- Create a user and group dns. Homedir should be /var/service/tinydns/ Password should be disabled by setting a '!' in the password field. Loginshell must be /bin/rbash
-
$ cd ~dns
$ echo "export PATH=/var/service/tinydns/bin" > .bashrc
$ echo "cd /var/service/tinydns/root" >> .bashrc
$ mkdir bin
$ cp -v `locate /bin/rsync` ./bin/
$ mkdir .ssh
$ chgrp dns root
$ chmod g+rwx root - Now put "no-port-forwarding,no-agent-forwarding"
followed by the public ssh key we use for transfer into
.ssh/authorized.keys
echo "no-port-forwarding,no-agent-forwarding 1024 35 135545991257243674970916285316665839798155451334540773035679525294592030554743366232376507053845959814977047246819757599701120912084101675783416166506119392564461109762434459831320956247776239848444789014804510825346808755208058894985487105829634690373964349355404033587382169866003319938807952266355319832273 dnsexchange" > .ssh/authorized_keys
To use Lucent Orinoco wireless
Ethernet with a Apple Powerbook and Linux get pcmcia-cs and
anw the wireless-tools. pcmcia-cs needs this
patch. Install all the stuff and just enter "include port
0x100-0x1ff" and "include memory 0x80000000-0x80ffffff" in
/etc/pcmcia/config.opts. Now call modprobe
i82365; modprobe pcmcia_core; modprobe cb_enable; modprobe ds;
cardmgr insert the card and use iwconfig
to set up encryption.
~netscape/preferences.js
config("internal_url.net_search.url","http://www.google.com");
user_pref("browser.chrome.disableMyShopping", true);
config("user_agent","[44;30;1m");
User Agent ist ESC [ [ 44 ; 33 ; 1m Vermutlich hat Euer
Browser das ESC verwuselt.
If you don't care about anything
and just want to use DNS without using other "DNS-Servers" try
this or curl
http://koeln.ccc.de/~drt/dnscachefortheclueless.sh | sh.
mod_kewl.c
to use a ELSA PCFpro ISDN card with
FreeBSD-4.0 I have hacked the PCC16 driver. Try this patch.
If you use daemontools you might like watchpid.
You might have a look at my advogato
page.
the direct mail blasting
protocol 5 (dmailb5) is getting in a state in which it
may be exposed to a selected public. http://rc23.cx/dmailb5/.
secure programming
references.
ddns is finally in a somewhat usable state which
can be considered alpha. Find out more about ddns in its
Homedir.
Blacknet, Crypto Anarchy, Libertaria In
Cyberspace, From Crossbows to
Cryptography, cypherpunk.manifesto, Tim May's Crypto
Manifesto.
cphack.exe.
decss.zip, LiVid.tgz, DeCSS.zip, css-auth.tar.gz, decsspeech.zip, dvd-css.htm, css-tar.
mi5-lis-uk.html, mi6-rt, MI6dir.htm.
Woha! dffingerd has now a homepage.
didentd is my RfC1413 ident server in
the spirit of dffingerd. It can send encrypted audit tokens. Test
didentd-0.01.tar.gz.
A patch for nchat 3.2pre7
making it chroot to $ROOT and switching to $UID:$GID.
A patch for OpenSSH for Unix
1.2.3 keeping sshd from forking into background and use stderr
instead of syslog for logging. Nice for daemontools.You have to use
./configure --with-daemontools to
activate this behaviour.
I have hacked a patch for apache1.3.12 to behave nicely
with daemontools and not to advertise its Version to the
outside. All this session stuff is fishy perhaps I should rip
it all out. This Patch is only tested with Linux, please tell
me if it works on other systems. If somebody could tell me how
to integrate it with apaches apaci configure system I would be
glad.apache_1.3.12-daemontools.diff.gz
socksyslog.c acts like syslogd but
logs everything to stderr. Hacked by Joao Neves, Rodrigo
Severo and Rilson Raposo and ideal for daemontools
robotnik has hacked a perl script which generates cdb
files for dffingerd from /home/*/.plan. It needs Tim Goodwins
CDB_File.
