Random Numbers, IPv6, RDP/RDS, Huge Pages
Random Numbers, IPv6, RDP/RDS, Huge Pages
- Random Numbers - It's really nice that Linux allows random data updates by users of the system. So you can fetch data from HotBits, Random.org, Cloudflare's drand or from ANU Quantum Random Number Server add it to the random pool of the system, if and when high quality random numbers are required. Also the SoloKeys provides hardware random number generator, which can be used to generate True Random Numbers (TRNG) to update the system pool. One simple way is to just setup cron job, which gets random data and pushes it in the pool every now and then, form all of these sources. - All this also made me think about really simple solution, unfortunately I don't have any extra alpha radiation sources, I did dump my old fire alarms. But stripping CCD USB camera from it's casing, and removing anything in front of the sensor which would be enough to block alpha-particles and then placing the Americium radiation source on the CCD detector should work. That would also produce true randomness easily and very cheaply using old scrap stuff. Also wondered if SoloKeys TRNG can be used as /dev/hwrng. After thinking a while, I thought that maybe mirrors, suitable lighting and cloud chamber would create even better results than Geiger counter / direct observation using CCD. Cloud chamber is something which is so simple, yet extremely cool. Yet I haven't ever heard anyone using that solution. It's also very interesting how good eye is at spotting bad random numbers. One random bytes server was delivering bit strange results. After analyzing the outputs, I found out that the output distribution was way bad. But it's great that human pattern matching was able to detect that from a bunch of outputs. First just that feeling that something is bit off, this shouldn't be happening.
- Sometimes IPv6 routing is so bad, that it's not a good idea to use it. But how to maintain IPv6 connectivity while preferring IPv4? With Windows there are two good options. Either set prefix policy which makes IPv6 address precedence lower than IPv4 address. Or set registry key DisabledComponents in path hklm\system\currentcontrolset\service\tcip6\parameters with value 20 (hex) or 32 in decimal. All these options allow dual stack sites to be accessed from dual stack computers / systems by preferring IPv4 over IPv6. Before getting mad that it isn't working. Read this: "You must restart your computer for these changes to take effect." The Windows way of doing things. Also see KB929852. Interestingly that didn't work out. IPv6 is still preferred, even after boot. Strange. Anyway, changing routing preferences does work. Just run "netsh interface ipv6 add prefixpolicy your:prefix:here::/mask 3 6" and it does work immediately and well, even without need to booting the system.
- I started to investigate bad routing and found few AS's announcing fake IP addresses aka bogons. Of course due to misconfigurations many have also seen Martian packets.
- Oh joy, more RDP / RDS vulnerabilities in Windows. Soon we've got classic situation, where you connect computer to network to download updates, and system is hijacked much faster than you can get it updated. Oh the good old times. kw: CVE-2019-1181, CVE-2019-1182, CVE-2019-1222 and CVE-2019-1226
- Found out that the huge pages seem to statically reserve memory for huge pages, which isn't directly available for normal pages. Strange. Didn't expect that to happen. I would have expected that free memory can be allocated as normal and as huge pages dynamically when necessary, but it turned out that what you think, doesn't matter. Truth may be different. Well to be honest, I don't have any real use for huge pages with current system configuration & software.
2020-09-06