a set of old projects, I was taking care of in the past. notice it’s all in Polish.

tutorials, howtos, articles

(nie)oficjalny Cisco FAQ PL

pierwszy z projektów, którego miałem zaszczyt zostać koordynatorem – nieoficjalne Cisco FAQ PL. projekt stanął, miał zamienić się w wiki… i tak na razie stoi - od 10 lat :)

korzystając jeszcze z miejsca – chciałbym podziękować wszystkim współautorom za współpracę.

Teksty o tematyce powiązanej z systemami komputerowymi – archiwalne, ale pozostawiam dla potomnych.

Techniki łączenia przełączników

  • v0.64 20/01/2004 12:25:56 HTML | PDF

tcpdump – podstawy sniffowania i analizy

  • v1.1 17/12/2003 16:44:05 HTML | PDF

Generowanie (nienajgorszych) haseł

  • v0.40 17/12/2003 16:46:06 HTML | PDF

putty i uwierzytelnianie certyfikatami

  • v1.2 2002/09/01 18:57:02 HTML

translations

you can find below translations from English to Polish of some technical documents. nowadays, they’re essentially of archival status and value.

at the same time - they’re translations from English to Polish, so… i’m not even sure why would you be interested ;)

  • Kształtowanie Ruchu i Zaawansowany Routing / Advanced Routing & Traffic Shaping in Linux 2.4

    Wersja oryginału: v 1.35 2003/07/26 19:57:49

    Wersja tłumaczenia: 1.02 25/02/2004 14:12:44

    HTML | PDF | DocBook TXT

  • netfilter – filtrowanie pakietów / Packet filtering in Linux 2.4

    Wersja oryginału: 1.26, 2002/01/24 13:42:53

    Wersja tłumaczenia: 2.2, 2002/08/29 22:26:06

    HTML | PDF | SGML

  • netfilter – NAT / NAT in Linux 2.4

    Wersja oryginału: 1.18, 2002/01/14 09:35:13

    Wersja tłumaczenia: 2.9, 2002/08/29 21:59:17

    HTML | PDF | SGML

  • netfilter – rozszerzenia / netfilter extensions

    Wersja oryginału: 1.20

    Wersja tłumaczenia: 1.1, 2002/08/22 21:29:41

    HTML | PDF | SGML

  • netfilter – FAQ / netfilter FAQ

    Wersja oryginału: 1.30, 2002/01/14 09:04:47

    Wersja tłumaczenia: 1.1, 2002/08/22 21:29:41

    HTML | PDF | SGML

  • IPchains HOWTO / IPchains HOWTO

    Wersja oryginału: v1.0.8, Tue Jul 4 14:20:53 EST 2000

    Wersja tłumaczenia: 2.1, 2002/08/29 22:41:53

    HTML | PDF | SGML

  • ipfilter HOWTO / ipfilter HOWTO

    Wersja oryginału: Fri Mar 1 22:29:33 EST 2002

    Wersja tłumaczenia: 3.0, 2002/09/03 14:38:15

    HTML | PDF | SGML

  • pf HOWTO / pf HOWTO

    Wersja oryginału: 20020405.2 April 5, 2002

    Wersja tłumaczenia: 1.3, 2002/09/03 15:04:13

    HTML | PDF | SGML

  • Antyaliasing w XFree86 4.x

    Wersja tłumaczenia: 16 maj 2001, 18:25:40 GMT+1

    HTML

advisories

yeah… old ones. a lot of equipment had similar problems at that timeframe (2002!) and as you can probably tell, a lot of equipment still has similar problems in 2020. i was also able to remotely compromise Ericsson MD110 PABX due to multiple problems with input verification - and vendor, while friendly, choose to ignore me constantly :) anyway - old stories that some day may be published in full ;)

LG routers and switches buffer overflows on logging prompt

code and patches

they’re old. i don’t believe they’re much useful anymore, but here they are - maybe, just maybe, someone will find them educational (like for example - how not to do patches ;) ).

uRPF in FreeBSD

uRPF is a way to filter traffic using routing table by checking if source address matches interface best route. Packet will be accepted for further processing if:

  • there’s entry in routing table pointing route to packet source via the same interface packet arrived
  • there’s no specific entry, but default route still matches interface on which it was received
  • source address is not in routing table with explicit flag of RTF_REJECT or RTF_BLACKHOLE

this short patch can help fight spoofing of source IP addresses and instead of filtering statically, can automatically protect your network - and internet.

patch can be applied to:

  • ip_input.c v1.130.2.55 dated 2005/01/02 (RELENG_4)
  • ip_input.c v1.283.2.14 dated 2005/07/20 (RELENG_5)
  • ip_input.c v1.301.2.3 dated 2005/10/09 (RELENG_6)

to turn on testing set net.inet.ip.urpf to 1 or 2, and/or save it into system-wide /etc/sysctl.conf.

  • ‘1’ means uRPF strict check (there has to be entry in the routing table and default route won’t match)
  • ‘2’ means uRPF loose check (only RTF_REJECT and RTF_BLACKHOLE explicit route will cause packet to fail)

diff file to be applied by patch -p0 <ip_input.urpf.diff in /usr/src/sys/netinet:

  • patch | SHA1: e519deaae593c28f505ee2d4db075986023a20b7

Blackhole route support in Quagga bgpd on FreeBSD

patch that makes recursive next-hop entries set to Null0 properly supported by bgpd on FreeBSD systems.

  • patch | SHA1: 9aea26df2925a7d3ece0440fec72bd51545fd45e

OpenBGPd in FreeBSD

group of patches making possible to run OpenBGPd on FreeBSD (and NetBSD as well - probably). there’s already port in the FreeBSD package system that’s way newer and has support, so… ignore :)

fiction

only in polish - i won’t find time right now to translate it. you may have some luck with various translate engines, but i wouldn’t try… ;)