MACSec Redux


Good ol’ MACSec.

First, I posted a quick and dirty notes-for-myself, MACSec how-to for Juniper.

Then, I posted a similar MACSec howto for Cisco. So here’s a miscellany of different macsec implementations.

Let’s say you want to run your own router, because your Layer 8 & 9 specialists mandate it, here MACSec on linux.

Here’s a guy who did cisco-switch-to-cisco-switch macsec over an mpls link between a cisco and juniper router (because macsec works at layer 1 and thus you need to fake layer 1 via MLPS). So that’s a thing.

Here’s the Extreme Network’s MACSec implementation:

set macsec port mka enable tg.1.1
set macsec pre-shared-key port tg.1.1 ckn foo cak passphrase bar

HP switches macsec config

Brocade MACSec details and also a Brocade sample config of MACSec.

hadoop sleuthkit


This is pretty great:

tl;dr for the impatient: sleuthkit forensic analysis foisted onto a hadoop framework for faster processing of large amounts of data

I haven’t had to use sleuthkit/autopsy in a few years but this is a nice bit of amalgamation.

debian drops sparc


Man, kind of a bummer:

I spent a few weeks tweaking old sparc boxes to work with FreeBSD and getting to know the hardware and making it work with software that wasn’t originally meant for it was a great lesson.

Categories : News
Tags :       

Xwindows and Windows


Exceed is the best. Unfortunately, it is pricey:

Your other options are:

MobaXterm: in free and pay versions, pretty simple to install/setup and use.

Xming: free (old version) or pay (current version), also pretty simple to use.

Cygwin/X: complicated, kludgey and you should probably avoid it.

Tags :             

Don’t run “strings” against files…



Many shell users, and certainly most of the people working in computer forensics or other fields of information security, have a habit of running/usr/bin/strings on binary files originating from the Internet. Their understanding is that the tool simply scans the file for runs of printable characters and dumps them to stdout – something that is very unlikely to put you at any risk.

It is much less known that the Linux version of strings is an integral part of GNU binutils, a suite of tools that specializes in the manipulation of several dozen executable formats using a bundled library called libbfd.

Other well-known utilities in that suite include objdump and readelf.Perhaps simply by the virtue of being a part of that bundle, the strings utility tries to leverage the common libbfd infrastructure to detect supported executable formats and “optimize” the process by extracting text only from specific sections of the file. Unfortunately, the underlying library can be hardly described as safe: a quick pass with afl (and probably with any other competent fuzzer) quickly reveals a range of troubling and likely exploitable out-of-bounds crashes due to very limited range checking

Check the site for POC code. It’s old and it’s nasty.

Categories : Security

Linux / Unix / VMS equivalencies


So you’re dumped in Brazil (VMS) and all you speak is English (Windows) and Spanish (Linux), how do you get by?

A universal translator, of course:


There’s also a VMS to Unix cheat-sheet:

and another:

setting security/ownership in VMS:

tiny gotchas that you might not expect:

  • case insensitive
  • no
  • VMS has no set mount points, so you have to explicitly state which disk is being referenced in a command:
$ create/directory [.tmp]
$ copy dsa0: [.tmp]x.tmp
$ copy dsa0: [.tmp]y.tmp
$ copy dsa0: [.tmp]z.tmp

This creates a directory, .tmp, and three files inside it, x.tmp, y.tmp, z.tmp.


AIX Cheat-sheet:

AIX Cheat-sheet: [PDF]

AIX Cheat-sheet:

AIX documentation: 

AIX Admin’s blog, full of AIX tips and tricks: (I haven’t used it but it’s the type of quick and to-the-point howto that I find most useful.)

a text file cheat-sheet — quick and dirty, no-nonsense:



The biggest caveat when going to Solaris from Linux is that a lot of the tools you expect are missing (ie, not installed by default) or different (ie, you’re expecting GNU versions). The easiest way to deal is to install the gnu tools and set them in your path. That said, Solaris 10 is less of a PITA than older versions (9, 8….or heaven forfend: SunOS).

Here is a fast and dirty “why doesn’t this work / how do I do this?” for Solaris:

IBM redbooks, learn it, love it: [PDF]

Lesser Known Solaris Features:


Tags :