BitTorrent Protocol Attack
by Joel R. Voss aka. Javantea
jvoss@altsci.com
jvoss@myuw.net
Feb 23-26, 2005
BitTorrent Attack 0.3 Source
[sig]
BitTorrent Attack 0.2 Source
[sig]
Official BitTorrent Protocol
Official BitTorrent Client
Netmap2 Page
The BitTorrent Attack is a small project to see what we can do with the BitTorrent protocol without sending or receiving legitimate data. It is part of Netmap2 (aka. Protocols and Services Project).
Read more »
by Javantea
Oct 10, 2006
An image is a simple representation of a complex system in the same way that a program is a simple representation of a business. These similarities are hand in hand in the creation of programs and images as well as the viewing. Viewing an image is very much like using a program and reverse engineering a program is quite similar to analysing an image. The concepts are much easier for non-programmers to understand in terms of art, so to discuss programs, I will first discuss art. For programmers, the concepts are much easier to understand in terms of a program, so to discuss silly images, I will then discuss programs.
First, I will discuss the image which I enjoyed so very much creating and which I enjoy so very much discussing. The background is a favorite technique of mine. It is discussed in great detail below. It represents the sea of random information in cyberspace that users swim through daily. The colors are bright like the virtual neon signs that plague every corner of the internet. Each line of text was created using a different technique. Motion blur on the word welcome represents how quickly the user glances past any piece of data that they are not interested in. John Smith is set in the Times font that all generic 'legit' websites use to lull customers into a false sense of security. The words "to the" use another fun technique (blur, sharpen 99 twice) that I use often (same as the background). This effect represents the repetitive fawning and disillusionment that the technolust lifestyle commonly generates amongst its users. The word "Future" is written with two futuristic features ((blur(f) - f) & hue(f)) that I designed specifically for this image. These features remind me how much of the future is ubiquitous and how little of it really seems Sci-Fi. The phrase "Welcome, John Smith to the FUTURE" is a parody of the common phrase used to greet users when they login. Welcoming someone to the future is a derogatory phrase and is quite akin to telling someone that they're a cave dweller. The second meaning is that most people will be seeing someone else's login page (considering how few John Smiths will be reading this page). This is a common occurrence for hackers and often brings a great feeling of accomplishment, which might be lost on readers who aren't hackers. There is yet another meaning in the phrase and that is the inspiration of the phrase is the song "Cities of the Future" by Infected Mushroom. The design of the song invokes a feeling of power and electricity. The main vocal is modified to be very electric and warbly like the lead synth. I originally created the image as a 1024x768 (for no good reason), which had to be expanded and then shrunk. But it makes a fine background image if you'd like. There you have it, a complete discussion of a mediocre piece of art.
A program can be made simple or complex. A program's reliability depends on how well it has been properly debugged. Debugging depends on hours looking at inane code, which coders often dislike. A program that is built simply is simply debugged. Therefore, the building of many simple programs each of which are easily debugged makes for a better operating environment than having a few large programs.
Read more »Good Bad Attitude
by Joel R. Voss aka. Javantea
jvoss@altsci.com
jvoss@myuw.net
May 26 - June 2, 2006
This program grabs a list of good processes from /proc, then it monitors /proc and kills any new process. It is meant to be used in extremely hostile environments. It is a general use tool, but it can and should be modified as necessary. Obviously it should be modified to allow the user to re-login in case s/he loses shell.
It's original use is for Defcon 14 ACTF. If a vulnerable server gives non-root access (quite likely), attackers that re-attack the server will be able to kill the original attacker. This means that the original attacker should put up defenses quickly to ensure that attackers are ejected. One way is to fix the vulnerability in the server. If this is not possible, this script is a simple solution.
Read more »
by Javantea aka. Joel R. Voss
Sept 8, 2006
Botnets
Spam Server Analysis
Spam Server Passive/Active Analysis 0.4
[sig]
50 MB of Test Spam
[sig]
At the above Neg9 Seattle meeting (Sept 8, 2006), a group of four Neg9 security researchers gathered to discuss botnets and various other ideas. I, Javantea, led the discussion of botnets, but as expected, the three other participants were far more knowledgeable than I on the topic of botnets. Quite a lot of research, development, and interest is going into botnets currently. This is a very positive note because everyone benefits from better knowledge and control of botnets.
It begs to be said that nothing illegal was done at the Neg9 meeting. Nothing unethical was done at the Neg9 meeting. Polite portscans are legitimate techniques of security researchers and criminals alike. I limited the output of my box to a maximum of 6 packets per second at maximum and 2 packets per second at nominal. Connecting to any machine on the internet is legitimate because open ports are public information. Anyone who disagrees is a complete idiot and should go straight to /dev/null.
Read more »