July Tech Festa, August 2017
Alternate URL: https://speakerdeck.com/s1061123/kontenafalsenetutowakuintahuesu-sofalseshi-zhuang-shou-fa-tosofalseying-yong-nituite
FARIS: Fast and Memory-efficient URL Filter by Domain Specific MachineYuuki Takano
http://ytakano.github.io/
http://ieeexplore.ieee.org/document/7740332/
Uniform resource locator (URL) filtering is a fundamental technology for intrusion detection, HTTP proxies, content distribution networks, content-centric networks, and many other application areas. Some applications adopt URL filtering to protect user privacy from malicious or insecure websites. Some web browser extensions, such as AdBlock Plus, provide a URL-filtering mechanism for sites that intend to steal sensitive information.
Unfortunately, these extensions are implemented inefficiently, resulting in a slow application that consumes much memory. Although it provides a domain-specific language (DSL) to represent URLs, it internally uses regular expressions and does not take advantage of the benefits of the DSL. In addition, the number of filter rules become large, which makes matters worse.
In this paper, we propose the fast uniform resource identifier- specific filter, which is a domain-specific pseudo-machine for the DSL, to dramatically improve the performance of some browser extensions. Compared with a conventional implementation that internally adopts regular expressions, our proof-of-concept implementation is fast and small memory footprint.
This is a tutorial for implementing application level traffic analyzer by using SF-TAP flow abstractor.
http://sf-tap.github.io/
https://github.com/SF-TAP/
https://github.com/SF-TAP/flow-abstractor
https://www.usenix.org/conference/lisa15/conference-program/presentation/takano
http://ytakano.github.io/
12. OpenVASのサーバ証明書を作成
n openvas-mkcert コマンドで作成
12
$ sudo openvas-mkcert
/usr/sbin/openvas-mkcert: 63: /usr/sbin/openvas-mkcert: 0: not found
---------------------------------------------------------------------
----------
Creation of the OpenVAS SSL Certificate
---------------------------------------------------------------------
----------
This script will now ask you the relevant information to create the
SSL certificate of OpenVAS.
Note that this information will *NOT* be sent to anybody (everything
stays local), but anyone with the ability to connect to your OpenVAS
daemon will be able to retrieve this information.
CA certificate life time in days [1460]:
Server certificate life time in days [365]:
Your country (two letter code) [FR]: JP
Your state or province name [none]:
Your location (e.g. town) [Paris]: Tokyo
Your organization [OpenVAS Users United]: Tuda College
13. OpenVASのユーザを追加
n openvas-adduserコマンドで作成
n 最後まで行ったらCtrl+Dで終了
13
$ sudo openvas-adduser
/usr/sbin/openvas-adduser: 53: /usr/sbin/openvas-adduser: 0:
not found
Using /var/tmp as a temporary file holder.
Add a new openvasd user
---------------------------------
Login : ytakano
Authentication (pass/cert) [pass] :
Login password :
Login password (again) :
User rules
---------------
29. www.google.comへの通信を遮断(1)
www.google.comのIPアドレスを調べる
n digコマンドでドメイン名からIPアドレスを調べる
29
$ dig www.google.com
;; QUESTION SECTION:
;www.google.com.
IN
A
;; ANSWER SECTION:
www.google.com.
177
IN
A
173.194.38.82
www.google.com.
177
IN
A
173.194.38.84
www.google.com.
177
IN
A
173.194.38.81
www.google.com.
177
IN
A
173.194.38.83
www.google.com.
177
IN
A
173.194.38.80
www.google.comに割り当てられたIPアドレス