1
00:00:00,125 --> 00:00:01,501
TOM STEELE: Hello, everyone, welcome

2
00:00:01,501 --> 00:00:04,501
to our talk Collaberative Penetration testing with Lair.

3
00:00:04,999 --> 00:00:06,999
I'm Tom Steele.

4
00:00:07,209 --> 00:00:10,375
I'm currently a senior consultant at Fishnet Security.

5
00:00:10,417 --> 00:00:11,876
There's my Twitter.

6
00:00:11,876 --> 00:00:16,999
DAN KOTTMAN: And I'm Dan Kottman, I'm a consultant.

7
00:00:16,999 --> 00:00:19,167
We do pen tests and social engineering engagement and sometimes physical

8
00:00:19,167 --> 00:00:21,375
security assessments as well.

9
00:00:21,375 --> 00:00:26,792
TOM STEELE: So we kind of built this tool Lair that we were

10
00:00:26,792 --> 00:00:33,751
having and they include lots of file and lots of data everywhere, and lots

11
00:00:33,751 --> 00:00:36,999
of terminal windows open.

12
00:00:37,501 --> 00:00:41,000
Just tons of files everywhere and no real way to correlate those.

13
00:00:41,083 --> 00:00:47,042
The other problem we wanted to kind of fix was duplication of work.

14
00:00:47,042 --> 00:00:51,792
A lot of time when you are doing a tech with multiple people, you tend

15
00:00:51,792 --> 00:00:57,334
to be looking at the same thing and it's not very efficient.

16
00:00:57,918 --> 00:00:59,959
The next thing we wanted to do is come up with a way

17
00:00:59,959 --> 00:01:03,459
to be thorough and make sure that we didn't miss anything and that we were

18
00:01:03,459 --> 00:01:06,999
manually investigating everything on an engagement.

19
00:01:07,626 --> 00:01:11,083
So what we kind we kind of looked at the current tool sets and

20
00:01:11,083 --> 00:01:14,083
they didn't really they all might have handled some

21
00:01:14,083 --> 00:01:18,501
of these issues but none of them fixed all of our problems.

22
00:01:18,501 --> 00:01:20,167
So what we did is we decided to create our own tool and that's that

23
00:01:20,167 --> 00:01:22,292
we will be releasing today.

24
00:01:22,292 --> 00:01:23,292
It's called Lair.

25
00:01:24,999 --> 00:01:27,417
At its heart it's a web application.

26
00:01:27,417 --> 00:01:29,584
It's all in browser and we think it solves all the problems that I

27
00:01:29,584 --> 00:01:31,501
previously mentioned.

28
00:01:31,999 --> 00:01:34,792
Here's an overview of the architecture in the top,

29
00:01:34,792 --> 00:01:37,667
the top right corner, you see this thing called meteor

30
00:01:37,667 --> 00:01:39,167
web server.

31
00:01:39,626 --> 00:01:42,918
So this web application is built with something called meteor.

32
00:01:42,918 --> 00:01:44,834
That's a web framework built on top of node.js which

33
00:01:44,834 --> 00:01:47,083
is a JavaScript runtime.

34
00:01:47,918 --> 00:01:50,876
The features the reason we chose meteor.

35
00:01:50,999 --> 00:01:54,667
Was a few reasons, the first one being data on the wire,

36
00:01:54,667 --> 00:01:57,083
it's very, very snappy.

37
00:01:57,083 --> 00:01:58,083
Very, very fast.

38
00:01:58,083 --> 00:02:00,667
The originally when you load up the application, all you get

39
00:02:00,667 --> 00:02:03,999
is a bunch of JavaScript and HTML templates and then JSON

40
00:02:03,999 --> 00:02:06,709
back and forth to the server.

41
00:02:06,959 --> 00:02:07,999
It's very fast.

42
00:02:09,501 --> 00:02:14,167
And meteor is written in JavaScript and it's one language from the client

43
00:02:14,167 --> 00:02:17,999
to the server and makes developing a lot better and next

44
00:02:17,999 --> 00:02:21,626
is database everywhere and with meteor they have a client

45
00:02:21,626 --> 00:02:23,584
in the browser.

