Monthly Archives: January 2014

How I use autossh

autossh is nice little program that will auto restart ssh connections when they drop
This is extremely useful if you use ssh-tunnels a lot.

  • autossh is a program to start a copy of ssh and monitor it, restarting it as necessary should it die or stop passing traffic. The idea is from rstunnel (Reliable SSH Tunnel), but implemented in C.
  • Connection monitoring using a loop of port forwardings or a remote echo service.
  • Backs off on rate of connection attempts when experiencing rapid failures such as connection refused.

I have my raspberrypi at home using autossh to do a remote port foward of ssh to my server.

 

To set this up I created an account on my server I just for tunneling.
User called tunnel with the shell set to /bin/false
On the rpi I generated ssh-keys (with no password)

Toss the public key into the tunnel account of the remote servers  ~/.ssh/authorized_keys

now test it with out auto ssh:

root@rpi:~# ssh -N -R 3333:localhost:22 tunnel@server
the -N is for no shell; the -R is forwarding the rpi’s ssh’d to your remote server on port 3333
now from the server you can do  ssh user@localhost -p 3333   and login :D

 

Now for autossh!
i use autossh in cron; not _sure_ if that’s how its meant to be used… but it works very nicely
as roots , crontab -e
*/1 * * * * autossh -M 20001 -R 3333:localhost:22 -N tunnel@server
this will check the tunnel every minute, and if its not up it will bring it up

 

 

Its like a lazy mans vpn! :D

Shmoocon 2014 slides I’ve found

 Still being updated

Friday, January 17, 2014
Time One Track Mind
1230 Registration Opens
1430 Opening Remarks, Rumblings, and RantsBruce Potter
1530
Attacker Ghost Stories: Mostly Free Defenses That Give Attackers Nightmares
Mubix “Rob” Fuller
<–SLIDES–>
1600
The Evolution of Linux Kernel Module Signing
Rebecca “.bx” Shapiro
<–SLIDES–>
1630
How Hackers for Charity (Possibly) Saved Me a Lot of Money
Branden Miller and Emily Miller
1700
CCTV: Setup, Attack Vectors, and Laws
Joshua Schroeder and Spencer Brooks
1730
Security Analytics: Less Hype, More Data
Aaron Gee-Clough
1800
Dissipation of Hackers in the Enterprise
Weasel
1830 Keynote AddressPrivacy Online: What Now?Ian Goldberg
1945 Fire Talks
Saturday, January 18, 2014
Time Build It! Belay It! Bring it On!
0930 Registration Opens
1000
Genuinely “Trusted Computing:” Free and Open Hardware Security Modules
Ryan Lackey

Introducing DARPA’s Cyber Grand Challenge
Mike Walker

Technology Law Issues for Security Professionals
Shannon Brown
1100
Malicious Threats, Vulnerabilities, and Defenses in WhatsApp and Mobile Instant Messaging Platforms
Jaime Sanchez and Pablo San Emeterio
<–SLIDES–>

Unambiguous Encapsulation – Separating Data and Signaling
Dominic Spill and Michael Ossmann

I Found a Thing and You Can (Should) Too: ISP’s Unauthenticated SOAP Service = Find (Almost) All The Things!
Nicholas Popovich
1200
SafeCurves: Choosing Safe Curves for Elliptic-Curve Cryptography
Daniel J. Bernstein and Tanja Lange
<–SLIDES–>

A Critical Review of Spatial Analysis
David Giametta and Andrew Potter

Arms Race: The Story of (In)-Secure Bootloaders
Lee Harrison and Kang Li
1300 Lunch Break
1400
Controlling USB Flash Drive Controllers: Expose of Hidden Features
Richard Harman
<–SLIDES–>

Data Whales and Troll Tears: Beat the Odds in InfoSec
Davi Ottenheimer and Allison Miller

Syncing Mentorship Between Winners And Beginners
Tarah Wheeler Van Vlack and Liz Dahlstrom
1500
0wn the Con
The Shmoo Group

Operationalizing Threat Information Sharing: Beyond Policies and Platitudes
Sean Barnum and Aharon Chernin

The NSA: Capabilities and Countermeasures
Bruce Schneier
1600
AV Evasion With the Veil Framework
Christopher Truncer, Will Schroeder, and Michael Wright
<–SLIDES–>

The “Science of Cyber” and the Next Generation of Security Tools
Paulo Shakarian

How to Train your Snapdragon: Exploring Power Frameworks on Android
Josh “m0nk” Thomas
<–SLIDES–>
1700
ADD — Complicating Memory Forensics Through Memory Disarray
Jake Williams and Alissa Torres
<–SLIDES–>

Timing-Based Attestation: Sexy Defense, or the Sexiest?
Xeno Kovah, Corey Kallenberg, and John Butterworth

LTE vs. Darwin
Hendrik Schmidt and Brian Butterly
1815 Fire Talks
2015 Saturday Night Party @ The Hilton, International Center Ballroom
Paul and StormDJs: Keith Meyers, Zack Fasel, and Erin Jacobs
Sunday, January 19, 2014
Time Build It! Belay It! Bring it On!
0930 Registration Opens
1000
An Open and Affordable USB Man in the Middle Device
Dominic Spill

“How I Met Your Mother” or The Brief and Secret History of Bletchley Park and How They Invented Cryptography and the Computer Age
Benjamin Gatti

Malicious Online Activities Related to the 2012 U.S. General Election
Joshua Franklin, Robert Tarlecki, Matthew Jablonski, and Dr. Damon McCoy
<–SLIDES–>
1100
unROP: A Tool for In-Memory ROP Exploitation Detection and Traceback
Kang Li, Xiaoning Li, and Lee Harrison

Raising Costs for Your Attackers Instead of Your CFO
Aaron Beuhring and Kyle Salous
<–SLIDES–>

Vehicle Forensics – The Data Beyond the Dashboard
Courtney Lancaster
1200
Introducing idb – Simplified Blackbox iOS App Pentesting
Daniel A. Mayer
<–SLIDES–>

Practical Applications of Data Science in Detection
Mike Sconzo and Brian Wylie

You Don’t Have the Evidence
Scott Moulton
1300 Room Split Break
1330 Closing PlenaryLarge Scale Network and Application ScanningBruce Potter (moderator), Robert David Graham, Paul McMillan, Dan Tentler, and Alejandro Caceres
1430 Closing Remarks