ietf – Through out the tunnel

Tag: ietf

IETF 101 Hackathon by the Hackers.mu team

03/24/2018 tunnel1234 Add Comment

“We believe in rough consensus and running code” – Just have a look at the IETF website, this is the motto that you would come across. This is why the IETF hackathons are so special during the year and hackers.mu team is proud to be the first team in Mauritius who does not only participate in such type of event but also lead the TLS working group. The IETF 101 hackathon was yet another challenge for the hackers.mu team. But, once you are in, the fun begins. Compared to the IETF 100 hackathon, hackers.mu team made an improvement in terms of lines of codes and focused on more projects. We participated remotely in projects such as TLS 1.3, DNS, and HTTP 451. A wiki was also created during that event.

We used Jabber to communicate for the IETF 101 hackathon. Other media such as Facebook was found out to be interesting. I should admit that on Friday and Saturday I went to sleep at 02.00 AM with just the testing part completed. At 23:00 hrs, Logan was asking everyone to go to sleep as we needed more energy on the next day. Selven was also working hard remotely to bring all members on track. What is more relieving is the team spirit where everyone was helping each other during that hackathon.

One of the interesting issues noticed is about TLS malformed traffic and such thing was able to be detected using Wireshark. Once the patches were ready and the testing part was working fine, we made a debrief at Flying Dodo beer brewing company at Bagatelle Mall and was ready submit patches to their respective projects. I was assigned the “Stunnel” project and a library in “Eclipse Paho”.

Debriefing at Flying Dodo accompanied with beer and some fries

After the debriefing, Logan was getting ready for his remote presentation at the IETF. We all went through the slides that logan created and went back home happily to see the presentation live on YouTube.

Special thanks goes to the IETF Organising team for having us as Technology Champions! Nick Sullivan head of cryptography expert at CloudFlare, Charkes Eckel, Barry Leiba, Meetecho team, Cisco for sponsoring the event and the all members of the hackers.mu team which made this hackathon a success in the world history of Mauritius.

Other’s are also talking about the IETF 101 hackathon ?

“I had initially started a bit slow, as I was working on other projects in parallel. Everyone was already deeply immersed in their projects, we could see PRs and code merges flying right from the first day.” – Codarren Velvindron

“It seems that I am not the only one who feels that this hackathon was really addictive. we were hooked the moment we started working out on our tasks.” – Pirabarlen Cheenaramen

“Developers working with OpenSSL can finally start to work with TLS 1.3, thanks to the alpha version of OpenSSL 1.1.1 that landed yesterday.” – TheRegister

“I think that you guys have more better weather and more fun that we did” – Charles Eckel

“The DNS madness: 185 RFCs totaling 2781 pages. Hello DNS security flaws ” – Loganaden Velvindron

“hackers.mu pioneering the internet! We made it to IETF 101 hackathon with our team members getting featured in front of thousands, followed by a round of applause by IETF members in London. Congratulations guys, we did it again!” – Yasir Auleear

“IETF Hackathons encourage developers to collaborate and develop utilities, ideas, sample code and solutions that show practical implementations of IETF standards. The IETF Hackathon in London on 17-18 March is poised to be the largest ever.” – IETF

In case you are asking yourself, “who are the hackers.mu ?” You can consider is as “a group of developers from Mauritius who loves to code and are passionate about information security.” More information at https://www.hackers.mu

Uncategorized hackathon, hackers.mu, ietf

IT and Internet Users of Dodoland by hackers.mu

11/19/2017 tunnel1234 Add Comment

Since the split of the Linux community in Mauritius, hackers.mu was born. A new vision and objectives were the foundation of the hackers.mu core group. Our aim is to reach more people who will code in softwares that are used worldwide. The hackers.mu family kept growing. Today, we have brought more members in the hackers.mu community and right now, there is a boom in this group. Additionally, people from various part of the world wants to be part of the group, as seen on our Facebook group. Hackers.mu has been hosting live video streams on YouTube to bring together more people willing to learn and share in the community.

Just chill. Let me get back to the title of this blog – IT and Internet Users of Dodoland! On Saturday, the 18th of November 2017, I was at the University of Mauritius together with Logan. We were joined by Yash Paupiah and Jagveer Loky. A presentation was carried out on “Introduction to Github” and the launch of the Mailing List called the “IT and Internet Users of Dodoland”. During the presentation, Logan brushed over the importance of having a Github account as well as sharing one’s code on it.

Presentation by Logan at the University of Mauritius

Intro to github_uom by hackers.mu from loganaden

An example is to publish one’s assignment by a student. This acts as a catalyst for the academic development of the student. Today, companies will usually search the Github account of people, including Mauritians before recruiting them. Students were encouraged to create their Github accounts and even a blog. Then, we discussed about the achievement in the IETF 100 Hackathon. Logan took an example of Yash Paupiah’s who did some scripting two years back and now sending patch in the open source community. For example, the patches about TLS 1.3 during the IETF 100 Hackathon. At the end of the session, we announced the creation of the Mailing List “IT and Internet Users of Dodoland”. Jagveer Loky from the hackers.mu community was chosen to be the moderator of the mailing list. He will ensure the proper and smooth running of the mailing list.

