Hello, I’m Antonios Chariton, @DaKnObCS on Twitter, and I am a Security Engineer and Researcher. My interests include networks, routing, IPv6, TLS, and PKI. I also enjoy system administration, DevOps, automation, Site Reliability Engineering, and in general playing with cool technologies and tools. I am performing both technical, as well as academic research, and have a few publications in this blog, as well as various conferences and journals. Moreover I am giving talks in meetups, conferences, and events. I am also a member of the organization team of various meetups, such as the DevStaff Developer Community in Heraklion, Crete, or initiatives, such as EduCTF, a Capture the Flag event that is aimed at students, and helps them get their hands dirty with security problems and challenges they will face in the real world, and also a member of various interesting organizations or communitees, such as GRNOG and NLNOG. I am also participating and following Working Groups of both the IETF, and RIPE, such as the Acme, TLS, IPSec, Routing, Address Policy, Anti-Abuse, etc. In my free time I am operating AS210312, a pan-European network with multiple PoPs, routers, and servers, accessible over various IXPs and Transit Providers. I am using this network for research, such as RPKI Adoption, or simply providing services for free to communities, open source projects, or good causes. Finally, I am running various projects such as the Greek IPv6 Adoption Observatory.
I have experience in various technologies, tools, operating systems, programming languages and frameworks, with a non-exhaustive list here: Debian, Ubuntu, CentOS, OpenBSD, VyOS, Junos OS, EdgeOS, RouterOS, IOS, Aruba Instant, macOS, iOS, Ansible, Git, Docker, Kubernetes, KVM, Ganeti, Proxmox, Grafana, Telegraf, CollectD, Apache Cassandra, MySQL, Postgres, Redis, memcached, Google Cloud, Go, Python, PHP, Bash, Postfix, Dovecot, spamassassin, rspamd, OpenDKIM, PowerDNS, Bind, dnsdist, nginx, Apache, HAProxy, bird, Quagga, FRR, Routinator, RIPE RPKI Validator, OBS, nginx-rtmp, ffmpeg, ElasticSearch, Elastic SIEM, NfSen, pmacct, fastnetmon, Nessus, OWASP ZAP, Acunetix, Metasploit, and many more.
You can find me on
GitHub and on
LinkedIn, and some of my favorite Open
Source Projects are
eldim, which is an HTTPS service that runs
and proxies an OpenStack Swift, S3, etc. file system, and only allows specific
operations on them, limiting their API. Its use case is to act as a central
service for collecting log files from a large infrastructure, without having to
distribute keys or secrets to the entirety of the servers, therefore giving
them read, write, or any other type of access over the central storage. It
essentially is a single place with the S3 keys, and all servers push files to
it, to be uploaded centrally, without being able to delete other files, change
the content of already uploaded files, or upload data as another server. eldim
also encrypts the files, so they are never stored in plaintext on the S3 /
Swift backend, just in case the provider is not trustworthy.
Then there’s RRDash, which is a simple
dashboard that is inspired by Grafana, but works with
rrdtool graphs. It is designed to be simple,
easy, and allow all options of
rrdtool, and since it does not have any
authentication, it is mainly intended for public dashboards. You can find an
instance of it here.
Finally, there’s TorPaste, which is a
paste service, supporting multiple backends, that has been designed to run
inside the Tor Browser, with the
maximum security settings turned on (no fonts, JS, etc.). You can find an
instance of TorPaste running here.
As far as the events I attend go, they are all relevant to my interests, and some examples are, in terms of network events, GRNOG, NLNOG Day, RIPE Meetings, for software development DevStaff, Elastic Greece, JHUG, for hacking and security ccc.de Congress, Hack in the Box, CySeP, for policy Freedom & Security, and for business / startup OpenCoffee, FuckUp Nights, Singularity University Summits, etc.
Some of the research I do is on TLS, and more specifically X.509 Certificate Revocation, with my INFOCOM paper CCSP, on RPKI, with my blog post on The State of RPKI Deployment in Greece, and popular application security vulnerability hunting, such as on Popcorn Time. Doing research on solving security challenges, internet measurements and metrics, is something I enjoy doing, but I always try and keep it practical, applicable, and not so theoretical. It doesn’t always have to be scientific or technical, it can also touch other areas, like what happens if you run a Tor Exit Node or five , or what’s the experience of a user in an HTTPS-only, or IPv6-only, environment. Currently a lot of research has not been published yet, but I intend to start doing so more frequently both here on my blog, as well as on various academic / peer-reviewed conferences and journals.