46
00:02:23,918 --> 00:02:28,876
Whether you are writing the application, it's cool to write your queries

47
00:02:28,876 --> 00:02:32,999
in the client and makes things more efficient.

48
00:02:32,999 --> 00:02:33,959
You can develop a realtime application very,

49
00:02:33,959 --> 00:02:35,375
very quickly.

50
00:02:35,417 --> 00:02:38,584
The next thing that's probably the best feature of meteor

51
00:02:38,584 --> 00:02:40,999
is full stack reactivity.

52
00:02:41,292 --> 00:02:43,999
Everything that you build in meteor is realtime,

53
00:02:43,999 --> 00:02:46,959
meaning it doesn't do any sort of Ajax pulling,

54
00:02:46,959 --> 00:02:50,417
it's using web sockets on the back end and when you have

55
00:02:50,417 --> 00:02:53,876
that query in the browser, whether those queries kind

56
00:02:53,876 --> 00:02:59,334
of invalidate in the daily changes, everything else will update as well.

57
00:02:59,501 --> 00:03:03,083
It's built to be very, very realtime and that's what we were looking for.

58
00:03:03,751 --> 00:03:07,417
Of course, the web application is only useful if we can get data into it,

59
00:03:07,417 --> 00:03:09,792
via, you know, all the automated tools we use

60
00:03:09,792 --> 00:03:12,999
and so Dan will talk about how that happens.

61
00:03:12,999 --> 00:03:16,584
DAN KOTTMAN: Yeah, the tools that we consume the data,

62
00:03:16,584 --> 00:03:20,334
we call drones, they are command line tools principle

63
00:03:20,334 --> 00:03:24,999
in Python that use a common API and they parse a data from some

64
00:03:24,999 --> 00:03:29,792
of the tools we commonly use for our pen tests and that would be we

65
00:03:29,792 --> 00:03:34,250
have drones for Nessus, Nexpose and Burp and Nmap.

66
00:03:38,751 --> 00:03:42,542
We thought we would get some better community support if we wrote them

67
00:03:42,542 --> 00:03:46,626
in Python rather than JavaScript because that can be difficult to code in,

68
00:03:46,626 --> 00:03:48,999
especially if you don't have any experience

69
00:03:48,999 --> 00:03:50,834
with it before.

70
00:03:50,999 --> 00:03:53,751
And we also decoupled it from the application rather than

71
00:03:53,751 --> 00:03:56,751
building it directly into, you know, the meteor node application,

72
00:03:56,751 --> 00:03:59,501
because we didn't want to force people to upload their files

73
00:03:59,501 --> 00:04:01,584
to the server, just to import them, you know,

74
00:04:01,584 --> 00:04:04,959
you are just sitting this watching your browser spin as it's importing,

75
00:04:04,959 --> 00:04:07,083
it's a little bit annoying.

76
00:04:07,959 --> 00:04:12,626
And we also wanted it decoupled so that, you know, if you develop a tool

77
00:04:12,626 --> 00:04:15,417
to consume data, maybe it's for a you know,

78
00:04:15,417 --> 00:04:18,209
something that you run in house, that maybe

79
00:04:18,209 --> 00:04:21,083
the community wouldn't want.

80
00:04:21,083 --> 00:04:24,167
It would be a little bit easier to kind of integrate with the framework,

81
00:04:24,167 --> 00:04:26,209
if it was decoupled.

82
00:04:26,209 --> 00:04:29,167
TOM STEELE: So the majority of this talk is actually going

83
00:04:29,167 --> 00:04:31,083
to be a demo.

84
00:04:31,083 --> 00:04:33,999
We are going to show off the app now.

85
00:04:41,417 --> 00:04:43,542
All right there.

86
00:04:50,999 --> 00:04:52,834
We go.

87
00:05:00,250 --> 00:05:01,501
All right.

88
00:05:01,501 --> 00:05:03,999
So I'm just going to create a project real quick.

89
00:05:03,999 --> 00:05:05,667
So when you first create a project, you are brought into this kind

90
00:05:05,667 --> 00:05:07,999
of centralized host view.

