Search this site

[prev]  Page 2 of 2





arp security research

Having accidentally found a means to completely knock my friend's laptop offline, I sat down and did some research into why and how it happened. Like most of my researching endeavors, I found more information that I had intended. Like the article says in the preface, all of the information presented in the article is probably not new or innovative. In fact, I'd wager that it's public knowledge in the security community.

Whatever, it is new to me. Read if you so desire :)

Link: articles/arp-security/

vpn + pf

Rather doing a simple vpn+nat-style situation, I decided that my local server ( needs to be available to the world. The machine I vpn into (kenya) currently has a nat rule in pf.conf so I can get to the world from whack (which is now in my room on a roadrunner line behind a nat box). I changed the nat rule to a binat rule and added an IP alias to kenya, and now you can ssh to '' from anywhere and get the box here on roadrunner. Furthermore, all my traffic comes "from", so it's as if I were on csh's network. Go go gadget vpn.

This all seems quite neat to me, I didn't expect it to be so easy...

ipfallowme - Me vs Annoying IPF Rules

The dev box at work has a new, more strict set of ipf rules now. In an effort not to have to change the global rule set, I wrote a little script to pick out your ip from an ssh session and add a few rules based on that ip.

There are probably already scripts that do this out there, but I didn't bother looking.

How it works:
- Create a rule file
- Make sure none of these rules are in the existing ipf rule set
- Apply the generated ruleset (won't overwrite or delete any existing rules)
- Wait until you kill the process or logout if you've backgrounded it, then remove the new rules you added.

Click here to view ipfallowme