At the University of Mauritius

At the end of the presentation, we had conversations with the students who were interested in topics such as OpenSSH, MVC, Java Programming, and MongoDB. Notes were taken to focus on these topics in the days to come. Then, we headed to Flying Dodo Bagatelle to celebrate the launch of the new mailing list by the hackers.mu team.

Celebrating with beer and pizza at Flying Dodo Bagatelle

We also had a video stream, where we were joined by other people from the hackers.mu community who came forward asking questions about the IETF 100 Hackathon and on several aspects of TLS1.3. Jagveer shoot a question as to whether people knew about the IETF in Mauritius. Of course, many knows about the IETF, but at what level is the contribution? As a technical guy, merely watching what’s going on at an IETF Hackathon does not make sense but instead contributions should be carried out in terms of codes to make the OpenSource community more rigid.

Video Stream from Yesternight

At hackers.mu, we kept on innovating to transmit the messages through the internet as well as on the ground. Weeks back, we were also at the University of Mauritius where we met Yashtir Gopee who is a passionate of robotics and Artificial Intelligence. He also joined the hackers.mu community and is willing to join the “IT and Internet Users of Dodoland” Mailing List.

Yashtir and Logan

Indeed, we have come a long way since the creation of hackers.mu. In such short time, we have been able to meet our objectives and we are continuing towards innovations and quality work in the group. I am looking forward that people make good use of the Mailing List and bring forward their issues as well as their contributions. Click to join the Mailing list.

MeetUps and Presentations hackathon, hackers.mu, ietf

IETF 100 hackathon on TLS 1.3 by hackers.mu

11/13/2017 tunnel1234 Add Comment

Some days back, The Register mentioned about hackers.mu preparing for IETF100 hackathon. Hooray! Yeah we did it and the hard work finally paid off thanks to the core team and the whole of hackers.mu team. After registering on the IETF – Internet Engineering Task Force website, the hackers.mu team set itself on the TLS1.3 API source code. We were all focused on the OpenSSL codes.

Once in our office, we set up the network and our equipment. Check out logan’s blog to have an idea how things went on. That’s true we struggled in the beginning, but finally we could see the light at the end of the tunnel. Patience and patience is all what you need and a calm mind to study how things are in the code. The testing was then carried out to confirm the beauty of the TLS 1.3 codes in our chosen projects. You can also view the TLS tutorial which explains the objectives of TLS1.3. For example: Mitigation of pervasive monitoring.

Here are some hints about the security from TLS1.3

RSA key was removed.
Stream ciphers was reviewed.
Removal of compressed data mechanism which was able to influence which data can be sent.
Renegotiation was removed.
SHA1 and Block ciphers were removed.
Use of modern cryptography like A-EAD.
Use of modern key such as PSK.

For more details see this blog from OpenSSL. We were also working together with the TLS team in Singapore which was lead by Nick Sullivan, champion at the IETF TLS hackathon.

After the IETF Hackathon, it was announced publicly about the good job done by the hackers.mu team on the IETF channel.

The team at the beach 🙂

More links :

PS: Any more links related to IETF Hackathon TLS 1.3 let me know, I will add it here!

TLS 1.3 hackathon objectived by Nick Sulliman
IETF presenting remote participants
Day 0 – IETF TLS 1.3 Hackathon by Logan
Day 1 – IETF TLS 1.3 Hackathon by Logan
Introducing TLS 1.3 by Cloudflare

Feel free to join the hackers.mu community group on Facebook and follow us on our hackers.mu Twitter account.

Linux Application, MeetUps and Presentations, Security hackathon, hackers.mu, ietf, OpenSSL, TLS1.3

ISOC IETF session & Side conference at AFRINIC-25

12/01/2016 tunnel1234 Add Comment

AFRINIC-25 was held at Sofitel Imperial Resort & Spa in Mauritius this year from 25th to 30th of November 2016. Members of hackers.mu were proud to be present during the ISOC IETF session. Logan, who is also a member of hackers.mu introduced me to Kevin G. Chege of ISOC who was leading the meeting. There were several topics tossed on technical IETF standards at the workplace by Padma Pillay-Esnault of Huawei and afterwards Yash Paupiah of hackers.mu, a student at the University of Mauritius, gave a brief overview of tasks accomplished during his security audit of open source applications.

I made a short introduction on OpenSUSE as an OpenSUSE advocate and laid emphasis on the challenges of the OpenSUSE community in terms of code contribution. Also, a brief overview of the OpenSUSE insfractructure, the open build service, the visualization platform and factory develoment at OpenSUSE.

