Michael Rash
@michaelrash
Followers
763
Following
648
Media
3
Statuses
697
Creator of Single Packet Authorization for Zero Trust architectures, author of "Linux Firewalls: Attack Detection and Response" from No Starch Press.
Joined May 2009
RT @cperciva: A thought about the xz backdoor: The payload was very sophisticated -- anti-debugging measures, a NOBUS backdoor, etc -- whil….
0
40
0
The latest in Single Packet Authorization (SPA) is available in a new release of fwknop (2.6.11): SPA continues to see interesting applications in various network security contexts.
github.com
What's Changed Seed random() at least a bit before using random() by @khorben in #283 Fix two erroneous calls to strlcat() by @khorben in #284 Use execvp() instead of execvpe() by @khorben in ...
1
1
3
His comments on editing in particular resonated with me. Having a great editor makes a huge difference in the quality of a technical book even if there is a ton of (working) code.
0
0
1
Excellent interview with @billpollock, founder of @nostarch, entitled "How to Write a Cybersecurity Book":
delinea.com
With over two decades of experience in the publishing industry, Bill breaks down the journey from first draft to publication, and all of the many hurdles one has to overcome to bring a cybersecurity...
1
4
17
Prior to this post from Google Security, I would have been skeptical about putting Rust code directly into the Linux kernel, but this is a compelling argument:
security.googleblog.com
Posted by Wedson Almeida Filho, Android Team In our previous post , we announced that Android now supports the Rust programming language...
1
1
3
Hacker News thread on port knocking - Single Packet Authorization with fwknop is mentioned:
0
1
4
RT @termshark: termshark v2 is now available! It's faster, uses less RAM and features dark mode, piped input, stream reassembly and more. C….
termshark.io
0
18
0
RT @nostarch: It's another Humble Bundle! Pay what you want for over $700 of best-selling Linux, BSD, and Open Source titles to benefit the….
0
503
0
RT @aboutsecurity: @SANSDefense @SecurityMapper A8.9 Not sure it's a quickwin but I've started to see secure remote access solutions that c….
0
2
0
RT @taosecurity: Check out @termshark, a console UI for @WiresharkNews. It works even in a really old @Raspberry_Pi after downloading the c….
0
20
0
RT @disloops: Port Scan Attack Detector (PSAD) is the closest thing to an IDS that works on Raspberry Pi. Read how to set it up here:.https….
disloops.com
sysadmin and security
0
2
0
Excellent older series of articles on Linux namespaces:
lwn.net
The Linux 3.8 merge window saw the acceptance of Eric Biederman's sizeable series of user name [...]
1
0
3
My writeup on Wireguard on MacOS has been added to the excellent 'macOS Security and Privacy Guide':
github.com
Community guide to securing and improving privacy on macOS. - drduh/macOS-Security-and-Privacy-Guide
1
0
2
One of the most important aspects of the Wireguard VPN is it's stealthiness via UDP and no acknowledgements for unauthenticated data. I.e. you can't scan for it.
1
7
15
Using the @WireGuardVPN Linux kernel module from a VM on macOS: Includes a tool '.
github.com
Send all traffic from macOS through Wireguard running on a Linux VM - mrash/Wireguard-macOS-LinuxVM
1
1
3