Post Millenium Tension

 dinosaur, philosophy, work  Comments Off on Post Millenium Tension
Jun 222014
 

Perhaps this should be subtitled Why I’ll Never Work at Microsoft. I don’t know, I don’t know, I don’t know where to begin, as the song goes. I started writing here on a whim. I don’t look at the traffic it may or may not get, and I haven’t accepted any comments or feedback to date; it’s simply a place for some thoughts, observations, and a tip or two, […]

 Posted by at 4:50 pm on June 22, 2014

Even more IPMI, woohoo!

 BMC, crypto, embedded, ipmi, tech, work  Comments Off on Even more IPMI, woohoo!
Jun 052014
 
Even more IPMI, woohoo!

I wrote a small paper surveying the scene of IPMI in the wild – Sold Down the River – the title of which might give you some clue as to make on the situation. Used to be folks used guns to rob us… computers make everything so much easier!

more IPMI than you can shake a stick at….

 code, embedded, ipmi, security  Comments Off on more IPMI than you can shake a stick at….
May 122014
 

I’ve long wanted a Get Channel Cipher Suite command w/o authentication, so I wrote a script to do so; those interested can get it here: https://github.com/zenfish/ipmi/blob/master/ipmi-get-ciphers.py Actually none of the various ipmi tools seem to have this option; I’ve found it useful to use when looking at systems; it emits output similar (if not identical) to ipmitool… spotting those running cipher 0 becomes very, very clear. I should have […]

From A on B to C on D

 code, hack, security, tech  Comments Off on From A on B to C on D
Apr 272014
 

I find iptables to be a bit of a beast… so for posterity (or my own sanity, in case I lost this, I might recover from search engine caches!) this simply forwards a port (A) of a certain protocol from one host (B) to a second port (C) on a 2nd IP (D). Linux only, unless your OS happens to support iptables… no error checking, although it will echo […]

Random bits

 crypto, dinosaurs, security, tech  Comments Off on Random bits
Apr 212014
 

… well, literally… or pseudo literally? To generate 128 bits of pseudo-randomness: dd if=/dev/urandom bs=16 count=1 2>/dev/null| hexdump |awk ‘{$1=""; printf("%s", $0)}’ | sed ‘s/ //g’ Block size 16 = 16 bytes… do that once (count=1); that’s 16 bytes * 8 bits/byte = 128 bits. I’ve been using this in scripts lately, like “foo=$(…)”.