91
00:05:07,999 --> 00:05:10,417
So if we had some data in here, it would be showing you a list

92
00:05:10,417 --> 00:05:14,792
of all the IP addresses their host name and operating name.

93
00:05:14,876 --> 00:05:17,667
Everything in Lair, you can do manually.

94
00:05:17,667 --> 00:05:18,999
We do a lot of manual testing.

95
00:05:19,999 --> 00:05:23,334
You can enter data from many different data points but,

96
00:05:23,334 --> 00:05:26,209
of course to populate these initial things you,

97
00:05:26,209 --> 00:05:29,125
of course want to be using automated tools such

98
00:05:29,125 --> 00:05:31,999
as Nmap, it's a great tool.

99
00:05:32,167 --> 00:05:35,876
So to do that, we will import into that.

100
00:05:35,999 --> 00:05:38,542
So do that, you grab this unique identifier here.

101
00:05:39,250 --> 00:05:44,918
And you use the client side, Python drone Nmap.

102
00:05:50,999 --> 00:05:55,792
And then I will bring in the first Nmap, and this is a vanilla scan,

103
00:05:55,792 --> 00:06:00,584
so no scripting engine, no operating system detection.

104
00:06:00,584 --> 00:06:01,584
All right.

105
00:06:03,083 --> 00:06:05,542
So it actually parses on the client.

106
00:06:05,542 --> 00:06:10,083
It connects to the database and inserts it.

107
00:06:10,083 --> 00:06:12,959
So as you can see this automatically got repopulated.

108
00:06:12,959 --> 00:06:15,501
This was no screen refresher or anything like that.

109
00:06:15,501 --> 00:06:17,250
Let's take a look at the 1.2 address.

110
00:06:18,334 --> 00:06:21,542
And you can see it all got populated.

111
00:06:21,542 --> 00:06:23,083
This is the service level view.

112
00:06:23,083 --> 00:06:25,999
So it kind of drills down into each service for each host.

113
00:06:26,209 --> 00:06:28,083
And take a look at this telnet service here

114
00:06:28,083 --> 00:06:31,999
and you can see that the product is set to unknown.

115
00:06:31,999 --> 00:06:33,083
That's because we didn't have any version

116
00:06:33,083 --> 00:06:34,999
detection on Nmap.

117
00:06:35,083 --> 00:06:39,125
So I did a second scan of just port 23 on this post,

118
00:06:39,125 --> 00:06:41,999
with version detection.

119
00:06:42,375 --> 00:06:45,751
It comes back fast enough.

120
00:06:45,751 --> 00:06:49,250
You can see it automatically updated the product of that host.

121
00:06:49,334 --> 00:06:50,709
There was no Ajax pulling or anything

122
00:06:50,709 --> 00:06:53,709
like that it was automatically synced up with the client.

123
00:06:54,999 --> 00:06:57,999
If there's something that's missing, they will add to them and that's kind

124
00:06:57,999 --> 00:07:00,334
of how it that's how they all work.

125
00:07:00,334 --> 00:07:01,667
That's how the API works.

126
00:07:03,584 --> 00:07:06,250
The next thing I want to show off is the Nmap scripting engine

127
00:07:06,250 --> 00:07:07,751
is great.

128
00:07:07,999 --> 00:07:10,417
But when you run a ton of Nmap scripts, you run a bunch

129
00:07:10,417 --> 00:07:14,125
of different files and you have to look at them manually or parse them

130
00:07:14,125 --> 00:07:15,999
out yourself.

131
00:07:16,125 --> 00:07:18,459
We made the drones parse those.

132
00:07:20,959 --> 00:07:24,083
So this is this next scan was a full scan of my network,

133
00:07:24,083 --> 00:07:26,667
first version detection, operation detection

134
00:07:26,667 --> 00:07:29,209
and script scanning enabled.

135
00:07:32,999 --> 00:07:37,667
As you can see, that we get the FTP anonymous,

136
00:07:37,667 --> 00:07:41,834
Nmap scripting output put in what we call

137
00:07:41,834 --> 00:07:45,375
a service level node here.

