[ news ]   [ Nmap/Ncrack ]   [ projects ]   [ papers ]   [ netsec ]   [ about ]   rss
--- [ About ] ---

whois ithilgore:

Greetings, I am ithilgore, a computer security and low level networks enthusiast. I am mainly interested in gathering knowledge about network internals and mastering the art of network exploration and exploitation. The field of protocol implementation is one of my primary concerns, since it acts as the basis to comprehend what is happening behind the scenes. We have all seen that new threats are discovered every day on the application level, but none are as serious as the flaws found in the protocols that the whole structure of the internet is based upon. Unpredictable end cases are certainly lying even in the most secure of implementations, since the complexity involved does not often allow even the creator to take every single unimaginable bug into account. This is where the big journey of exploring and exploiting these holes begins. I am currently studying the implementation of TCP/IP with the guidance of the Stevens tomes (mainly TCP/IP Illustrated, Volume 2:The Implementation) and messing with the kernel net sources of FreeBSD and Linux. You can contact me in a way similar to this: 

		#define addr "ithilgore.ryu.L"
		#define dom "gmail"
		int s = socket(AF_INET, SOCK_DGRAM, 0);
		struct sockaddr_in ithaddr;
		buf[26]; 
		strlcpy(buf, addr, 16);
		strlcat(buf, dom, sizeof(buf));
		inet_pton(AF_INET, buf, &ithaddr.sin_addr);
		...

	-----BEGIN PGP PUBLIC KEY BLOCK-----
	Version: GnuPG v1.4.9 (GNU/Linux)

	mQGiBElIY7sRBACQi8uFTROxdb/RVB1IDxVW0BS3ySqtVVXJ9YWuKNHcD92S9+DH
	RnwS5EjyQUin0rPU+9b4FDUdKEltSNWiU/AKIZ5/OryIOKCZoT+TPYXbD9y6s3CZ
	BCKs2BZU2y6qsgzumglgmyHctySlq9vkMblzCHG7K5qi9XELeFMdSuxVIwCg0+96
	rOofNi0yQX93Id69i7TyTWED/1qsHfaabyR/sqQ9xe5bDgTQBxBDBljof/BrV3rV
	oCg3ZIPmL6Fxkya44/MLfC1vNQT2hBr8GCIEGeYcYLDulkAMHYd00N4ID6KsNcI6
	kMBkBszMy0Dhdiru6DlitD0anAZauQwTOL8/uT+au818njPSRb15oEajMhUuB6Ey
	/DWlA/9OdAh62pbXy/lbpN/wyaCmt4p3cf339oQIj7EQgu6PT+8aOgQhOJO5QKgN
	j7b0kz3m4yDpRd0aqBe2n9/QlLBKPnVd7/RbjuHxVAsWHETeP6b2zVeXx5bfywSd
	AiHLmJ3d7WN35QZfYWTbnnsfj+ZT7bExuEIBDlUnOPGz2n+Dw7QpaXRoaWxnb3Jl
	IDxhZHZlbnQuY2xvdWQuc3RyaWZlQGdtYWlsLmNvbT6IZgQTEQIAJgUCSUhjuwIb
	IwUJCWYBgAYLCQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJEFzr31nDAtMXRfgAnRJo
	PhnpOsc7u0tHi98Zh+4o9JUpAJ9nwPhJVG0WINDXPx9YgmG0P3fmL7QlaXRoaWxn
	b3JlIDxpdGhpbGdvcmUucnl1LkxAZ21haWwuY29tPohmBBMRAgAmBQJJSGVWAhsj
	BQkJZgGABgsJCAcDAgQVAggDBBYCAwECHgECF4AACgkQXOvfWcMC0xd+jgCfQUft
	Iiex8B4GEpMGLyTL00FvKs4AnjYd0w/VHgKTOmCxFM18ruHpW06+uQINBElIY7sQ
	CAClWE6o6kkkNoWZxS29w2rqcJCf/8QqB60DFYggpQoz+tddW5zb2IxqJ/rAp6/J
	uBTPNKuIv5aXRVSrYOhxDKS4/YfRWd/lYVHFG4TI8EKeEkp21IDyWYo6KUzGNIPm
	BykbTrjfdplG36cFPz00h/H49p65MbFDK8OPBJPs2tF+Z8ZM+lSrJR09Hr/w4R9V
	xetVR0SUsT616ZO1D4H0oPWWVw5alyyrhPdBaLQSGpSsM/e2BIZz7o9EbBbr/nVY
	DP2rzRcSm+DU2jM8lDMRY4GcZjjcLjSlGm3X20JqpMm8gGPLuLi4VlCVjbavnYoH
	UT/le4saal314BqB+3cKKcIzAAMGCACQRHpny3Ucdkr/ZMwLxt0iWwvUJQCsg6cY
	XrIXBBvfIRQllS+ledap5ZvkSA88k+mvqtwzrba5s2kaRsb1Ta2QHH94NcfF/6Dy
	1CafzierburN2dIEXjiUl7q0h2sJEv5KrZpL9+hu/BkDJeOHIxOhc+xCspgmwmmo
	JIh5GS1uGHn+5AI0KrUdP8HHNfi9toEdmH9Rl8vT6foYJ2uHjGjMZAlx0LwgpLwt
	XRmiEJayR+MRWpJ1INcqcR5CnulF4dI6mz5txWzRHGDcFQP3BScnnyBurdr2jnC2
	V7sT7OOaFdNu2JY6QqZStaHsIfXActYAVah4OB8t/Of/LJYZzrw4iE8EGBECAA8F
	AklIY7sCGwwFCQlmAYAACgkQXOvfWcMC0xeboQCgvQKi5hGPBez4+4HzGTJfoXuc
	pPwAoJTu9fFdG5jA6L+uD0TKai//jy8d
	=Eycl
	-----END PGP PUBLIC KEY BLOCK-----

About sock_raw:

sock_raw is my personal web site and project/ideas main connect(2)ion to the outer world. If you are already wondering where the name actually stems from, you can always rtfm of socket(2). I 'll provide a quick definition however: SOCK_RAW is one of the ultimate powers the OS can give you over doing some serious stuff on low level network programming. It is the ability to create and send your own hand-crafted network packets, filling manually all header fields with whatever values you want. Most serious network security tools are based on or certainly use this sockets API capability.

Areas of interest:

  • Low level network programming
  • Network internals - Protocols implementation
  • Local/Remote Security vulnerabilities
  • Most low level cs stuff

Skills:

  • Programming Languages:
    • main: C, asm
    • secondary: C++, Java, Perl, Bash, Prolog, Lua, MySQL

  • OS general knowledge:
    • OpenBSD
    • FreeBSD
    • Linux
    • Windows Server 2003/XP/98

  • Network Stacks study:
    • FreeBSD 4.11, 7.0
    • Linux 2.6

  • Networking Protocols:
    • L2: ARP
    • L3: IP, RARP, ICMP, IGMP
    • L4: TCP, UDP, SCTP
    • L5: SMTP, FTP, DNS, DHCP, HTTP

  • Favourite Networking Tools:
    • Nmap, Ncat, tcpdump, wireshark, nc, hping, nkiller