Loading Out of Tree Rust in Linux
· 10 min read
Rust is taking off in the Linux Kernel and improved support and features make it possible to develop drivers with Rust.
3 posts tagged with "linux"
View All TagsLoading up nexmon on a RPI4 with SPR
· 5 min read
The built-in wifi radio on a Raspberry Pi 4 is kind of sad, as it does not support monitor mode. Luckily the hackers at Seemo Labs have fixed this.
In this post we'll describe how to load Seemoo's Nexmon onto a pi4 running a modern kernel, and package it into a SPR Plugin named spr-nexmon. We'll demonstrate that packet capture and injection works.
Attack Surface Reduction Research (Part 1)
· 3 min read
Reducing Attack Surfaces (Part 1)
SPR lets users create adaptive, micro-segmented networks for connecting and managing devices. In addition to fine-grained network visibility we also build hardened software and work to avoid common security flaws. As SPR has matured we've started taking on further efforts to eliminate attack surfaces.
When it comes to native code: we introduce none. As in, we have not written new native code for SPR anywhere. We have one BPF filter, and its otherwise golang all the way down. We also do not run standard native services where we can avoid them. We have replaced traditional C code for services such as DNS and DHCP with golang implementations, namely CoreDNS and CoreDHCP.
The remaining native code targets that we have in SPR are as follows:
- The Linux kernel. For example: ethernet, the tcp/ip stack, nftables, the mac80211 framework and vendor drivers
- 802.11 Firmware, Ethernet Firmware
- Hostapd
- PPP Daemon (off by default)
- OS Services (Ubuntu)