap style trickery.
I’m also working with some Cisco PIX firewalls to make them play nice with FreeS/WAN on Linux. I’ll put some example configs up here at some point. I’m going to take the Cisco VPN exam and be one step closer to a CCSP (I’m really not sure if this is a good or a bad thing career-wise). The original Cisco press VPN book has some serious problems with factual content. The authors seems to have little understanding of the underlying technology. I guess you don’t need to know it to parrot-type the Cisco commands in (or copy and paste them, as I often see) and charge 200 quid an hour, but it would be nice to be a bit professional about things.
My Mozilla/Galeon is broken on Debian unstable. Using gdb I found /usr/lib/mozilla/components/libimglib2.so to be the culprit, so just moved it out the way. I now have Galeon working with no images which suits me fine. In fact, as everything loads so quickly and is far less offensive to the eye, I may keep it this way permanently.
Program received signal SIGSEGV, Segmentation fault.
0x0de9de98 in NSGetModule () from/usr/lib/mozilla/components/libimglib2.sohorribly ported
My port of that pptpd exploit to Linux was apparently so horrendous that it prompted ‘r4nc0rwh0r3’ of ‘blightninjas’ to take the time to do it properly. In my defence, the original code really sucked, and I myself only needed the testing part to work (which seemed to work for me). It also compiled fine for me with gcc 3.2.3 (worksforme(tm)). And I in no way proclaim myself to be a good C programmer! Anyway, my laziness and lameness was thoroughly ridiculed by them here. Find their own fixed version here. At least I got my name on Bugtraq. Roll on fame and the big dollar.
PPTP vulnerability
A buffer overflow vulnerability has been found in the PoPToP PPTP server. The daemon is commonly run as root, therefore this can be pretty serious. A sample exploit was released for windows, and I’ve ported it to Linux (gcc). The problem on our own firewalls was mitigated because, although we have to run the crappy software to provide simple windows VPN access, we have some stack protection in our kernels.
OpenGL
2D alife is fine, but add a whole new dimension, and you’re in a whole new dimension! I’m learning how to code some OpenGL (through the SDL libraries) so that I can make my bacteria and squiks dance on the Z too. The Radeon 9000 in this PowerBook is speeding the process up a good few tens of frames per second.
PowerPC and Debian
I’ve moved architecture and Linux distro by upgrading to a PowerBook G4.
I think we’ve finally given up on try to get Macromedia Coldfusion MX anywhere near stable on our Linux distro. Macromedia are making us jump through a lot of troubleshooting hoops, I don’t even think we can reproduce the problem yet. We’re helping the client implement some Windows servers now instead. The only really difficult or unsolvable problems we have always involve closed source software. I really rather dislike working with it. Matt started documenting some of our ‘progress’, but I doubt the results we have are coherent enough for anyone to find useful.
Firestorm elog support for Ethereal
I finally got a patch together to all Firestorm NIDS elog support to Ethereal. You can find the Ethereal patch and a screenshot within my downloads directory. I may put a couple of example elog files on there to play with too.
DVD hack; firestorm; life.
My Daewoo DVD player’s region protection was quickly foiled with a few magical keypresses on the remote control thanks to the information at regionfreedvd.net. Nice chaps. When I opened up the secret menu, I got a message saying “YOU SHOULD NOT BE HERE”, hehe.
I’m just testing the final changes to my patch to add elog (Firestorm NIDS) support for the open source protocol analyser Ethereal, after which I’ll release it. Hopefully it will get added to Ethereal.
I’ll be making some of my old little Life programs available here soon, plus some recent tinkering I’ve been doing with a more advanced idea of evolution modelling. They are all in C and use the SDL libraries for the graphics.
Galeon, Evolution and netstat…?
/usr/bin/galeon-bin
\_ [netstat ] Wtf? Why is galeon running netsta? This happens in evolution too.
Linux 2.5 Trials and Tribulations
I’ve been tinkering with Linux 2.5 recently and will be documenting my progress online . I’ve already run into a little problem with ORBit/Evolution and built an RPM to fix it, so read all about it.
subversion endianness and xbox
It turns out the Berkely DB format that Subversion uses (or subversions use of it) is Endian specific. This means I can’t just move my repository from my PowerPC to my x86. I needed to dump it on my ppc (svnadmin dump ~/subversion > svn.dump) and load it into an empty repository on my x86 (svnadmin load ~/subversion < svn.dump). Bleh.
I've been fiddling with my Microsoft subsidised games console. I've cleaned up the code provided by the xbox-linux project to create a Linux kernel with xbox partition and file format (FATX) support). The patches for 2.4.22 and some RedHat 9 RPMS are available. I'll write it all up soon and provide 2.4.23 patches.
Liverpool and Firestorm NIDS Ethereal support
I’ve been down near Liverpool for the last few days, but I still found time to work on my latest project, adding support for Firestorm NIDS alert elogs to Ethereal 0.9.8. See a screen shot. Ethereal seems nicely written and I’m not having too many problems adding support for new file formats and protocols.
