vendredi 22 janvier 2016

[Beginner's Guide] - Cloning and restoring your Raspberry Pi's MicroSD

Why am I cloning it ?


I had a lot of stuff going on on my RPI.

I typically use it for prototyping and development.

Quite a lot of my ongoing projects on it.

So, I figured out that I should probably write about how easy it is to backup and restore your RPI.

Also, some of our fans complained that the stuff we did was not for the average joe.

Tried to make it as simple as possible !


Higher Capacity MicroSDHC card


Recently acquired a higher capacity microsd card from Toshiba - total cap 32GB, 40Mb/s Read/Write. (I had an old 16GB which quickly filled up to 10.5GB).

One of the reasons I am writing this is because I needed to change that old MicroSD.

Lets get on with it


So here we go.
1. Mount your microSD. (from a card reader of course!) - cheap ones at fastclick bagatelle
Should automount on inserting it.

2. Check your drive name/id - 
sudo fdisk -l

That command will list all the drives. Mine is 16GB so just check the side to know the mount point.
Mine was /dev/mmcblk0

3.Back it up (clone)
sudo dd bs=4M if=/dev/mmcblk0 of=/home/devildron/backup.img

So dd(disk dump) makes the image of /dev/mmcblk0 and stores the image to my folder /home/devildron/

4. Restore
Insert your new SD card.
then run this command:
sudo dd bs=4M if=/home/devildron/backup.img of=/dev/sdb



UPDATE:
Just tested the cloned RPI
pi@raspberrypi:~ $ uptime 14:09pm  up   0:06,  2 users,  load average: 0.01, 0.18, 0.12

Made it simpler and corrected a few mistakes i made

Thats it !
Have fun playing with RPI !




mercredi 20 janvier 2016

Breaking Monoculture For Better Security [Episode 1]



GLibc

 - The Gnu C Library-  According to the official page, is "the library which defines the ``system calls" and other basic facilities such as open, malloc, printf, exit.."It was designed primarily to be a portable and high performance C library.

Musl 


- Is a C standard Library designed by Rich Felker (and others). Musl is basically an alternative for Glibc. It is described as lightweight, fast, simple and free and strives to be correct in the sense of standards-conformance and safety


Glibc vs Musl

Throughout the years, Glibc has got a heap of vulnerabilities. The vulnerability count till now has reached 61!
https://www.cvedetails.com/vulnerability-list/vendor_id-72/product_id-767/GNU-Glibc.html

On the other hand, Musl has had 1 vulnerability in its 4 years of existance.

http://www.cvedetails.com/product/23025/Etalabs-Musl.html?vendor_id=12197

Ghost




The most important issue has been the GHOST vulnerability.

GHOST allowed a total disclosure of confidentiality. It could allow an attacker to take remote control of a system after merely sending a malicious email..

Among other severe issues we had on linux systems were Heartbleed, Poodle and Shellshock.

In order to allow users to switch easily from Glibc to Musl, and vice-versa,Hackers.mu has been working on a series of patches to allow MariaDB to work seamlessly with Musl.

A word of advice however, the patch is still a work in progress, and is pending more in-depth reviews by the Mariadb developer community. The patch was based on an old patch in VoidLinux.

Unfortunately, due to the rapid pace of Mariadb development, it didn't apply cleanly on the latest version, therefore, we had to rewrite it.

Enjoy :
https://github.com/codarrenvelvindron/server/commit/e251dfd859fdece8f7d8e8513fab7f360e6bfdf8

dimanche 17 janvier 2016

Efficient DDoS protection under GNU/Linux

What is ipset?

Quoting the official website: "an IP set may store IP addresses, networks, (TCP/UDP) port numbers, MAC addresses, interface names or combinations of them in a way, which ensures lightning speed when matching an entry against a set."

I already have iptables. Why should i use ipset?

In case you have a number of growing rules in your iptables , this will lead to a severe performance drop. Specifically,if you have more than a thousand rules in your iptables, you should start worrying about this.

Inner workings

The inner workings of ipset are irrelevant. Or is it ? We'll delve into that soon enough :)

Did you say Bogons ? 

Simply put, a bogon is a bogus IP address in a computer network. Many unethical crackers use bogons to direct massive DDOS attacks on servers. Those non-legitimate IPs marked as living in oblivion need to be filtered to prevent possible attacks.

 For our demonstration in the usage of ipset, I will show you how to filter bogons using a simple 'quick and dirty' shell script.


bogonblock.sh


#Author: C.Velvindron / codarren@hackers.mu
#Shellscript to filter bogons using ipset
#!/bin/sh
iptables -F
ipset destroy
ipset -N bogonblock nethash
for IP in $(wget -O - http://www.team-cymru.org/Services/Bogons/fullbogons-ipv4.txt)
do
ipset -A bogonblock $IP
done
iptables -A INPUT -m set --match-set bogonblock src -j DROP


Sample output of ipset -list
193.223.72.0/22
194.39.224.0/20
195.238.78.0/23
168.121.0.0/16
193.41.154.0/23
193.202.76.0/24
194.15.32.0/19
194.48.242.0/24
194.104.16.0/21
194.113.164.0/24
195.216.208.0/23
91.206.92.0/23
193.31.62.0/24
193.56.190.0/24
194.5.232.0/23
194.40.236.0/22
194.55.96.0/22
194.124.252.0/24
91.232.129.0/24
193.201.208.0/22
193.8.208.0/22
193.105.28.0/24
195.234.82.0/23







Improving the Security and Reliability of the SNMP protocol


What is SNMP ?

