Friday, October 26, 2018

HOWTO : Tensorflow 1.11.0 on Ubuntu 18.04.1 LTS with Anaconda3 5.3.0

Install Anaconda3 which is Python 3. The current version of Python is 3.7.x at Anaconda3.

sudo apt install build-essential libssl-dev libffi-dev python3-dev

wget https://repo.continuum.io/archive/Anaconda3-5.3.0-Linux-x86_64.sh

chmod +x Anaconda3-5.3.0-Linux-x86_64.sh

./Anaconda3-5.3.0-Linux-x86_64.sh

Install anaconda3 to /home/samiux/anaconda3 (current user, samiux) and then answer "yes" to allow change the .bashrc of samiux. (replace "samiux" with your username)

source /home/samiux/.bashrc

Update Anaconda3.

conda update --prefix /home/samiux/anaconda3 anaconda
conda update -n base conda


Since current Tensorflow 1.11.0 only supports Python 3.6 for Python 3.x, we need to install Python 3.6 at the virtual environment for Tensorflow.

conda create -n venv pip python=3.6
conda install tensorflow -n venv


To activate the virtual environment, that is Python 3.6.

conda activate venv

To deactivate it when not using Python 3.6 and Tensorflow.

conda deactivate

To test the Tensorflow installation.

(venv) samiux@ubuntu:~$ python -c "import tensorflow as tf; print(tf.__version__)"

It will display the current version of Tensorflow. The current version of Tensorflow as at this writing is 1.11.0.

1.11.0

That's all! See you.


Sunday, October 21, 2018

China - No Wallet

China's Great Leap to Wallet-Free Living - Moving Upstream

Amazing China: Mobile Payments Change Way of Life in China

Amazing China: Crazy mobile payment in China

Sunday, September 09, 2018

Croissants - Intrusion Detection and Prevention System

牛角麵包 - 防禦入侵系統

牛角麵包 (Croissants) 是一項開源項目,但有一項同名的項目是商業版本的,開源版本的名字為牛角麵包 (社區版,Community Edition)。收費版本具有禦防網絡掃描器的偵測和推送更新的技術,其他的與開源版本大致是一樣的。

牛角麵包與統一威脅管理系統 (Unified Threat Management System, UTM) 和下世代防火牆 (Next Generation Firewall, NG Firewall) 有相當程度是相若的,不同的只是牛角麵包並沒有防火牆。

牛角麵包是由黑客設計與開發出來對付黑客的一個系統,不論他們是道德黑客或者是惡意黑客。

開源版的特性 :

她具有統一威脅管理系統和下世代防火牆的大部份特性,例如防禦漏洞利用、防止病毒攻擊、惡意網絡地址黑名單、防禦惡意軟件攻擊、惡意網頁攻擊過濾、防止洋蔥網絡 (Tor) 瀏覽、防止有敵意的網絡流量、偵測網絡掃描器掃描等。

至於效能方面,她有極低延遲性的特點,有效地提高網絡遊戲的可玩性,而且能夠有效地播放 4K 的多媒體,她更能夠處理大約 40GB 或以上的流量,當然這也與硬件的規格有相當大的關係。

至於配置方面,她幾乎可以配置在網絡中的任何位置,包括網外和網內。如果再配合奧德拉 (Audra) (偵測入侵系統),這樣每個網段都涵蓋得到。奧德拉也是基於牛角麵包 (社區版) 而設計的偵測入侵系統,其元件是完全一樣的。

收費版的特性 :

除了具有社區版的功能外,她還有推送更新技術,如遇緊急情況,可以立刻對牛角麵包作出遠端更新,以求達到防禦入侵的最佳效果。

另外她還可以擋格所有網絡掃描器的偵測,令黑客不能有效地得到意圖入侵目標的資訊,從而未能有效地作出攻擊。如果盲目地作出攻擊,這是徒勞無功的。這樣就可以防止或延遲被入侵的可能性,這功能特別適合於有伺服器配置在網絡中的環境。

Samiux
OSCE OSCP OSWP


************


Croissants - Intrusion Detection and Prevention System

Croissants is an open source project and commercial project at the same time. Open source project is namely Croissants (Community Edition, CE) while commercial one is Croissants. Croissants and Croissants CE are almost the same. However, Croissants has some outstanding technique, such as push update and upgrade as well as blocking network scanning.

