Jul 292017
 

With the release of kernel-xen version 4.9.40, I have enabled CONFIG_TCP_CONG_BBR. This adds support for using BBR to improve the throughput from your servers (mostly web servers) to your clients.

If you run my kernel-xen package on your Xen guests, you can also take advantage of this new feature.

To enable, ensure you are running kernel-xen version 4.9.40 or above, then create a file called /etc/sysctl.d/enable-bbr.conf containing:
net.core.default_qdisc=fq
net.ipv4.tcp_congestion_control=bbr

You can activate this by typing: $ sysctl -p

The changes will automatically apply at the next system boot.

To read more about BBR and why it makes such a difference, head on over to acmqueue for a far more in-depth analysis than I could provide.

Mar 192017
 

So every once in a while, you come across something in IT Security that just makes you want to cry.

Usually, these are chained exploits that when executed properly have devastating effects.

Take the latest Pwn2Own competition. One of the successful hacks there was epic. And scary.

In a nutshell, an ‘Edge’ browser exploit to get into the Windows 10 VMWare guest, then a bug in the VMWare guest to own the VMWare host. Yes, hacking the VMWare host – from a web page.

That’s scary.

Dec 252016
 

So it’s now been 16 years since the end of TITR (This Is True, Really) News. I still occasionally listen to the old recordings of what we now know as ‘podcasts’ and have a giggle.

Scott, Tony, wherever you guys are, hope all is going well.

If you want to share in on the laughs, I’ve put up the small archive I have on soundcloud.