archive
a set of old projects, I was taking care of in the past. notice it’s all in Polish.
tutorials, howtos, articles
(nie)oficjalny Cisco FAQ PL
pierwszy z projektów, którego miałem zaszczyt zostać koordynatorem – nieoficjalne Cisco FAQ PL. projekt stanął, miał zamienić się w wiki… i tak na razie stoi - od 10 lat :)
korzystając jeszcze z miejsca – chciałbym podziękować wszystkim współautorom za współpracę.
Teksty o tematyce powiązanej z systemami komputerowymi – archiwalne, ale pozostawiam dla potomnych.
Techniki łączenia przełączników
tcpdump – podstawy sniffowania i analizy
Generowanie (nienajgorszych) haseł
putty i uwierzytelnianie certyfikatami
- v1.2 2002/09/01 18:57:02 HTML
advisories
yeah… old ones. a lot of equipment had similar problems at that timeframe (2002!) and as you can probably tell, a lot of equipment still has similar problems in 2020. i was also able to remotely compromise Ericsson MD110 PABX due to multiple problems with input verification - and vendor, while friendly, choose to ignore me constantly :) anyway - old stories that some day may be published in full ;)
LG routers and switches buffer overflows on logging prompt
code and patches
they’re old. i don’t believe they’re much useful anymore, but here they are - maybe, just maybe, someone will find them educational (like for example - how not to do patches ;) ).
uRPF in FreeBSD
uRPF is a way to filter traffic using routing table by checking if source address matches interface best route. Packet will be accepted for further processing if:
- there’s entry in routing table pointing route to packet source via the same interface packet arrived
- there’s no specific entry, but default route still matches interface on which it was received
- source address is not in routing table with explicit flag of RTF_REJECT or RTF_BLACKHOLE
this short patch can help fight spoofing of source IP addresses and instead of filtering statically, can automatically protect your network - and internet.
patch can be applied to:
ip_input.c v1.130.2.55
dated 2005/01/02 (RELENG_4)ip_input.c v1.283.2.14
dated 2005/07/20 (RELENG_5)ip_input.c v1.301.2.3
dated 2005/10/09 (RELENG_6)
to turn on testing set net.inet.ip.urpf
to 1 or 2, and/or save it into system-wide /etc/sysctl.conf
.
- ‘1’ means uRPF strict check (there has to be entry in the routing table and default route won’t match)
- ‘2’ means uRPF loose check (only RTF_REJECT and RTF_BLACKHOLE explicit route will cause packet to fail)
diff file to be applied by patch -p0 <ip_input.urpf.diff
in /usr/src/sys/netinet
:
- patch | SHA1:
e519deaae593c28f505ee2d4db075986023a20b7
Blackhole route support in Quagga bgpd on FreeBSD
patch that makes recursive next-hop entries set to Null0 properly supported by bgpd on FreeBSD systems.
- patch | SHA1:
9aea26df2925a7d3ece0440fec72bd51545fd45e
OpenBGPd in FreeBSD
group of patches making possible to run OpenBGPd on FreeBSD (and NetBSD as well - probably). there’s already port in the FreeBSD package system that’s way newer and has support, so… ignore :)
fiction
only in polish - i won’t find time right now to translate it. you may have some luck with various translate engines, but i wouldn’t try… ;)
- Jak pisałem opowiadanie - konkurs Adama na pl.rec.fantastyka.x-files (USENET!)
- The Truth #1 - post podsumowujący oryginalny cykl serialu X-Files
- The Truth #2 - drugi post, jak już ochłonąłem