Croissants is very similar with Unified Threat Management System (UTM) and Next Generation Firewall (NG Firewall). However, Croissants does not have firewall anyway.

Croissants is designed by a hacker to defend against hackers. He knows what hackers are doing and thinking, regardless of whether they are ethical or malicious.

Croissants CE Features :

Croissants CE has similar features as UTM and NG Firewall, such as preventing vulnerabilities exploits, anti-virus, malicious IP address blacklisting, preventing malicious software, filtering web page attacks, preventing Tor network from being accessed, blocking malicious traffic, detecting network scanning, and etc.

It is an ultra-low latency system which is ideal for demanding online games and 4K video streaming. The maximum bandwidth of Croissants is over 40GB which is depending on the hardware configuration.

Croissants CE can be placed at any place in the network which is including outside and inside the network segments. When implemented with Audra (Intrusion Detection System), the traffic monitoring in the network can be covered completely. Meanwhile, Audra is designed based on Croissants CE.

Croissants Features :

Croissants has all the features as Croissants CE but it also has push update and upgrade features. It provides an emergency update or upgrade in order to provide a better protection to the network when needed.

In addition, it also can block network scanning. Once the scanning is blocked, hackers cannot obtain the information of the services and ports of the network/servers. They cannot launch any attack to the network blindly. You can be prevent from being attacked or delay of being attacked as a result. Croissants is ideal for network that providing connections to the public.

Samiux
OSCE OSCP OSWP

Reference

InfoSec Ninjas 资安忍者


Sunday, August 26, 2018

HOWTO : Intel and nVidia GPUs on Ubuntu 18.04.1 LTS

The version of nVidia driver for Ubuntu 18.04.1 is 390 at the time of this writing. You have 3 methods to switch between Intel GPU and nVidia GPU. However, these require your box to reboot or relogin to make the change effect.

(A) nVidia Driver Install

sudo apt install bbswitch-dkms nvidia-dkms-390 nvidia-driver-390 nvidia-headless-390 nvidia-kernel-common-390 nvidia-prime nvidia-settings nvidia-utils-390 xserver-xorg-video-nvidia-390 nvidia-cuda-toolkit

Method 1 - Reboot is required
nvidia-settings

Select nVidia GPU or Intel GPU from "Prime" on the menu. After that, reboot your box.

This method is working only when nVidia driver is loaded. You need to reboot your box to make the change effect.

To confirm the change :

prime-select query

Method 2 - Reboot is required

To change to Intel GPU :

You need to reboot your box to make the change effect.

sudo prime-select intel

To change to nVidia GPU :

sudo prime-select nvidia

You need to reboot your box to make the change effect.

To check the settings :

prime-select query

Method 3 - Relogin is required

To install modified version of prime-select :

sudo apt install git rustc cargo lightdm
git clone https://github.com/matthieugras/Prime-Ubuntu-18.04

cd Prime-Ubuntu-18.04
cd prime_socket/src
sudo make install


The "prime-select" binary is located at /usr/local/bin.

Rename the original "prime-select" :

sudo mv /usr/bin/prime-select /usr/bin/prime-select-original

Change to lightdm :

sudo dpkg-reconfigure gdm3

Select lightdm and then reboot the box.

Prime sync for tear free laptop panel

sudo nano /etc/modprobe.d/zz-nvidia-modeset.conf

Add the following lines :

# enable prime-sync
options nvidia-drm modeset=1


Then run the following command and then reboot your box :

sudo update-initramfs -u

To change to Intel GPU :

sudo prime-select intel

The box will force you to logout and awaiting for your re-login.

To change to nVidia GPU :

sudo prime-select nvidia

The box will force you to logout and awaiting for your re-login.

To check the settings :

prime-select query

(B) Optional

To check what nVidia driver version is installed :

ubuntu-drivers devices

To auto install the nVidia driver :

sudo ubuntu-drivers autoinstall

(C) Conclusion

To set to Intel GPU for power saving while nVidia GPU for performance. For Kali Linux or Parrot Security OS users, I recommended to use Method 2 after installed the nVidia driver. The package name of nVidia driver for Kali Linux and Parrot Security OS are different from Ubuntu 18.04.1 LTS. When using Method 3, the Intel display card cannot be video properly. However,, Method 2 has no such problem.

That's all! See you.