The SNMP protocol - Simple Network Management Protocol , is a networking protocol allowing network administrators to manage network equipments and perform diagnostics on networking issues.


How does it work?

It has 2 main parts: A supervisor and an agent. The Supervisor is the console that allows the network admin to execute management requests. Agents are network entities at interface level that connect the managed equipment to the network allowing us to get information on different objects.


Equipments

Switches, hubs, routers and servers are all manageable by SNMP.


Issues/Vulnerability

The issues with those network equipment is as we're trying to make them smaller and compact, we have some CPU and memory issues to consider. Most consumer routers have around 8-32 MB of RAM.

In case memory is wrongly allocated, and/or the amount of memory allocated is not checked, this can allow a denial of service (memory consumption or daemon crash) or memory leaks

Example:
denial of service due to unchecked malloc in client authentication
CVE-2014-8091: In servers built with support for SUN-DES-1 (Secure RPC) authentication credentials, an unauthenticated client may be able to crash the X server by sending a connection request specifying values that cause malloc to fail, causing the authentication routines to attempt to write data to the returned NULL pointer. Since the request is limited to an unsigned 16-bit integer for the allocation size, it is unlikely to fail unless the server is severely memory constrained.
Introduced in the initial revision of Secure RPC support in X11R5 (1991).

Companies that use it:

HP, Fujitsu, Dell, IBM, CISCO

Fix

See my fix at the following link:

https://sourceforge.net/u/devildron/net-snmp/ci/e30a927350c0cba19750cd9fb67db175933973d6/


Playing with Raspberry PI 2



Specs:

processor       : 0
model name      : ARMv7 Processor rev 5 (v7l)
BogoMIPS        : 57.60
Features        : half thumb fastmult vfp edsp neon vfpv3 tls vfpv4 idiva idivt vfpd32 lpae evtstrm
CPU implementer : 0x41
CPU architecture: 7
CPU variant     : 0x0
CPU part        : 0xc07
CPU revision    : 5

processor       : 1
model name      : ARMv7 Processor rev 5 (v7l)
BogoMIPS        : 57.60
Features        : half thumb fastmult vfp edsp neon vfpv3 tls vfpv4 idiva idivt vfpd32 lpae evtstrm
CPU implementer : 0x41
CPU architecture: 7
CPU variant     : 0x0
CPU part        : 0xc07
CPU revision    : 5

processor       : 2
model name      : ARMv7 Processor rev 5 (v7l)
BogoMIPS        : 57.60
Features        : half thumb fastmult vfp edsp neon vfpv3 tls vfpv4 idiva idivt vfpd32 lpae evtstrm
CPU implementer : 0x41
CPU architecture: 7
CPU variant     : 0x0
CPU part        : 0xc07
CPU revision    : 5

processor       : 3
model name      : ARMv7 Processor rev 5 (v7l)
BogoMIPS        : 57.60
Features        : half thumb fastmult vfp edsp neon vfpv3 tls vfpv4 idiva idivt vfpd32 lpae evtstrm
CPU implementer : 0x41
CPU architecture: 7
CPU variant     : 0x0
CPU part        : 0xc07
CPU revision    : 5

Hardware        : BCM2709
Revision        : a01041
Serial          : 00000000da0d125f

Got a Raspberry PI 2 for free yesterday ! So I decided to mess around with it today.


Setup

Setting it up was a breeze, we're on:
Linux raspberrypi 4.1.13-v7+ #826 SMP PREEMPT Fri Nov 13 20:19:03 GMT 2015 armv7l GNU/Linux

Setup all my dev tools on it. tmuxing and setting up an snmp server on it.

Compiling SNMP from source took less than 5 minutes. I guess that quad core arm v7 is quite fast afterall. (my android mobile is still running on a Dual Core arm- shame on me!)

Disk Full (16GB MicroSD ?) Really??

Almost forgot, I ran into an issue while i was copying stuff on it.

Disk was full, 3GB was used and i should still had at least 12 GB left (was a 16GB microsd).
So yeah, just deleted the 2nd partition, resized and set up a new partition, 
with start of 2nd partition being end of 1st partition, and end of that new partition being default.