138
00:07:45,375 --> 00:07:47,083
This is just the service level view and each port you can move back

139
00:07:47,083 --> 00:07:48,999
and forth between them.

140
00:07:48,999 --> 00:07:52,083
You can update and modify all of these as well.

141
00:07:52,292 --> 00:07:55,083
The next thing so that kind of takes care

142
00:07:55,083 --> 00:07:58,125
of importing our data, right?

143
00:07:58,209 --> 00:08:26,876
Let me import a Nessus scan real quick.

144
00:08:27,167 --> 00:08:28,667
We just imported Nessus.

145
00:08:33,792 --> 00:08:36,083
The next thing that we wanted to work on was

146
00:08:36,083 --> 00:08:39,999
the collaboration effort and not duplicating work.

147
00:08:40,125 --> 00:08:44,626
So what we came up with was kind of this killer based system.

148
00:08:51,083 --> 00:08:52,125
(Applause).

149
00:08:52,125 --> 00:08:53,751
Oh, my God, was that boring!

150
00:08:53,751 --> 00:08:54,751
All right.

151
00:08:54,751 --> 00:08:55,751
Here we go.

152
00:08:55,751 --> 00:08:57,999
Somebody take that.

153
00:08:58,125 --> 00:08:59,751
You guys know the drill.

154
00:08:59,751 --> 00:09:00,999
These are new speakers.

155
00:09:00,999 --> 00:09:01,999
All right.

156
00:09:01,999 --> 00:09:02,999
Get up here.

157
00:09:03,999 --> 00:09:05,292
I love that.

158
00:09:05,292 --> 00:09:05,999
We walk into rooms and people have their

159
00:09:05,999 --> 00:09:07,417
hands up.

160
00:09:07,417 --> 00:09:09,999
It's awesome.

161
00:09:09,999 --> 00:09:11,292
What do we call this, Paul?

162
00:09:11,292 --> 00:09:12,459
What do we call this?

163
00:09:12,876 --> 00:09:14,792
Shot the n00b.

164
00:09:14,792 --> 00:09:15,792
That's right!

165
00:09:15,792 --> 00:09:17,626
What is your name?

166
00:09:17,959 --> 00:09:19,584
Nassem.

167
00:09:19,584 --> 00:09:23,999
We have Nassem and we have our speakers, who I don't know.

168
00:09:23,999 --> 00:09:25,999
Tom and Dan.

169
00:09:25,999 --> 00:09:28,334
Do we have shots?

170
00:09:30,167 --> 00:09:31,999
We do have shots.

171
00:09:31,999 --> 00:09:33,334
I'm just trying to work.

172
00:09:33,334 --> 00:09:34,334
I'm sorry.

173
00:09:34,334 --> 00:09:37,334
So we've, you know, done a couple of these already today.

174
00:09:37,334 --> 00:09:38,334
This hour.

175
00:09:38,334 --> 00:09:42,292
Somebody    Somebody pull that bottle away from him.

176
00:09:42,501 --> 00:09:44,959
Do you guys drink before your talk?

177
00:09:44,959 --> 00:09:45,959
No.

178
00:09:45,959 --> 00:09:48,209
I'm sorry have you not been to DEF CON before?

179
00:09:55,876 --> 00:09:56,999
(Laughter).

180
00:09:58,167 --> 00:10:00,417
All right.

181
00:10:00,417 --> 00:10:02,501
You are doing two shots!

182
00:10:02,501 --> 00:10:04,375
(Laughter)    Wait, wait, wait.

183
00:10:04,375 --> 00:10:05,375
Thank you.

184
00:10:05,375 --> 00:10:06,459
Welcome to DEF CON!

185
00:10:06,999 --> 00:10:09,334
(Applause)    Good man.

186
00:10:11,292 --> 00:10:14,999
And I'm sorry, DEF CON has been canceled.

187
00:10:14,999 --> 00:10:15,999
(Laughter).

188
00:10:15,999 --> 00:10:17,417
That's the price you pay.

189
00:10:17,417 --> 00:10:18,459
Just remember this.

190
00:10:18,459 --> 00:10:19,459
All right.

191
00:10:19,459 --> 00:10:22,999
TOM STEELE: Round of applause for Dan for taking the bullet for me.

