lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 21 Nov 2011 14:12:38 +0000
From: Darren Martyn <d.martyn.fulldisclosure@...il.com>
To: Valdis.Kletnieks@...edu
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Ubuntu 11.10 now unsecure by default

 Valdis - I did not know the source had gotten THAT big, still, will be
interesting to explore parts of it that interest me - the TCP stack for a
start... Also, thanks for the advice on the book :)

Good point on the difficulty of mantaining my own distro - I realize I
would need a fair few people behind me to keep it up to date.

Network manager has one amusing flaw I noted on both Atheros and Broadcom
chipsets - it randomly suspends the Wireless card, requiring several
reboots to fix. I still have to figure it out, and it just annoys me in
general. Hence, making my own version of it.

Also, thanks for the advice on the mac80211, I was only familiar with
MadWiFi as my netbook for wardriving ran an older Atheros card (Acer Aspire
One from 2008). I will look into the mac80211 as soon as I can, the goal me
and my friends have is to release a "modified" Ubuntu with our own network
manager and some other Wireless auditing tools installed. Been done before
I am sure, just we want to give our own spin on it. For both learning and
for our own use.

Regards,
~D.

On Mon, Nov 21, 2011 at 1:02 PM, <Valdis.Kletnieks@...edu> wrote:

> On Mon, 21 Nov 2011 12:24:03 GMT, Darren Martyn said:
>
> > 1) Read the latest kernels source over a long period of time, looking for
> > bugs and to get a better understanding of how it works on that level
>
> Just keep in mind that you will never finish reading the kernel source, as
> it's
> currently sitting at somewhere near 14M lines of code, and every 3 month
> release window has more new lines added than any one person can review.
> Most of
> the patches are posted ot the linux-kernel mailing list, which as a result
> weighs in at around 450-600 pieces of mail every day.  Enjoy drinking from
> the
> fire hose.
>
> That's why the current arrangement of subsystem maintainers exists.
>
> Doesn't mean that you can't review the important heavily used parts of the
> kernel and learn something - that's probably only a quarter million lines
> of
> code, and things like the VFS code don't change as fast as the drivers and
> architecture code. I would reccomend reading Linux Device Drivers, 3rd
> Edition
> (available online, just google for 'LDD3').  Note that the concepts still
> apply, but due to the ever changing kernel API, sample code will probably
> not
> compile without some reworking.
>
> > 2) Build my own distro
>
> More of same - though Linux From Scratch will at least teach you how it
> works.
> But you'll go nuts trying to keep up to date on patches for all the
> components of
> a system big enough to use day-to-day. (Have fun reviewing the patches and
> then building OpenOffice or Firefox from source every time upstream
> releases
> an update - and then there's all the code in xorg and Gnome/KDE, and....)
>
> > 3) Write my own network manager based off the LORCON/MadWiFi drivers
> (using
> > PyLORCON bindings) for the GNOME interface to replace the not-reliable
> > "network manager" applet.
>
> This one is probably the most achievable, and NetworkManager *is* a total
> piece of barely-usable crud.  Do however keep in mind the following:
>
> 1) The MadWiFi drivers only work for Atheros chipsets, and a *lot* of boxes
> have other wireless (lots of Intel chips out there, among other things).
>
> 2) MadWifi has been deprecated, and the wireless maintainer's advice is to
> use
> the ath5k and ath9k drivers instead. If those two drivers don't work for
> your
> Atheros, work with them to get the driver fixed - all the other Atheros
> users
> out there will thank you.
>
> 3) You *really* want your userspace to be using the mac80211 interfaces
> instead,
> so that they will work with non-Atheros cards as well.
>
> Good luck...
>



-- 
My Homepage :D <http://compsoc.nuigalway.ie/%7Einfodox>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