Meetups/Infra/2024-02-05

From Noisebridge
Jump to navigation Jump to search

Discussion, war stories day. Started slow, 3 new folks 1 of whom was on vacation, and 3 regulars (including host). Arguments about IPv6, VPNs IPsec, WireGuard, NAT, Hole-punching, tailscale, war stories enforcing encrypted connections. More discussion of Tor wanted. Future presentations.

Introductions[edit | edit source]

  • [name] - [background]. [goals for meetup, or interests to explore]
  • Loren - running, for about 6 months, to teach new people, have great conversations, stay sharp, share and hear war stories. welcome
  • Jari - infra, 25 odd years at least, care about privacy & security. just want to hack on stuff, meet interesting people.
  • Matt - background in linux & system administration, with Loren, was manager of compute lab at UC Berkeley, don't do much infra, here for the vibes
  • Wolf - professionally, don't do infra, have another team, do some stuff personally, here to socialize
  • Alvaro - on vacation, sf guide website, background in professional experience in network and software infrastucture, system adminstrator, focus on sustainability, now integrate finance, sustainability, refreshing

(3 people, here)

  • Angelo - infra meetup interest


Lesson or Demo[edit | edit source]

  • IPv6 - adoption, issues. Not for small orgs and users, weird relationship with.
  • Story. Snowden leaks, "encryption removed here :)"
    • Concern, not just about user-DC links, but also DC-DC links.
    • Wrote an analyzer, Shannon-entropy - wasn't enough. 1e-4 buckets. Inspect packets, detect flows. Identify servers. Kept going.
    • New approach. SSL wall. eBPF, prevent an application from sending non-encrypted traffic, non-blessed traffic. Kernel-generated RST on host to flow.
    • Shannon entropy
      • Encrypted bytes should be maximally random, near uniform distribution of possible bits, present
      • ASCII streams, extremely obvious, low-entropy
      • Compressed streams.
    • Need thousands of packets from the same flow, extract variance of shannon entropy of packets from the same flow, to ensure.


  • Similar, before faang. Embedded devices boot up in the same state. tcpdump, start of tcp stream, TLS client random from the start of the connection. IoT thermostats
    • Unstable analog power rail, sample during booting, mix low order bits of the power.
  • Wolf, story about mother. Using, currently, a mac running macOS 9, so she can keep using the version of Word / WordPerfect? and existing printers.


    • OepnBSD for networked computer. jwm.
    • Musical typesetting, Finale, Finale 98


    • reverse engineered the binary file format, in MS Word.
    • Differential HTTP parsers. One of attack in last 3 years, repeated, now generalized and as a class.


  • War stories
  • New things people are working
  • (gForm)
  • Unix + history


  • Shell, web services, self-hosting, networking!

Questions, Discussion, or Coworking[edit | edit source]

  • [Issue]

For next time[edit | edit source]

Questions[edit | edit source]

Readings & Exercises[edit | edit source]

  • Readings
  • Exercises

Join online[edit | edit source]

  • Try it yourself!
    • Join libera.chat #nb-meetup-infra

https://www.noisebridge.net/wiki/Meetups/Infra https://www.noisebridge.net/wiki/Meetups/Infra/2024-02-05