192
00:10:29,125 --> 00:10:31,083
And now look what you have done.

193
00:10:31,083 --> 00:10:32,626
You have locked my computer.

194
00:10:34,167 --> 00:10:35,501
Okay.

195
00:10:35,501 --> 00:10:37,334
So now I have to move really fast.

196
00:10:37,334 --> 00:10:41,125
But the idea here is that we didn't want to duplicate work.

197
00:10:41,125 --> 00:10:43,626
What we came one was a color coded based system.

198
00:10:43,999 --> 00:10:46,584
First, I need to add Dan to my project here.

199
00:10:49,999 --> 00:10:52,751
So now Dan has full view in the application and we came

200
00:10:52,751 --> 00:10:56,459
up with this color coded based system that has five different colors you see

201
00:10:56,459 --> 00:10:58,626
gray, blue, green, orange, blue and red and

202
00:10:58,626 --> 00:11:01,083
they can mean whatever you want.

203
00:11:01,083 --> 00:11:04,209
They mean certain things for us, in particular blue means that it's

204
00:11:04,209 --> 00:11:05,999
in progress.

205
00:11:05,999 --> 00:11:08,083
So I want to know what Dan is doing at all times and I don't want

206
00:11:08,083 --> 00:11:10,918
to duplicate the things he's doing.

207
00:11:10,918 --> 00:11:12,999
All Dan needs to do is click a host and as soon as he clicks it,

208
00:11:12,999 --> 00:11:16,626
it turns blue and I can know that Dan is working on that.

209
00:11:16,876 --> 00:11:20,626
And then what would happen is we turn them green,

210
00:11:20,626 --> 00:11:23,959
there's no serious issues.

211
00:11:23,959 --> 00:11:25,334
If we turn them orange, that means we want to come back

212
00:11:25,334 --> 00:11:27,959
to it later and if we return it red, that may be a foot hole

213
00:11:27,959 --> 00:11:30,417
in the network or it's pwned or there's sensitive data linking

214
00:11:30,417 --> 00:11:32,083
out of that thing.

215
00:11:33,083 --> 00:11:35,584
That's the color coded based system that we came up with,

216
00:11:35,584 --> 00:11:39,626
so that we can track exactly what we are doing and not duplicate work.

217
00:11:39,667 --> 00:11:44,542
What is really neat is all of these kind of filter, so if I click that blue button,

218
00:11:44,542 --> 00:11:47,459
it will filter out the blue ones.

219
00:11:47,459 --> 00:11:50,167
If I click the green one, it will filter out the green ones and we can really

220
00:11:50,167 --> 00:11:52,999
focus on and see what hasn't been done.

221
00:11:53,125 --> 00:11:55,959
And this works at every level, the port level,

222
00:11:55,959 --> 00:11:58,999
the vulnerability level as well.

223
00:11:59,250 --> 00:12:01,959
And we imported the Nessus scan and you can see the list

224
00:12:01,959 --> 00:12:05,083
of vulnerabilities got imported in here.

225
00:12:05,083 --> 00:12:07,709
You can make these manually, et cetera, and like I said,

226
00:12:07,709 --> 00:12:10,375
they all have statuses as well.

227
00:12:10,667 --> 00:12:14,999
The typical things that you would expect, a description, evidence,

228
00:12:14,999 --> 00:12:17,792
solution, a list of hosts.

229
00:12:17,792 --> 00:12:20,083
These are all linkable, everything like that.

230
00:12:20,083 --> 00:12:20,918
And, you know, any notes that might be available

231
00:12:20,918 --> 00:12:22,083
as well.

232
00:12:26,083 --> 00:12:29,999
The next thing that we kind of want to show do you want to put

233
00:12:29,999 --> 00:12:33,250
the project the client side update.

234
00:12:33,250 --> 00:12:35,792
Since you know, this is the best thing about meteor,

235
00:12:35,792 --> 00:12:38,999
is it allowed client side updates.

