Security

An academic paper I authored in May 2019, as part of studying Reverse Engineering at UNSW. Abstract Extracting meaningful semantic differences between software binaries without source code is difficult. This is a challenging problem due to the overwhelming amount of syntactic noise that small changes can result in at the assembly level. Curiously when it comes to program semantics the “signal from the noise” can be distilled in a manner that is both static and processor agnostic, through the application of control flow and graph isomorphism analysis, symbolic execution and theorem proving. The graph isomorphism problem has no known polynomial time algorithm (i.e. is NP) making brute force approaches computationally infeasible. By blending various static analysis techniques and applying some generalisations, consider a novel approach to overcoming the computationally infeasibility of this problem domain with a view to binary difference analysis. ...

Providing SSO by integrating Linux (or FreeBSD) with a directory service, like Microsoft Active Directory (AD), is no where as daunting as it once was, and highlights some fascinating subsystems that enable users to be defined from a variety of data sources (such as LDAP) other than just the traditional /etc/passwd file. Initial setup Kerberos Create service keytab on AD System Security Services Daemon (sssd) Name Service Switch (nss) PAM (Pluggable Authentication Module) Testing Listing Users Listing Groups id Troubleshooting Samba (smbd) Join Issues Clock Synchronisation Issues Clearing SSSD Cache End to end script (for Ansible) Initial setup Update /etc/resolv.conf to bind to the AD DNS server. This will enable realmd to discover and join the active directory domain (i.e. kerberos realm). ...