net-re class spam

2013-01-31 13:54:13 -07:00 · 2013-01-31 13:54:13 -07:00 · 8002d2d658
parent 02299001b6
commit 8002d2d658
2 changed files with 183 additions and 0 deletions
--- a/doc/2013-02-TF5/class-spam.py
+++ b/doc/2013-02-TF5/class-spam.py
@ -0,0 +1,18 @@
 #! /usr/bin/python3
 import smtplib
 import sys
 smtpd = smtplib.SMTP("mail.lanl.gov")
 template = open("netre-email.txt").read()
 assert 'RCPT' in template
 assert 'TOKEN' in template
 for line in open("netarch-tokens.txt"):
 	email, token = line.strip().split()
 	print(email)
 	msg = template.replace("RCPT", email).replace("TOKEN", token)
 	smtpd.sendmail("neale@lanl.gov", [email], msg)
 	#print(msg)
--- a/doc/2013-02-TF5/netre-email.txt
+++ b/doc/2013-02-TF5/netre-email.txt
@ -0,0 +1,165 @@
 From: Neale Pickett <neale@lanl.gov>
 To: RCPT
 Subject: Tracer FIRE: Network Archaeology Information
 Welcome to the Network Archaeology course!
 Your token is: TOKEN.  Please write this down, but protect it as
 though it were a password.
 Summary
 --------
 * 8-11 AM and 1-4 PM (US/Mountain), Mon Feb 4 - Tue Feb 5
 * Get started at http://tf5.lanl.gov/netarch.html
 * Work at your own pace, using tutorial videos on YouTube
 * Connect to irc://irc.oftc.net/netarch for Q/A
 * Use you token (TOKEN) to ask questions and check lab answers
 IRC is going to be the biggest challenge for some participants.  We urge
 you to connect to IRC and test the channel moderation bot before Monday,
 since we won't be able to help you get connected during the course.
 What to Expect
 ------------
 Network Archaeology is a self-paced course, consisting of tutorial
 labs and video tutorials on YouTube.  Instructors are available on IRC
 (Internet Relay Chat) to answer questions and provide help as you work
 through the labs at your own speed.
 When the course begins Monday morning at 8:00AM US/Mountain, log on to
 IRC, then check the web page at http://tf5.lanl.gov/netarch.html for links
 to the lab server, an introductory video, and tutorial videos on YouTube.
 After the first 8 labs, we expect you to figure out on your own
 how to approach and solve problems.  We will update the page at
 http://tf5.lanl.gov/netarch.html with links to more tutorial videos to
 keep you from getting stuck, though.
 You will see questions and answers in the IRC channel.  When you have
 a question of your own, message the moderator from your IRC client:
    /msg netarch-moderator TOKEN What does = mean in base64?
 Course requirements
 ----------------
 You need:
 * A laptop with Linux or MacOS (Linux preferred, inside a VM is fine)
 * Wireshark
 * tcpdump
 * tcpflow
 * gcc and make
 * python3
 * A plain text or code editor, such as gedit
 * An IRC client such as xchat or pidgin
 Please have all your software installed and ready to go when the course
 begins.  We will not be available to help with software installation.
 Connecting to IRC
 --------------
 IRC is the technology used by NNSA's Tracer group for collaborative
 incident response, and it will soon be used by DOE's NSM group as well.
 If you have never used IRC before, we urge you to test it out before
 Monday.  Neither Patrick nor Neale will be available to provide assistance
 connecting to IRC after the course begins: please familiarize yourself
 with IRC before Monday.
 If you are on LANL's collab IRC server, you may join channel #tf5 right
 now; I am in the channel and would be happy to chat with you.  The collab
 channel is unmoderated, you may ask questions right in the channel.
 You can skip the rest of the IRC sections.
 If you are not on LANL's collab IRC server, or don't know what that means,
 you need to connect to the moderated channel on OFTC.  You may install
 any IRC client you like--I use xchat--and tell it to connect to the OFTC
 network (irc.oftc.net).
 If you can't connect to IRC with an installed client, you may have better
 luck with the web-based Mibbit (http://www.mibbit.com/).  Remember to
 select the OFTC network, and to put # in front of channel names.
 IRC Channels
 ----------
 There are two OFTC channel for the course: #tf5 and #netarch.
 #tf5 is an unmoderated channel for all Tracer FIRE 5 participants.
 You may be able to get help from other people (not the instructors)
 in #tf5.  You don't have to join #tf5, though: it's optional.
 #netarch is the course channel, and is moderated.  Questions must be
 sent to netarch-moderator, with your token.  For example:
    /msg netarch-moderator TOKEN How do I start a Python shell?
 netarch-moderator will reply saying it has put your question in the queue,
 and it will send your question to #netarch when the instructors are ready.
 If you provide an invalid token, or don't provide a token at all, the
 moderator will not respond.
 Testing your IRC connection
 ----------------------
 I implore you to connect to IRC right now, join #netarch, and make sure
 you understand how to send messages to the moderator.  You can verify
 that the moderator sees your token by typing:
    /msg netarch-moderator TOKEN test
 Where to go for technical support
 --------------------------
 Due to the number of participants we have this year, we will not be able
 to provide any technical support outside of helping you work through labs.
 There will be people in the #tf5 IRC channel who may be willing to assist
 you if you ask nicely.
 For this reason, it is very important that you have figured out how to
 connect to IRC before Monday.  There are many resources on the Internet
 to help you with this.
 A few of you will be unable to connect to IRC, even after going over
 the instructions in this email carefully.  I apologize in advance for
 being unable to help you get connected during the course.
 About your Instructors
 ------------------
    Neale Pickett, Los Alamos National Laboratory
        Neale created the network archaeology toolkit for python, and is
        the principal organizer of Tracer FIRE.  He has been involved in
        several high-profile incident response efforts across DOE/NNSA
        since 2005, and has been teaching this course since 2010.
    Patrick Avery, Pantex Plant
        Patrick, a former and current student of Neale, is one of the
        biggest advertisers of the network archaology toolkit -- singing
        its glory from the mountaintops. He has been involved in several
        high-profile incident response efforts across DOE/NNSA since
        2009 and has been assisting with this course since 2011.
    The Tracer FIRE Registration and Moderation Fairies
        The Tracer FIRE Fairies are new in 2013.  The Registration Fairy
        is sorry for sending so many emails, and the Moderation Fairy is
        sorry you lost your token (which is TOKEN).