236
00:12:39,167 --> 00:12:42,334
For security purposes, any time you have a database query,

237
00:12:42,334 --> 00:12:45,792
it gets shipped down to the server but we do allow you

238
00:12:45,792 --> 00:12:48,999
to turn that functionality on, so you can do anything

239
00:12:48,999 --> 00:12:53,876
on the client what that lets you to do is create some interesting JavaScript

240
00:12:53,876 --> 00:12:57,334
scripts that you can run in your browser.

241
00:12:57,751 --> 00:13:00,584
I have to allow these and you are giving the security warnings telling that you

242
00:13:00,584 --> 00:13:02,375
are allowing them here.

243
00:13:02,375 --> 00:13:04,542
I come back to my project.

244
00:13:04,876 --> 00:13:07,542
Load it up.

245
00:13:07,834 --> 00:13:10,501
Dan has graciously provided me with this script.

246
00:13:11,751 --> 00:13:14,751
So what this script does is it's kind of lengthy, but it just goes

247
00:13:14,751 --> 00:13:17,999
through each host, looked to see if any of those hosts have any available

248
00:13:17,999 --> 00:13:21,334
services and if they don't, it will turn them green.

249
00:13:21,334 --> 00:13:23,834
Because there's nothing to test, and when you are testing thousands

250
00:13:23,834 --> 00:13:26,125
of hosts, this can be efficient.

251
00:13:26,709 --> 00:13:31,959
You can write one off JavaScripts to transform your data in various ways.

252
00:13:34,751 --> 00:13:39,250
So if you just open up the script browser or console,

253
00:13:39,250 --> 00:13:44,959
I'm sorry, and you paste this in, get so you can see.

254
00:13:45,083 --> 00:13:48,999
So I not .6 and .46 don't have any queries.

255
00:13:50,083 --> 00:13:53,083
They are run on the client and they are shipped on the server and

256
00:13:53,083 --> 00:13:55,334
the data has been updated.

257
00:14:06,417 --> 00:14:09,584
Another cool thing that's just built in is chat.

258
00:14:13,584 --> 00:14:15,250
So if you are on an internal engagement

259
00:14:15,250 --> 00:14:18,459
or something and you don't want to feel like getting around a firewall,

260
00:14:18,459 --> 00:14:21,459
you can just use the in built chat like that.

261
00:14:22,125 --> 00:14:24,083
Yeah, and that's kind of it.

262
00:14:24,083 --> 00:14:28,918
There are other things, such okay.

263
00:14:28,999 --> 00:14:31,542
Next thing is this service tab, a very common thing when you are

264
00:14:31,542 --> 00:14:33,667
on a penetration test.

265
00:14:33,667 --> 00:14:35,125
You want to get lists of hosts that have certain

266
00:14:35,125 --> 00:14:36,999
services open.

267
00:14:37,083 --> 00:14:38,626
You can do that here and search through these

268
00:14:38,626 --> 00:14:40,584
or you can also click.

269
00:14:40,999 --> 00:14:43,542
This is a unique list of port protocol service and product,

270
00:14:43,542 --> 00:14:47,250
if you click on any of these, it will reduce the search and give you just

271
00:14:47,250 --> 00:14:50,334
a list of the hosts with that port open.

272
00:14:51,250 --> 00:14:53,083
Which is very, very cool.

273
00:14:53,083 --> 00:14:54,999
It's just kind of a convenience thing.

274
00:14:57,751 --> 00:15:02,209
Another thing you might want to track during a test is credentials.

275
00:15:02,501 --> 00:15:04,876
So those happen at the service view.

276
00:15:04,999 --> 00:15:07,375
So you can add those in here or you might be able to build

277
00:15:07,375 --> 00:15:09,501
a drone that adds these in.

278
00:15:12,501 --> 00:15:14,626
So they're shown here.

279
00:15:17,501 --> 00:15:20,292
They are shown at the top service level view here

280
00:15:20,292 --> 00:15:22,918
and then they are also given to you in kind

281
00:15:22,918 --> 00:15:25,959
of its own tab here as credentials.

282
00:15:30,999 --> 00:15:33,626
So that's it.

283
00:15:33,709 --> 00:15:36,209
Let me bring up the slides a second here.

