Hi there. I'm Nick Brawn, a unix/security geek from Australia. This is my attempt at a webpage with some content. What you'll find here should be interesting if you like the subjects of unix (Solaris, BSD, Linux), security (both the whitehat and blackhat side), and programming (python, C). My day-job requires me to know a lot about this stuff, and some of what I do I can make available to the public, which I hope you find useful.
I can be contacted by emailing ncb at pobox dot com.
My resume is available in a cut-down version here. Please email me if you're interested.
Sidenote: The background image is from Yellow Dog Linux, the Linux distribution I run on my iBook alongside MacOS X. I'm quite a fan of the logo, so I figured I'd pinch it for use here. ;)
My background as a coder is pretty limited. I started mucking around with C coding around '97-98, back when I first got into Linux and FreeBSD. You needed to know enough about C in order to fix up dodgy Makefiles and poorly written code that refused to compile, or expected libraries in places where they weren't at.
[Trusted Path Execution // FreeBSD // C // Lost!!]
The first thing I wrote that I thought was pretty nice was a Trusted Path Execution module for FreeBSD, based on a linux version that Mike Schiffman (aka Route) had written for the hacker e-mag "Phrack". Unfortunately I have lost that code in-between several house and computer moves, so if anyone out there still has a copy please send it to me!
[Ethernet Spoofing // FreeBSD (3.0) // C // Available]
I also wrote another kernel hack for FreeBSD (based on the OpenBSD equivalent) that would enable ethernet address spoofing on FreeBSD 3.0. This isn't useful today, but you can get a copy of it in the Libnet 1.0 source distribution.
[Snippet // UNIX // C // Available]
Whilst at One.Tel and working on some spook stuff (think carnivore for Australia), I wrote a wimpy C program that would take "snapshots" of a growing log file (in my case it was a tcpdump bpf log.. getting the picture? *wink*) and put each snapshot of the new data into a separate file. You can get this program, called Snippet, here. It should work on most UNIX systems with a compiler (doesn't require anything fancy).
[ftpBackups // UNIX // Python // Available]
Recently I've been forcing myself to learn Python, and have written some useful
scripts for use at work. Whilst they aren't elegant masterpieces, they're
probably useful examples on some stuff you can do with Python. The program
ftpfiles demonstrates how you can read command line arguments in
Python, use the ConfigParser module to make using custom-config files a breeze,
using classes (for global variables), and the ftplib module is shown for
uploading files. This particular program I used to ftp backups (hence the name,
duh) every week to a central server. If only there was a mature ssh/scp module.
/sigh...
[JASS misc // Solaris 8 // Bourne // Available]
JASS is the Sun Solaris Security Toolkit, an equivalent to YASSP, which is an
organised collection of shell scripts intended to secure/harden a Solaris
machine based on Sun security guidelines. I wrote the following scripts to:
a) Remove crud from a default developer install of Solaris 8 (Xwindows, CDE,
Java, etc)
b) Remove setuid permissions from some default solaris programs
c) Remove setgid permissions from some default solaris programs
These are available as sol8-remove-packages.fin, sol8-remove-setuid.fin, and sol8-remove-setgid.fin. The documentation for a JASS 0.3 installation and using my scripts is available here.
[Silvertongue // UNIX // C // In Development]
A while back I wrote a patch for Libnet 1.0 to enable ICMP redirect spoofing. Included was sample code of how to use the function, which I named "silvertongue". This by itself did nothing, because for ICMP redirects to work, you need to include in the IP header a recent packet from the client you're trying to get tell to route through you.
Silvertongue v2 will be a working implementation of ICMP redirect spoofing. It
will incorporate three main functions:
a) ARP spoofing (stage 1, tells your target host that the gateway is you).
b) PCAP sniffer (stage 2, intercepts packets mistakenly directed to you because
of stage 1).
c) ICMP Redirect spoofer (stage 3, builds a valid ICMP redirect, incorporating
into the packet header a valid IP request from the target system).
This program will be useful for anyone doing security auditing (whitehat or blackhat) on a switched lan. The target system will end up routing all of its traffic through you. ;-)
[ParseCheckpointNG // UNIX // Python // In Development]
ParseCheckpointNG is a python module for parsing through objects.C and other checkpoint files for export into either an iptables, ipfilter, or ipfw rulebase. This will be useful for migrating an existing checkpoint installation across to an open-source (and thus free) firewall solution. Its possible because Checkpoint itself uses a high-level ASCII flat file for storing its rulebase.