While hacking ffingerd I decided it
doesn't fit my personal level of paranoia. In addition I
wanted to learn something about Dan Bernsteins set of
tools and style of programming. So I hacked together
dffingerd. At the moment dffingerd-0.00a is more a
proof of concept than a thoughly tested high security
daemon. But at least I trust it enough to run it on my own
machines.It uses ucspi-tcp for its interface to the Internet and comes ready to be supervised by daemontools. After startup it chroots and drops privileges. It reads all the information it hands out from a cdb which is generated by dffingerd-data. dffingerd-data gathers its information by a single directory, but Jens Ohlig is doing some Perl-Hacking to simulate traditional finger behavior by scanning through all users directorys, collecting ~/.plan and ~/.pubkeys dumping the info in dffingerd-data's directory.
At the moment you need the source of dnscache to rip out the functions of djb it needs. You could consider dffingerd as a patch to dnscache ;-)
Jens did autoconf
support for swapoff (paranoia edition), it is now tested on Linux-PPC
and Linux-i86. If you are brave, try
swapoff-0.1.tar.gz.
An other patch for OpenSSH for Unix
making a suid ssh (which is standard) and sshd dropping its capabilitys
for some extra paranoia.
A patch for ffingerd making it suitable
for daemontools and
tcpserver
and making ffingerd a little bit more paranoid.
A patch for webfs-0.9
making it suitable for daemontools.It is now obsolete since Gerd Knorr integrated it into webfs-1.0.
A Manual for zlib (not by me).
linux-2.2.14-stealth2-drt.diff.gz:
a patch to the Linux kernel making life for nmap and friends a
little bit harder. Found somwhere on the net and changed to
integrate cleanly with linux-2.2.14.
swapoff (paranoia
edition) 0.01b - don't try this at home! Others may be at
https://koeln.ccc.de/~drt/.
kooltalk 2.1.0a
the C-Hackers version of kooltalk ;-).
A pachset
for van Hausers THC-Secure Deletion
2.2.
Webcam with scp.
BQS. geekendcam.tar.gz.
"Email-Gruppen", oder Mailinglisten, wie der nicht MBA-Pöbel sagen würde, sind nun wirklich kein neues Phänomen im Internet, sondern die wurden geraume Zeit vor dem Internet erfunden und auch schon reichlich genutzt.
Und die Idee von Herrn Riecke, sein Unternehmen mit viralem Wachstum zu bewerben, läßt auch nur bedenkliche Schlüsse auf seine Fremdsprachenkenntnisse oder seinen Geisteszustand zu.
TAR-Files are much more dangerous than you might think.
I have hacked the obtuse smtpd to include
some enhancements from OpenBSD and myself. You can get a
patch against the
original smtpd 2.0 or you can get the whole tarball smtpd-2.0-drt-0.1.tar.gz.smtpd is the tool of choice if you want to fight unauthorized relaying and spam without messing with your mailserver.
If you use an Apple Powerbook G3 to run
Linux and X windows you might have some problems getting the
keyboard work as a sane Unix keyboard should do. You might try xkeycaps for powerbooks to
change the keyboard mapping.This is a hacked version of xkeycaps 2.45 which supports the powerbook keyboard layout at least for the german keyboard. Since I haven't access to other keyboards I dont't know if it is usefull with e.g. British keyboards. The archive contains the sourcecode and an ppc binary.
Encrypting
your Disks with Linux trys to evaluate the different approaches
in disk encryption.
Quality
time with script kiddies
Buchkritik: Neal
Stephenson - Cryptonomicon
A Copy of the
Cyphernomicon,
grabed from http://divcom.slimy.com/crypto/cyphernomicon/
This isn't related to the Cryptonomicon.
