Meetups/Infra/2024-01-29

From Noisebridge
Jump to navigation Jump to search

Discussion of internet backbone/provider networking, tor & great firewall cat-and-mouse, and NLP games.

Introductions[edit | edit source]

  • [name] - [background]. [goals for meetup, or interests to explore]
  • Loren - running
  • Doug - have interesting, and cursed projects. Retail AI, data products, infra, code. Currently flying too close to the sun.
  • Patrick - based in SF, write software. First time here. Hanging out, picking up things
  • Cloud - at one time, took notes for AI class. Presenting new things. Learning help
  • David - software engineer, currently trying to set up a a vpn server, dns server.


Lesson or Demo[edit | edit source]

  • Doug - nosediving into the sun. Not doing full time.
    • offer of a little project. s*mizd*t. online. Independent russian media, left russia. Lost audience. Came up with anonymizing way to share. Eventually links revert to simple mem links. Append a URL, a path, to DNS through.


    • RIR blogs - on IPv6 adoption.
    • IPv4-only off date, in Czech Republic, in 2025.


"I must make my day job more successful, rather than make someone else's crazy side project marginally successful."


  • David - setting up vpn server, yesterday, static ip on pi, dns server. Working on reliability. Using dnsmasq.

- .internal domains - public, 8.8.8.8 fallback.

long timeout, for internal query to fail. on laptop cli.

VPN profiles - for macOS and iphone usage.


About macOS Configuration Profiles: https://mosen.github.io/profiledocs/index.html

$ cat /etc/resolv.conf

$ scutil --dns


  • Tor - reports on cat-and-mouse games

https://media.ccc.de/v/camp2023-57172-a_guided_tour_through_tor_network_health_and_performance

https://community.torproject.org/static/files/tor-network-2019.pdf

https://tor.stackexchange.com/questions/12553/how-does-tor-obfs4-protocol-and-pts-work

https://www.fortinet.com/blog/threat-research/dissecting-tor-bridges-pluggable-transport-part-2

https://forum.torproject.org/t/what-determines-bridge-distribution-method/1379/2

https://arxiv.org/abs/1608.00509

https://uwspace.uwaterloo.ca/bitstream/handle/10012/18333/Tulloch_Lindsey.pdf?sequence=3


  • Great Firewall


https://github.com/kpdyer/fteproxy

https://citizenlab.ca/2015/04/chinas-great-cannon/

https://upb-syssec.github.io/blog/2023/record-fragmentation/


  • More ML - NLP
  • word2vec



https://pypi.org/project/Faker/



Partial transcript[edit | edit source]

Partial transcript of first half

Delivering content - created random urls - nonsense urls. Distributed it. System to censor
content. Commercial application? URL to IP address through DSS. IPP - DNS - computer DNS
configuration, url. 68,000 ipp address. Internet research agency? Router needs to have IP
Settings. ISP provide? Hurricane electric? Lets you have an IP address on the internet, forward
traffic through ISSP. Wireguard connection -
Commercial entity set-up. New Url new content. Distributed over telegram. Dubious encrypted
surface.
Amazon charges for IP addresses?
One server with only 1 IP, so if you need more IP addresses - monkey brains - Go-daddy
resellers account - cloud resources - isolate -
DNS mask - .internal - goes somewhere - google 8.8.8.8
VPN.internal. No results. Digging with respect to the google servers. Removed all built in DNS
servers- dig, 10.0.012.
Nontrivial amount of time: 5 seconds.
Internal width.
5 -10 seconds pass - resulting kit.
Internal DNS server - configuration - DNS configuration - VPN.internal. Expected behavior?
Set up locally - create by default - O.S - server on - show how it is configured.
Network settings -
Query server 12. 21 (noisebridge router)
VPN settings - VPN profiles - DNS to configure.
Specifiy an interface thing - there are ways - apple importanted from linux land - certain search
domains should go - linux configure it yourself - built in – look DNS/SD.
One token. / no space.
Network settings. DNS - Noisebridge. Noise. Search domain. Search for computer name DNS
server - IP forward address.
Configure on the client - installable profiles - possible - give it a shot. IOS - way more locked
down., VPN are supported on iphone. Set it up through configuration profile. Fastmail =
configuration to set up email in one-click experience. Configuration profile - powerful - apple
does device - corporate - some of it is hidden away in tools have to pay for.
Setting up DNS server - to be compatible with the VPN? OR DNS server?
It’s about configuring the operating system to respecting your wishes -
SC - utlil - DNS lone-flag.
Which will modify Configure it for certain domains - search domains.
Rapture is doing to the network?
128 bytes in an ip address/48.
More IP address than there are grains of sand on an ocean beach.

For next time[edit | edit source]

Questions[edit | edit source]

Tor, censor circumvention, rendering links innocent, malware redirector networks

Readings & Exercises[edit | edit source]

  • Readings
  • Exercises

Join online[edit | edit source]