security

d3ck, d3ck, goose

 code, crypto, hack, philosophy, security  Comments Off on d3ck, d3ck, goose
May 132015
 
d3ck, d3ck, goose

A bit over 2 years ago I started on a journey that has become a bit surreal; I had what seemed like a modest goal, simply create something that would facilitate confidential (e.g. encrypted) sharing of information in an easy way. Then snowden came along, and things started become even more… interesting, in the Chinese way. Tragedy, comedy, farce, delays and complications beyond belief followed. But the basic problem […]

It was 20 years ago today…

 dinosaur, friend, people, security, Uncategorized  Comments Off on It was 20 years ago today…
Apr 052015
 
It was 20 years ago today...

… and a few lifetimes… that wietse and I released SATAN.  What a long strange journey, as they say. Thanks to all the folks who used it, to the friends who have been kind. Thanks to muffy, and friends that are no longer with us. But most of all, thanks to my great and wonderful pal wietse. We haven’t worked together in awhile, but perhaps some day again, who knows? […]

 Posted by at 3:10 am on April 5, 2015

really, really, really nuke iptables

 code, security, tech  Comments Off on really, really, really nuke iptables
Feb 092015
 
really, really, really nuke iptables

I think this is the way to really clear out all the stuff in iptables, the arcane packet filtering thing for Linux. At least… I think. My take on it, at least. For somewhat modern Linuxes at the time of this writing, IPv4 only. Basic method: loop over all the types of tables, flushing… then loop over all the builtin tables for the various types, reset the policies… then […]

<3 Policy

 art, audit, dinosaur, philosophy, security, tech, work  Comments Off on <3 Policy
Dec 082014
 
<3 Policy

Security Policies Let us praise, slay, and bury security policies together. A security policy is perhaps the best way to deal with the security monster. It concerns itself with business and organizational issues, and is designed to assist the organization succeed in spite of human nature. I sometimes not-so-glibly say that a security policy is simply an expression of your desire. What do you want to see within your organization […]

Get Device ID (moar IPMI… yawn….)

 code, dinosaurs, embedded, ipmi, python, security, tech  Comments Off on Get Device ID (moar IPMI… yawn….)
Oct 122014
 
Get Device ID (moar IPMI... yawn....)

I’d had this sitting around for awhile and thought I’d take another look at it; in this I simply toss out an IPMI Get Device ID command and see what happens. This is an interesting one; the GUID is a Vendor Specific ID – the specification says that it’s “a unique number per device”, and that “a Device GUID should never change over the lifetime of the device”, which makes […]