Tuesday, November 22, 2011

Free Cryptography Class

If you're interested in cryptography, this is for you!

Free Cryptography Class:

Dan Boheh of Stanford University is teaching a free cryptography class starting in January.

Wednesday, November 9, 2011

Cisco 870 and DynDNS

My gateway to the Internet is a small Cisco 870. I also have a linux host I use to ssh into my home network. The Internet connection is a basic DSL, with a dynamic address.

Before my Cisco router, I used to have a small Netgear gateway that supports DynDNS. So, I wanted to do the same with the cisco router.

Here is the configuration I use:

DynDNS updater

ip ddns update method DynDNS
 HTTP
  add http://<username>:<password>@members.dyndns.org/nic/update?hostname=<hostname>
 interval maximum 1 0 0 0
 interval minimum 0 2 0 0

You have to replace the values between <> with your own, such as your username and password. Also, to insert the "?", press [CTRL]-[v] before the ?. Unfortunately, in version 12.4(15), HTTPS is not supported to update the record.

Interface configuration


 ip ddns update hostname <hostname>
 ip ddns update DynDNS

And that's it. It should start updating your records. However, at least in my case, this wasn't working. A quick debug session showed that "members.dyndns.org" was not resolved by the device, which I solved temporarily with a host entry.

ip host members.dyndns.org 204.13.248.111


Everything is now working fine, and my records are updated.

Edit

I removed the minimum and set the maximum to a lower value.

Saturday, November 5, 2011

Mac ports and snort 2.9.0.5

On the Mac ports DL, a user reported an issue trying to use snort 2.9.0.5.

Using "port install snort", the system creates shared objects (.so) but tries to load a dynamic library (.dylib).

Here is a quick procedure to have it back on track:

sudo port install snort
cd /opt/local/var/macports/distfiles/snortcp snort-2.9.0.5.tar.gz ~/tempcd ~/temp./configurecd src/dynamic-pluginsmakecd sf_enginegcc -dynamiclib -o libsf_engine.dylib -dylib bmh.o sf_ip.o\sf_snort_detection_engine.o sf_snort_plugin_api.o\sf_snort_plugin_byte.o sf_snort_plugin_content.o\sf_snort_plugin_hdropts.o sf_snort_plugin_loop.o\sf_snort_plugin_pcre.o sf_snort_plugin_rc4.o sfghash.o sfhashfcn.o\sfprimetable.osudo cp *.dylib /opt/local/lib/snort_dynamicengine/


After that, you need to edit /opt/local/etc/snort/snort.conf.dist to suit your need and reflect your specifics.