Chủ Nhật, 26 tháng 11, 2023

BPF - the forgotten bytecode

 Every once in a while I run into an obscure computer technology that is a hidden gem, which over the years has become mostly forgotten. This is exactly how I feel about the tcpdump tool and its kernel counterpart the packet filter interface.For example, say you run:$ tcpdump -ni eth0 ip and udp and port 53 For most of us this command is pure magic, almost nobody understands what happens behind the scenes. This...
Read More
Người đăng: vào lúc Không có nhận xét nào:

BPF Tools

 CloudFlare is open sourcing the tools we've created to generate and deploy BPF rules.The CodeOur BPF Tools are now available on the CloudFlare Github: https://github.com/cloudflare/bpftoolsFor installation instructions review the README, but typing make should do most of the work:$ git clone https://github.com/cloudflare/bpftools.git $ cd bpftools $ make The BPF Tools repository contains a number of...
Read More
Người đăng: vào lúc Không có nhận xét nào:

DNS PCAP and BPF

 DNS most interesting protocol can be analyzed using some packet filters that can help you look at and analyze various types of DNS packets on the network.  In this blog, I am compiling a list of these to summarize the ones I have discovered as useful for analyzing DNS packets.  The examples are relevant to UDP DNS which is...
Read More
Người đăng: vào lúc Không có nhận xét nào:
Đăng ký: Bài đăng (Atom)