Set up PPPoE Server on Ubuntu

The Point-to-Point Protocol over Ethernet (PPPoE) is a network protocol for encapsulating PPP frames inside Ethernet frames.

http://en.wikipedia.org/wiki/PPPoE

PPPoE Server, which should be formally called as PPPoE Access Concentrator

Environment

Ubuntu Trusty(14.04)
rp-pppoe

Preparation

Remove pppoe from system and install dependencies from apt.

Version of pppoe on Ubuntu is 3.8 but what we get later is 3.11.

Download rp-pppoe from http://www.roaringpenguin.com/products/pppoe

Set up

pppoe-server-options

/etc/ppp/pap-secrets

If you don’t have four columns here, you may meet error message below in syslog:

Start

Verify

route has been set up

traceroute does not work well in client side, I don’t know why, but I can do tcpdump in PPPoE-AC like

Then do some ping or something from client side

Links

http://darmawan-salihun.blogspot.tw/2008/12/setting-up-basic-pppoe-server-in-linux.html
http://chunchaichang.blogspot.tw/2011/12/ubuntu-pppoe-server.html

Set up PPPoE Server on Ubuntu by @sskaje: https://sskaje.me/2014/05/set-pppoe-server-ubuntu/

Incoming search terms:

ssh_exchange_identification: Connection closed by remote host

Google tells me that I am blocked because of something like /etc/hosts.deny or some other reason, I did everything but problem remains there.

Until I checked the audit.log and found there many attempts of ssh login.

So I add ListenAddress line in /etc/ssh/sshd_config, everything works well now.
This is because I have an local IP address like 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, but if I only have a public IP, I may choose to change ssh running at another port.

ssh_exchange_identification: Connection closed by remote host by @sskaje: https://sskaje.me/2014/05/ssh_exchange_identification-connection-closed-remote-host/

Mach-O Disable ASLR/PIE

ASLR, Address Space Layout Randomization

Address space layout randomization (ASLR) is a computer security technique involved in protection from buffer overflow attacks. In order to prevent an attacker from reliably jumping to a particular exploited function in memory (for example), ASLR involves randomly arranging the positions of key data areas of a program, including the base of the executable and the positions of the stack, heap, and libraries, in a process’s address space.

From http://en.wikipedia.org/wiki/Address_space_layout_randomization

Mach-O

Mach-O, short for Mach object file format, is a file format for executables, object code, shared libraries, dynamically-loaded code, and core dumps. A replacement for the a.out format, Mach-O offered more extensibility and faster access to information in the symbol table.

Mach-O was once used by most systems based on the Mach kernel.[citation needed] NeXTSTEP, OS X, and iOS are examples of systems that have used this format for native executables, libraries and object code.

http://en.wikipedia.org/wiki/Mach-O

There are several tools turning ASLR/PIE off, some of those need to be compiled. So I decided to write one in Python. Repository: https://github.com/sskaje/disable_aslr

Disable ASLR on jailbroken iPod Touch 4 with python installed from Cydia
Disable ASLR

Disable ASLR on OS X for iOS App
Disable ASLR on OS X for iOS App

https://developer.apple.com/library/mac/documentation/DeveloperTools/Conceptual/MachORuntime/Reference/reference.html

Mach-O Disable ASLR/PIE by @sskaje: https://sskaje.me/2014/05/mach-o-disable-aslr-pie/

Incoming search terms:

Few on DSA

I was looking into Jira’s licensing and chose to patch + keygen jars.

I extracted the public key from class file, base64 decoded and then printed details using openssl:

This is a (1024,160) L/N pair, key size 1024 bits and length of Q is 160.

from http://en.wikipedia.org/wiki/Digital_Signature_Algorithm I learnt:

Per-user keys
Given a set of parameters, the second phase computes private and public keys for a single user:

Choose x by some random method, where 0 < x < q. Calculate y = gx mod p. Public key is (p, q, g, y). Private key is x. There exist efficient algorithms for computing the modular exponentiations h(p–1)/q mod p and gx mod p, such as exponentiation by squaring.

y is the PUB above, x is what I want.

I googled some lines in the public key and found this http://www.herongyang.com/Cryptography/keytool-Export-Key-openssl-dsa-Command.html, keys in Jira and this blog shares a same P/G/Q.
As it’s said in that blog, his key pair is generated by ‘keytool’, which is a key and certificate management tool provided by Java http://docs.oracle.com/javase/6/docs/technotes/tools/solaris/keytool.html

So I made an experiment:

A new key with the same P/G/Q.

http://www.ecrypt.eu.org/documents/D.SPA.20.pdf

Few on DSA by @sskaje: https://sskaje.me/2014/05/dsa/

Incoming search terms:

SSL Certificates Updated

Free SSL from StartSSL.com, enough for basic usage.

To make certs working under nginx, just

And then

SSL Certificates Updated by @sskaje: https://sskaje.me/2014/05/ssl-certificates-updated/