Meetups/Infra/2024-01-29
Discussion of internet backbone/provider networking, tor & great firewall cat-and-mouse, and NLP games.
Introductions[edit | edit source]
- [name] - [background]. [goals for meetup, or interests to explore]
- Loren - running
- Doug - have interesting, and cursed projects. Retail AI, data products, infra, code. Currently flying too close to the sun.
- Patrick - based in SF, write software. First time here. Hanging out, picking up things
- Cloud - at one time, took notes for AI class. Presenting new things. Learning help
- David - software engineer, currently trying to set up a a vpn server, dns server.
Lesson or Demo[edit | edit source]
- Doug - nosediving into the sun. Not doing full time.
- offer of a little project. s*mizd*t. online. Independent russian media, left russia. Lost audience. Came up with anonymizing way to share. Eventually links revert to simple mem links. Append a URL, a path, to DNS through.
- RIR blogs - on IPv6 adoption.
- IPv4-only off date, in Czech Republic, in 2025.
"I must make my day job more successful, rather than make someone else's crazy side project marginally successful."
- David - setting up vpn server, yesterday, static ip on pi, dns server. Working on reliability. Using dnsmasq.
- .internal domains - public, 8.8.8.8 fallback.
long timeout, for internal query to fail. on laptop cli.
VPN profiles - for macOS and iphone usage.
About macOS Configuration Profiles: https://mosen.github.io/profiledocs/index.html
$ cat /etc/resolv.conf
$ scutil --dns
- Tor - reports on cat-and-mouse games
https://media.ccc.de/v/camp2023-57172-a_guided_tour_through_tor_network_health_and_performance
https://community.torproject.org/static/files/tor-network-2019.pdf
https://tor.stackexchange.com/questions/12553/how-does-tor-obfs4-protocol-and-pts-work
https://www.fortinet.com/blog/threat-research/dissecting-tor-bridges-pluggable-transport-part-2
https://forum.torproject.org/t/what-determines-bridge-distribution-method/1379/2
https://arxiv.org/abs/1608.00509
https://uwspace.uwaterloo.ca/bitstream/handle/10012/18333/Tulloch_Lindsey.pdf?sequence=3
- Great Firewall
https://github.com/kpdyer/fteproxy
https://citizenlab.ca/2015/04/chinas-great-cannon/
https://upb-syssec.github.io/blog/2023/record-fragmentation/
- More ML - NLP
- word2vec
- https://semantle.com
- https://semantle.pimanrul.es/ (same, but with a nice visualization. see the sprial arms of similar meaning)
https://pypi.org/project/Faker/
Partial transcript[edit | edit source]
Partial transcript of first half
Delivering content - created random urls - nonsense urls. Distributed it. System to censor content. Commercial application? URL to IP address through DSS. IPP - DNS - computer DNS configuration, url. 68,000 ipp address. Internet research agency? Router needs to have IP Settings. ISP provide? Hurricane electric? Lets you have an IP address on the internet, forward traffic through ISSP. Wireguard connection - Commercial entity set-up. New Url new content. Distributed over telegram. Dubious encrypted surface. Amazon charges for IP addresses? One server with only 1 IP, so if you need more IP addresses - monkey brains - Go-daddy resellers account - cloud resources - isolate - DNS mask - .internal - goes somewhere - google 8.8.8.8 VPN.internal. No results. Digging with respect to the google servers. Removed all built in DNS servers- dig, 10.0.012. Nontrivial amount of time: 5 seconds. Internal width. 5 -10 seconds pass - resulting kit. Internal DNS server - configuration - DNS configuration - VPN.internal. Expected behavior? Set up locally - create by default - O.S - server on - show how it is configured. Network settings - Query server 12. 21 (noisebridge router) VPN settings - VPN profiles - DNS to configure. Specifiy an interface thing - there are ways - apple importanted from linux land - certain search domains should go - linux configure it yourself - built in – look DNS/SD. One token. / no space. Network settings. DNS - Noisebridge. Noise. Search domain. Search for computer name DNS server - IP forward address. Configure on the client - installable profiles - possible - give it a shot. IOS - way more locked down., VPN are supported on iphone. Set it up through configuration profile. Fastmail = configuration to set up email in one-click experience. Configuration profile - powerful - apple does device - corporate - some of it is hidden away in tools have to pay for. Setting up DNS server - to be compatible with the VPN? OR DNS server? It’s about configuring the operating system to respecting your wishes - SC - utlil - DNS lone-flag. Which will modify Configure it for certain domains - search domains. Rapture is doing to the network? 128 bytes in an ip address/48. More IP address than there are grains of sand on an ocean beach.
For next time[edit | edit source]
Questions[edit | edit source]
Tor, censor circumvention, rendering links innocent, malware redirector networks
Readings & Exercises[edit | edit source]
- Readings
- Exercises
Join online[edit | edit source]
- Discord #meetup-infra
- Meetups/Infra