Thursday, August 09, 2018

滲透測試與奪旗賽

初次接觸奪旗賽 (Capture The Flag) 比賽項目,發覺其與真實的滲透測試 (Penetration Testing) 相差甚遠。以奪旗賽練習網站中的網頁 (Web) 題目為例,奪旗賽題目會提供提示以供下一關的鑰匙,或者以這個提示來完成這條題目。但現實環境的網站滲透測試是沒有提示的,滲透測試員是要用自己的方法去盡量搜集這個網站的資訊來作進一步行動。再者,奪旗賽的題目大多是脫離現實,而且十分狡猾 (tricky)。

我個人認為如果一個專業的滲透測試員長期在奪旗賽題目中打滾浸淫,有可能影響其專業的思維和滲透測試的方式,並且在其專業知識上並沒有實際的獲益,但是閒來作為遊戲玩樂又未賞不可的。

至於奪旗賽中另一個比賽項目攻防戰,我仍未曾有機會接觸到,所以不會妄下判斷。因機緣巧合,最近在一個很爛的奪旗賽練習網站 (beta.ctflearn.com) 玩了一些我懂的題目,並且在一萬二千幾名玩家中排行第廿七 (二零一八年八月九日止)。在玩的過程中並未有學習到新鮮事物的感覺,非常可惜。

最後,我個人認為,如果要在滲透測試知識和技術上有實際的獲益,我想最有效的方法是參加懸賞計劃 (Bug Bounty) 了。如果可以發現漏洞並獲得獎金當然是一件樂事,但如果未能取得獎金都可以在一個合法的平台上練習,因為懸賞計劃中的項目全部都是真實的個案。

Samiux
OSCE OSCP OSWP

Wednesday, August 01, 2018

馬恩國解讀認識基本法系列

馬恩國解讀認識基本法 (一) 基本法出處




馬恩國解讀認識基本法 (二) 釋法篇之吳嘉玲案




馬恩國解讀認識基本法 (三) 釋法篇之剛果案




馬恩國解讀認識基本法 (四) 釋法篇之政改及特首任期




馬恩國解讀認識基本法 (五) 釋法篇之立法會宣誓案




馬恩國解讀認識基本法 (六) 釋法篇之《基本法》的解釋權及釋法好處




馬恩國解讀認識基本法 (七)主權與國家安全L




馬恩國解讀認識基本法 (八) 高度自治與全面管治




馬恩國解讀認識基本法 (九) 五十年不變與一國兩制




馬恩國解讀認識基本法 (十) 中央與特區關係




馬恩國解讀認識基本法 (十一) 特區的立法權與緊急狀態下的安排




恩國解讀認識基本法 (十二) 港人參與國家事務的渠道




馬恩國解讀認識基本法 (十三) 香港人的權利




馬恩國解讀認識基本法 (十四) 行政會議、特首職能與解散立法會的權力




If Loving You Is Wrong (I Don't Want To Be Right) - Barbara Mandrell


國家安全與《中國國家安全法》

余非 — 處理嘍囉,及認知更根本的考慮──國家安全與《中國國家安全法》



Thursday, July 19, 2018

[LAB] Capture The Flag - July 2018

VulnHub gathers a lot of Capture The Flag virtual machines for practice.

In July, 2018, I did some of them and wrote the writeup about the exploits. I mainly targeted for the VirtualBox virtual machines only. They are running NAT Network interface in VirtualBox.

They are :

(1) BlackMarket
(2) BSides Vancouver 2018 (Workshop)
(3) JIS-CTF : VulnUpload
(4) Bob v2
(5) Toppo v1
(6) DerpNStink v1
(7) Temple of Doom v1
(8) Zico2 v1
(9) Dina 1.0.1
(10) Basic Pentesting : 2

That's all! See you.


Friday, June 29, 2018

阿希從衆實驗

近日與友人聊天時聊到阿希從眾實驗 (Asch conformity experiments),這個實驗發現了大多數的人會在群眾的壓力下盲從附和或改變自己的見解去跟從衆人的情況。

Asch conformity experiments






友人立即引述馬克吐溫的名句 :

Whenever you find yourself on the side of the majority, it is time to pause and reflect. -- Mark Twain

每當你發現自己和大多數人站在一邊,你就該停下來反思一下。 -- 馬克·吐溫

其後我領會到這句名句有另一方面的意思,就是如果發現了你自己在大多數人當中的時候,你應反思你是否停滯不前沒有進步?

參考連結

維基百科 - 阿希從衆實驗
Wikipedia - Asch conformity experiments