tech

getting tcpdump to write to pcap format

 dinosaur, tech  Comments Off on getting tcpdump to write to pcap format
Nov 032014
 

I wouldn’t think I’d be writing something like this, but….. Apple changed the default of tcpdump to writeout pcap-ng format, which wireshark doens’t understand by default. Wasn’t sure what was up, but a quick search didn’t get any hits… turns out the -y flag is the key (at least, Mavericks+.) $ sudo tcpdump -w /tmp/1 tcpdump: data link type PKTAP tcpdump: listening on pktap, link-type PKTAP (Packet Tap), capture […]

Get Device ID (moar IPMI… yawn….)

 code, dinosaurs, embedded, ipmi, python, security, tech  Comments Off on Get Device ID (moar IPMI… yawn….)
Oct 122014
 
Get Device ID (moar IPMI... yawn....)

I’d had this sitting around for awhile and thought I’d take another look at it; in this I simply toss out an IPMI Get Device ID command and see what happens. This is an interesting one; the GUID is a Vendor Specific ID – the specification says that it’s “a unique number per device”, and that “a Device GUID should never change over the lifetime of the device”, which makes […]

mega mega mega… chan chan chan….

 code, embedded, ipmi, security, tech  Comments Off on mega mega mega… chan chan chan….
Sep 042014
 

Or… Notes on the IPMI Protocol Security Model. I wrote in Sold Down the River about the curious aspects of channels and authentication and users and all that stuff. Here’s a slimmed down model… and as a bonus a program that iterates through all the channels, users types, and authentication for a host, which is quite a bit of checking. mega_chan.py In any case I’m almost certain that I […]

certificates and security

 crypto, philosophy, security, tech, web  Comments Off on certificates and security
Aug 052014
 
certificates and security

npm is the defacto package manager for the node.js javascript network programming environment thingee. The folks who make npm have taken a security leap: npm no longer supports its self-signed certificates Ah, they build the bastions of light and goodness, protecting us from the sins of the masses by standing tall. So… how do you install npm, anyway? Ah, yes, you look it up on their site… let’s see… why, […]

The Dynamic and Depreciating Value of Computers

 audit, data, philosophy, security, tech  Comments Off on The Dynamic and Depreciating Value of Computers
Jul 062014
 
The Dynamic and Depreciating Value of Computers

I wrote this while I was at my company Elemental, and was meant for engineers to implement, so despite some of the very specific language for implementation purposes it was never meant to be dogmatic. I love the idea of calculating value based on… not much. I don’t know how accurate it is, but I can say that when run on systems (just before Elemental spontaneously combusted) it produced some really cool […]

© 2012 trouble Suffusion theme by Sayontan Sinha