One of the contributions made during the hackers.mu hackathon – Operation SAD – Search and Destroy where codes were contributed to Monit – An opensource utility for proactive monitoring. It can conduct automatic maintenance and repair. What is most interesting during the hackathon is the deprecation of SSLv3 in Monit.

More details were shed on the spreading of the disease called SSLv3. There are many developers still importing Monit as secondary tools on their application. A live example where Github repos are infected with SSLv3 where same need to be removed to mitigate attacks. The RFC 7568 (Thanks to the TLS working group) – which was applied during the course of the hackathon was taken as example as well as the methodology and application of the SDLC – Software Development Life Cycle standards during the hackathon.

Slide during the IETF meeting

An open discussion among participants and audience was then carried out. The aim is to have each one to share their concerns and initiative to reach their goals. As regards to me, i laid emphasis that IETF materials should not only reach University students, but also other individuals who have the skills and know-how and ready to learn for the betterment of Africa and Mauritius. Hackathons were proposed to be carried out at international level under the umbrella of the IETF – Internet Engineering Task Force.

I would also sincerely thank the ISOC, AFRINIC and sponsors for making this event a successful one.

Some pictures here:

afrinic-25

MeetUps and Presentations ietf, isoc

Anatomy of a simple dig result

11/08/2015 tunnel1234 Add Comment

The ‘dig’ (Domain Information Gropper) command is one of the tool which is frequently used to troubleshoot DNS and BIND configurations. Its main purpose is to perform DNS lookups and query DNS servers. Though the subject is vast, i decided to blog some DNS stuffs under the ‘Bind and DNS tools’ category which i just created. I will keep on updating this article as i keep on finding interesting dig commands.

Lets analyze the result from a simple dig google.com. You would have a result similar to this one (In green). By default dig perform query A record when launched without any arguments.

1.I made a dig google.com on my linux terminal

[[email protected] ~]# dig google.com

2. The header section starts here. Several files in /etc/ld.so.* is being read and the dig command will also launch a uname with the argument sys and node. The uname is already inbuilt in the code of the dig command. It then reads the /etc/resolv.conf

; <<>> DiG 9.9.4-RedHat-9.9.4-18.el7_1.5 <<>> google.com

3. The ;; global options: +cmd is referred to the default arguments sets by dig to use only the the +cmd variables. The opcode value is always static. The status is to inform us if any error occurred during the query. Each query is also associated with an id number ( ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35133).

The flags qr (query response), rd (recursion desired) and ra (recursion available) are also information retrieved from the DNS header. As per the IETF RFC1035, when a dig with the default arguments is performed it will flag the qr, rd, ra and when the bit is 1 its a response and 0 for a query. Therefore ‘qr’ appears as 1

The ANSWER:2 is the numbers of answers received in the Answer section, same for QUERY, AUTHORITY and ADDITIONAL.

 ;; global options: +cmd
 ;; Got answer:
 ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35133
 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

4. The “question section” is what you are querying for. In this case, a dig has been done on the A record. An A record simply means Adress i.e; the address associated with the website. We have several DNS records types which i will elaborate in future articles.

;; QUESTION SECTION:
 ;google.com.            IN    A

5. The number 173 is the TTL (Time To Live), IN refers to Internet i.e the class in which it is. TTL is a 32 bit signed integer which correspond to the time interval a record can be cached before the information is again queried. A TTL zero is used for extremely volatile data.

To resume we read it as follows: Google.com has a 173 seconds Time To Live on the Internet with the IP Address 74.125.226.168

;; ANSWER SECTION:
 google.com.        173    IN    A    74.125.226.168
 google.com.        173    IN    A    74.125.226.162

6. This section acts like a stat section. Information is given about the time it takes to query. The server IP address i.e; 4.2.2.1 and the port number 53 which is associated with it. The date and finally the message size received is 204 bytes.

;; Query time: 22 msec
 ;; SERVER: 4.2.2.1#53(4.2.2.1)
 ;; WHEN: Sun Nov 08 01:19:23 EST 2015
 ;; MSG SIZE  rcvd: 204

More analysis can be performed by launching a strace in front of a dig command. The RFC 1035 is also of great help. You can also check out the Internet System Consortium (ISC) website for more details.

Tips:

dig -t MX google.com will show you in the list of MX records in the ‘Answer Section’
A dig result is compose of only 5 parts i.e; Header, Question (question for the name server), Answer (resource records answering the question ), Authority (resource records pointing towards an authority) and Additional (resource records holding additional information).
To filter information from a default dig command you can use dig google.com +nocomments +noauthority +noadditional +nostats which will give you only the answer. With an additional +noanswer wont give you anything.
However, the reverse way to filter dig results with a specific answer can be dig google.com +noall +answer will give you only the answer section.

Bind and DNS tools bind, ietf