Upgrade to Pro — share decks privately, control downloads, hide ads and more …

DJUGL June 2013

Sponsored · SiteGround - Reliable hosting with speed, security, and support you can count on.
Avatar for Kura Kura
July 17, 2013
Technology
0
140

DJUGL June 2013

Avatar for Kura

Kura

July 17, 2013
Tweet

Other Decks in Technology

See All in Technology
学生・新卒・ジュニアから目指すSRE
Avatar for Hiroya Onoe hiroyaonoe
2
640
FinTech SREのAWSサービス活用/Leveraging AWS Services in FinTech SRE
Avatar for maaaato maaaato
0
130
What happened to RubyGems and what can we learn?
Avatar for Mike McQuaid mikemcquaid
0
300
All About Sansan – for New Global Engineers
Avatar for Sansan, Inc. sansan33
PRO
1
1.4k
Oracle AI Database 移行・アップグレード勉強会 - RAT活用編
Avatar for oracle4engineer oracle4engineer
PRO
0
100
SREのプラクティスを用いた3領域同時 マネジメントへの挑戦 〜SRE・情シス・セキュリティを統合した チーム運営術〜
Avatar for coconala_engineer coconala_engineer
2
670
ブロックテーマ、WordPress でウェブサイトをつくるということ / 2026.02.07 Gifu WordPress Meetup
Avatar for Toro_Unit (Hiroshi Urabe) torounit
0
190
今日から始める Amazon Bedrock AgentCore
Avatar for Har1101 har1101
4
410
名刺メーカーDevグループ 紹介資料
Avatar for Sansan, Inc. sansan33
PRO
0
1k
SRE Enabling戦記 - 急成長する組織にSREを浸透させる戦いの歴史
Avatar for Masaki Ishigaki markie1009
0
130
Amazon Bedrock Knowledge Basesチャンキング解説!
Avatar for 野口碧生 aoinoguchi
0
150
超初心者からでも大丈夫!オープンソース半導体の楽しみ方〜今こそ!オレオレチップをつくろう〜
Avatar for Yamada3 keropiyo
0
110

Featured

See All Featured
Efficient Content Optimization with Google Search Console & Apps Script
Avatar for Katarina Dahlin katarinadahlin
PRO
1
320
Technical Leadership for Architectural Decision Making
Avatar for Kenny Baas-Schwegler baasie
2
250
Principles of Awesome APIs and How to Build Them.
Avatar for Keavy McMinn keavy
128
17k
Facilitating Awesome Meetings
Avatar for Lara Hogan lara
57
6.8k
AI Search: Implications for SEO and How to Move Forward - #ShenzhenSEOConference
Avatar for Aleyda Solis aleyda
1
1.1k
Building Experiences: Design Systems, User Experience, and Full Site Editing
Avatar for Michelle Schulp Hunt marktimemedia
0
410
Between Models and Reality
Avatar for mayunak mayunak
1
190
Sam Torres - BigQuery for SEOs
Avatar for Tech SEO Connect techseoconnect
PRO
0
190
Fight the Zombie Pattern Library - RWD Summit 2016
Avatar for Marcelo Somers marcelosomers
234
17k
Claude Code のすすめ
Avatar for schroneko schroneko
67
210k
Fantastic passwords and where to find them - at NoRuKo
Avatar for Phil Nash philnash
52
3.6k
Beyond borders and beyond the search box: How to win the global "messy middle" with AI-driven SEO
Avatar for David Carrasco davidcarrasco
1
55

Transcript

  1. Blackhole Kura | @kuramanga Yes, this presentation is deliberately digusting

    and brown. I am shit at making slides.

  2. What is Blackhole? • An async “fake” MTA • Built

    on the Tornado framework • Low disk I/O (high disk I/O with debug flag enabled)

  3. Uhh... Why? • Speed testing • Integration testing • Oh

    shit I need to test on a copy of live data but can't anonymise user content and don't want to accidentally send emails to users • Honey pot (Nectar suite)

  4. Using Blackhole • Using blackhole.io service via raw SMTP or

    sending an email to <name>@blackhole.io • Running your own blackhole server just like you would Postfix, Exim etc

  5. Here be dragons (the debug flag is dangerous)

  6. [08A6002A19] RECV: EHLO [hel.kura.io] [08A6002A19] SEND: 250-2.5.0 OK, done [08A6002A19]

    SEND: 250-SIZE 512000 … [08A6002A19] RECV: MAIL FROM:<[email protected]> size=64 [08A6002A19] SEND: 250 2.5.0 OK, done [08A6002A19] RECV: RCPT TO:<[email protected]> [08A6002A19] SEND: 250 2.5.0 OK, done [08A6002A19] RECV: DATA [08A6002A19] SEND: 354 3.5.4 Start mail input; end with <CRLF>.<CRLF> [08A6002A19] RECV: From: <[email protected]> [08A6002A19] RECV: To: <[email protected]> [08A6002A19] RECV: Subject: Test [08A6002A19] RECV: [08A6002A19] RECV: gwergerg [08A6002A19] RECV: . [08A6002A19] SEND: 251 2.5.0 OK, done [08A6002A19] RECV: QUIT [08A6002A19] SEND: 221 2.2.1 Thank you for speaking to me

  7. PyPy • Works well with PyPy 1.9 and 2.0 •

    Performance improvements of blackhole.io of 1000% over time • Caveat: a bug somewhere that causes the process to crash on PyPy 2.0 when daemonizing... Works if daemon.start() is disabled. No clue why, need to fix.

  8. Nectar (dev/planned) • Honey pot suite, split in to 5

    components • Nectar-MTA – based on Blackhole, logs all incoming/outgoing connections + data • Nectar-SSH – Kippo-like SSH honeypot, brute force logging, fake Linux environment, shell logging • Nectar-Web – Web honeypot, exposes XSS and SQL injection vulns, logs all requests and exploit attempts • Nectar-GUI – web-based GUI for viewing and graphing data

  9. [Taylor Placeholder]

  10. [Taylor Placeholder]

  11. [Taylor Placeholder]

  12. Questions

  13. Linkies • http://blackhole.io • https://github.com/kura/blackhole • http://nectar.blackhole.io • @kuramanga •

    http://git.io/kura • [email protected]

  14. fin