(Source : http://raspberrypi.stackexchange.com/questions/499/how-can-i-resize-my-root-partition)

Impressions:

Fast (booting/compiling)
Silent (can be left to compile at night) without waking you up
Power efficient (USB 6V port)


mercredi 13 janvier 2016

My First contribution to the Linux Kernel - LibreSSL

OpenSSL


OpenSSL is simply a library written in C that provides routings for cryptographic primitives utilized in implementing the SSL/TLS protocol.
OpenSSL also includes routines for implementing the SSL protocol itself. As of 2014, two thirds of all servers globally have been using OpenSSL.

Heartbleed:


An extremely severe bug was disclosed in April 2014, the heartbleed bug. It allowed a third party to exploit/steal the protected information that is encrypted
by the SSL protocol.SSL/TLS provides communication security and privacy over the internet for applications such as web, email, instant Messaging and
some Virtual Private Networks(VPNs).

The Heartbleed bug allows everyone to read the memory of protected systems by the vulnerable versions of the OpenSSl software.
This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users.

Here comes our savior: LibreSSL!


The guys at OpenBSD were tired of this situation and decided to fork and massively commit and reached a desirable result. By removing all VMS stuff and windows, they got rid
of half the existing bloat, implemented several safety features and all the apps in the OpenBSD tree keep on compiling. Not bad right?
They called this fork LibreSSL!

By default, the linux kernel supports only OpenSSL. So we at hackers.mu have been working on a patch to make the linux kernel support both LibreSSL and OpenSSL. When you come to think of it, having 2 different open source SSL implementations is good for "diversity". Encourages both of them to innovate.



[PATCH] [linux-next] scripts/sign-file.c Fix LibreSSL support
Here is the link to the patch:
http://marc.info/?l=linux-kbuild&m=145267332120361&w=2


mercredi 6 janvier 2016

Reviewing Tarsnap - "Online backups for the truly paranoid"


Wondering about using Googledrive or similar stuff to store your important documents?
What if the NSA was to ask Google for your files ?
They would be forced by law to abide.
And what if we were to make your files unreadable ?
Wouldn't that be cool ?

Dedup? Deduplication


What makes Tarsnap different from its competitors is that interesting feature they call Deduplication.
What it does is, it identifies and removes duplicate blocks of data from the archives it stores.
According to the Tarsnap creators, that deduplication process is very efficient.

Out of around 96.5 GB of data, if first removes duplicate blocks to drop to around 56.1GB and then compresses it to 15.8GB.So yeah its compression ratio was 16% of its original size !! That is a massive compression which I had to test for myself (so keep reading :) ...)

So I'm posting this easy guide to Tarsnap right after testing it myself.
Before you start : Tarsnap is only available on Unix-based systems currently


1. Downloading and Installing Tarsnap


Just Download Tarsnap
https://www.tarsnap.com/download.html

Installing:


./configure in the Tarsnap directory
make
make install

 2. Configuring Tarsnap


Simply put, you need to
(a) Generate a Key
(b) Save the key somewhere safe,
(c) Create a Tarsnap account
(d) Deposit funds on your account (Got to try it for free. Thanks to Anoop Seeburuth!! )but for everyone else the minimum fund is $5 :)

 3. Pricing


Storage: 250 picodollars / byte-month($0.25 / GB-month)
Bandwidth: 250 picodollars / byte($0.25 / GB)
Its dirt cheap actually!!

4. Tarsnapping your files !


 No GUI available for the client right now.
So we'll have to go for command line to push our stuff into the clouds.
I'll name my backup testarchive for simplicity.

Upload:  tarsnap -c -f "name of your web archive" foldername/
Example: tarsnap -c -f testarchive backup/

Checking if your files were saved : tarsnap --list-archives

Restoring an archive: tarsnap -x -f "your backup name"
Example: tarsnap -x -f testarchive

Deleting your files: tarsnap -d -f "your backup name"
Example: tarsnap -d -f testarchive

My first test file was 17MB, just took some repo
My results are:Size: 17MB
Compressed Size: 6.5MB
Compression ratio: 38.2 %

Update 07/01/2016

Of course, not much duplication on video files, so we have the lowest compression ratio.
Just in case you might have a sensitive video that you'd like to keep safe from prying eyes (lol..)
Video: 730MB
Compressed Size:726
Compression Effectiveness:  <1%

Then I tried a huge list of documents , htmls,whole websites. Just threw away all the documentations i had gathered on my PC.
Total document size: 778MB
Compressed Size: 698MB
Compression Effectiveness: 10%

Testing deduplication
Added some files to my previous archive. Testing dedup.
Total document size: 1097MB
Compressed size : 842MB
Compression Effectiveness: 23% ! (well that's impressive..We're just winning on compression from adding more files)

5. My thoughts after using Tarsnap


1. Fast. I compared it to Google Drive. Less than 5 minutes difference between the two.
2. Encryption: Tarsnap actually encrypts before sending the files. (so even if the line between is insecure, they can only copy unreadable zeroes and ones.
3. Stable : Thought it would be at some beta stage. But no! Tarsnap feels very stable.
4. Cost:  Cheap. After using around 3GB, balance is $4.998276505766957172.  out of $5.

So yeah, dirt cheap secure storage for your sensitive files  >> Go TARSNAP