Current botnets use a pseudo-random sequence of domains to host their moving C&Cs. This post shows the drawbacks of this clever approach and proposes a little enhancement to the names generating algorithm.
Archive of posts filed under the Technical category.
Good Bye, Kamp DSL!
Since Kamp Netzwerkdienste GmbH are giving their private DSL customers the boot, I’ve decided to give Manitu a try. Interestingly, multihoming Kamp and Manitu on the same T-DSL link from the Deutsche Telecom (T-Com) is impossible: one can use only one ISP at a time, even though one can setup one as the primary, and the other as the backup ISP, should an ISP drop its PPPoE tunnel in the T-DSL backbone.
Self-modifying Code in FreeBSD Assembly
Self-modifying code, while rarely a good idea, is possible if the operating system allows us to remove the read-only protection on the code pages (.text section). FreeBSD provides the mprotect(2) system call to do just that. This post contains an assembly language example that makes use of it on FreeBSD/amd64 and FreeBSD/i386. The techniques shown here can be used to create true self-modifying code.
Observer Effect in FreeBSD Assembly
When a program behaves differently inside and outside of a debugger session, we may have an instance of the famous observer effect in information technology. This post illustrates this effect with a simple program in FreeBSD assembly.
Return Values of FreeBSD Syscalls in Assembly
This post shows how to write “hello, world!\n” into a file with FreeBSD assembly language. We learn that FreeBSD/amd64 and FreeBSD/i386 save the return value of syscalls in %rax or %eax if no error occurs. In case of errors, errno is saved in %rax or %eax, and the carry flag is set.
Printing woes on FreeBSD 8 with CUPS
FreeBSD 8′s new USB stack caused CUPS to stop printing on USB printers. Fixing permissions on the /dev/ugen* and /dev/usb/* device nodes corresponding to the printer solves the problem.
Google’s governmental backdoor
In the wake of the Google-China spat, and the possibility of a (U.S.) government backdoor in Google Mail, should we compile and leak a worldwide list of government spyware to the general public?
Hello World in FreeBSD Assembly
How to write a hello world program in assembly for the FreeBSD/amd64 (x86-64) and FreeBSD/i386 (x86-32) platforms.
C++ Tutorial (3)
This is part 3 of a fast paced C++ tutorial for programmers familiar with high level languages like Perl and Python. In this part, we’ll learn that STL containers store copies of objects. To get Python-like semantics, we’ll store std::tr1::shared_ptr pointers to dynamically allocated objects instead of raw pointers into the std::map.
C++ Tutorial (2)
This is part 2 of a fast paced C++ tutorial for programmers familiar with high level languages like Python and Perl. We introduce the incredibly useful and versatile std::map associative arrays, a.k.a. dictionaries.