Upgrade to Pro — share decks privately, control downloads, hide ads and more …

DJUGL June 2013

Kura
July 17, 2013
Technology
0
120

DJUGL June 2013

Kura

July 17, 2013
Tweet

Other Decks in Technology

See All in Technology
あの日俺達が夢見たサーバレスアーキテクチャ/the-serverless-architecture-we-dreamed-of
tomoki10
0
510
組み込みアプリパフォーマンス格闘記 検索画面編
wataruhigasi
1
170
小学3年生夏休みの自由研究「夏休みに Copilot で遊んでみた」
taichinakamura
0
190
【令和最新版】ロボットシミュレータ Genesis x ROS 2で始める快適AIロボット開発
hakuturu583
1
210
UI State設計とテスト方針
rmakiyama
3
830
Yahoo! ズバトクにおけるフロントエンド開発
lycorptech_jp
PRO
0
100
株式会社ログラス − エンジニア向け会社説明資料 / Loglass Comapany Deck for Engineer
loglass2019
3
32k
LINEヤフーのフロントエンド組織・体制の紹介【24年12月】
lycorp_recruit_jp
0
560
[トレノケ雲の会 mod.13] 3回目のre:Inventで気づいたこと -CloudOperationsを添えて-
shintaro_fukatsu
0
110
サーバーなしでWordPress運用、できますよ。
sogaoh
PRO
0
130
2024年にチャレンジしたことを振り返るぞ
mitchan
0
150
Microsoft Azure全冠になってみた ~アレを使い倒した者が試験を制す!?~/Obtained all Microsoft Azure certifications Those who use "that" to the full will win the exam! ?
yuj1osm
2
120

Featured

See All Featured
What’s in a name? Adding method to the madness
productmarketing
PRO
22
3.2k
Docker and Python
trallard
42
3.2k
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
356
29k
Product Roadmaps are Hard
iamctodd
PRO
50
11k
Code Review Best Practice
trishagee
65
17k
Speed Design
sergeychernyshev
25
680
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
1
110
StorybookのUI Testing Handbookを読んだ
zakiyama
27
5.4k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
6
460
No one is an island. Learnings from fostering a developers community.
thoeni
19
3k
How STYLIGHT went responsive
nonsquared
96
5.2k
VelocityConf: Rendering Performance Case Studies
addyosmani
326
24k

Transcript

  1. Blackhole Kura | @kuramanga Yes, this presentation is deliberately digusting

    and brown. I am shit at making slides.

  2. What is Blackhole? • An async “fake” MTA • Built

    on the Tornado framework • Low disk I/O (high disk I/O with debug flag enabled)

  3. Uhh... Why? • Speed testing • Integration testing • Oh

    shit I need to test on a copy of live data but can't anonymise user content and don't want to accidentally send emails to users • Honey pot (Nectar suite)

  4. Using Blackhole • Using blackhole.io service via raw SMTP or

    sending an email to <name>@blackhole.io • Running your own blackhole server just like you would Postfix, Exim etc

  5. Here be dragons (the debug flag is dangerous)

  6. [08A6002A19] RECV: EHLO [hel.kura.io] [08A6002A19] SEND: 250-2.5.0 OK, done [08A6002A19]

    SEND: 250-SIZE 512000 … [08A6002A19] RECV: MAIL FROM:<[email protected]> size=64 [08A6002A19] SEND: 250 2.5.0 OK, done [08A6002A19] RECV: RCPT TO:<[email protected]> [08A6002A19] SEND: 250 2.5.0 OK, done [08A6002A19] RECV: DATA [08A6002A19] SEND: 354 3.5.4 Start mail input; end with <CRLF>.<CRLF> [08A6002A19] RECV: From: <[email protected]> [08A6002A19] RECV: To: <[email protected]> [08A6002A19] RECV: Subject: Test [08A6002A19] RECV: [08A6002A19] RECV: gwergerg [08A6002A19] RECV: . [08A6002A19] SEND: 251 2.5.0 OK, done [08A6002A19] RECV: QUIT [08A6002A19] SEND: 221 2.2.1 Thank you for speaking to me

  7. PyPy • Works well with PyPy 1.9 and 2.0 •

    Performance improvements of blackhole.io of 1000% over time • Caveat: a bug somewhere that causes the process to crash on PyPy 2.0 when daemonizing... Works if daemon.start() is disabled. No clue why, need to fix.

  8. Nectar (dev/planned) • Honey pot suite, split in to 5

    components • Nectar-MTA – based on Blackhole, logs all incoming/outgoing connections + data • Nectar-SSH – Kippo-like SSH honeypot, brute force logging, fake Linux environment, shell logging • Nectar-Web – Web honeypot, exposes XSS and SQL injection vulns, logs all requests and exploit attempts • Nectar-GUI – web-based GUI for viewing and graphing data

  9. [Taylor Placeholder]

  10. [Taylor Placeholder]

  11. [Taylor Placeholder]

  12. Questions

  13. Linkies • http://blackhole.io • https://github.com/kura/blackhole • http://nectar.blackhole.io • @kuramanga •

    http://git.io/kura • [email protected]

  14. fin