284
00:15:47,209 --> 00:15:49,083
So the next step that we have in the project

285
00:15:49,083 --> 00:15:51,876
is that we need more parsers, like we said, we only have them

286
00:15:51,876 --> 00:15:53,417
for four tools.

287
00:15:53,417 --> 00:15:55,083
We would like to write more tools.

288
00:15:55,083 --> 00:15:57,125
I know Qualys is a big one.

289
00:15:59,876 --> 00:16:03,209
We would like the community to contribute writing them as well.

290
00:16:03,709 --> 00:16:06,751
One of the biggest things we are looking at doing is sinking

291
00:16:06,751 --> 00:16:10,125
with the metasploit database so you can use both applications and have

292
00:16:10,125 --> 00:16:12,709
the data sync simultaneously.

293
00:16:14,083 --> 00:16:15,918
And another big thing is we know we need

294
00:16:15,918 --> 00:16:17,709
more documentation.

295
00:16:17,959 --> 00:16:19,584
When you see the GitHub site, you can see that the documentation

296
00:16:19,584 --> 00:16:21,083
is pretty sparse.

297
00:16:21,375 --> 00:16:23,584
We have been spending the last six months on this, trying

298
00:16:23,584 --> 00:16:25,999
to make it very, very polished.

299
00:16:26,417 --> 00:16:30,999
So the code and getting it working has been our major goal here.

300
00:16:30,999 --> 00:16:32,751
The documentation is next.

301
00:16:32,751 --> 00:16:34,876
So we'll have documentation up of how you can interact

302
00:16:34,876 --> 00:16:38,999
with the API to build your own parsers, how you can install it from scratch,

303
00:16:38,999 --> 00:16:40,667
et cetera.

304
00:16:45,083 --> 00:16:47,709
The source code is all available on GitHub.

305
00:16:47,709 --> 00:16:48,876
That's the link there.

306
00:16:49,375 --> 00:16:52,999
We do provide you with precompiled packages so it has

307
00:16:52,999 --> 00:16:57,999
the database, a specific version of node, the application, all bundled

308
00:16:57,999 --> 00:17:01,626
up with some easy to use shell scripts.

309
00:17:01,667 --> 00:17:06,250
Those are about 100 Meg each and they are each they are

310
00:17:06,250 --> 00:17:10,709
for Linux 32 bit and 64 bit and IOS.

311
00:17:10,999 --> 00:17:12,501
I will upload them.

312
00:17:15,083 --> 00:17:20,751
You can follow the GitHub address and track it there.

313
00:17:20,751 --> 00:17:24,209
Also if you want to hit me up on Twitter and that's my name

314
00:17:24,209 --> 00:17:27,959
on freenode and that's Dan's Twitter.

315
00:17:29,250 --> 00:17:31,083
We have some extra time.

316
00:17:31,083 --> 00:17:32,375
Are there any questions?

317
00:17:33,083 --> 00:17:34,334
Yes?

318
00:17:34,751 --> 00:17:42,751
AUDIENCE MEMBER: Just quickly, why did you (Inaudible).

319
00:17:42,999 --> 00:17:46,584
TOM STEELE: Yeah, so the way meteor works, as I said,

320
00:17:46,584 --> 00:17:50,999
it has the database driver written on the client.

321
00:17:50,999 --> 00:17:54,751
We deny all of those so the query is shipped on the server.

322
00:17:55,709 --> 00:17:57,999
That security warning is basically saying, hey,

323
00:17:57,999 --> 00:18:00,417
you are going to allow all of your users to modify

324
00:18:00,417 --> 00:18:03,751
the database without think sort of validation.

325
00:18:03,751 --> 00:18:04,999
So open the server we actually do pretty strict

326
00:18:04,999 --> 00:18:06,667
validation of what end data you are putting

327
00:18:06,667 --> 00:18:10,167
in so it will validate that you are putting an actual IP address on.

328
00:18:14,999 --> 00:18:18,334
Those settings are only available to administrative users.

329
00:18:20,709 --> 00:18:22,250
Any other questions?

330
00:18:25,999 --> 00:18:27,250
Okay.

331
00:18:27,250 --> 00:18:28,792
Well, thanks for coming out.