文章原创为西电睿思的小忧伤，感谢大佬提供技术和授权！本文在原文章的基础上做了部分修改，更新了NAT6转发部分的内容以适应新固件。

最后效果为IPv4流量计算在翼讯，IPv6流量计算在校园网。

一、路由器固件

虚拟机编译LEDE，内核版本5.4.51。

包含插件

• $$R Plus+
  • $$
  • v2ray
  • socks
• DDNS
• UPnP

吐槽：自己K2P 16M能放的的插件太少了...

Peng Wang, Xiaojing Liao, Yue Qin, XiaoFeng Wang Indiana University Bloomington fpw7, xliao, qinyue, xw7g@indiana.edu

Abstract

E-commerce miscreants（电子商务罪犯） heavily rely on instant messaging (IM) to promote their illicit businesses（促进其非法生意） and coordinate their operations. The threat intelligence（威胁情报） provided by IM communication, therefore, becomes invaluable（无价的） for understanding and mitigating（缓解） the threats of e-commerce frauds（威胁）. However, such information is hard to obtain since it is usually shared only through one-on-one conversations with the criminals. In this paper, we present the first chatbot, called Aubrey, to actively collect such intelligence through autonomous chats（自动聊天） with realworld e-commerce miscreants. Our approach leverages（利用了） the question-driven conversation pattern of small-time workers, who seek jobs and/or attack resources from e-commerce fraudsters（骗子）, to model the interaction process as a finite state machine（将交互过程建模为有限状态机）, thereby（从而） enabling（实现） an autonomous conversation. Aubrey successfully chatted with 470 real-world e-commerce miscreants and gathered a large amount of fraud-related artifacts（文物）, including previously-unknown（以前未知的） SIM gateways, account trading websites（账户交易网站）, and attack toolkits, etc. Further, the conversations revealed the supply chain of e-commerce fraudulent activities on the deep web and the complicated relations（复杂关系） (e.g., complicity and reselling（同谋和转售）) among miscreants.

今天实验室师兄晚上有华为笔试，凑着看了两道用于笔试前练习的题。主要用于练习标准输入，从命令行读入响应数据。

安装

使用scoop很简单地安装Anaconda3

1

scoop install anaconda3

配置环境并激活

创建环境

1

conda create -n learn-scikit

激活环境

1

conda activate learn-scikit

退出环境

1

conda deactive

删除环境

1

conda remove -n learn-scikit --all

列出当前所有已创建的环境

1

conda env list

Windows上的最新命令activate和deactivate前都有加conda了，以前不加可以使用，但现在必须要加了。

阅读论文 BlindBox: Deep Packet Inspection over Encrypted Traffic

Justine Sherry UC Berkeley

Chang Lan UC Berkeley

Raluca Ada Popa ETH Zürich and UC Berkeley

Sylvia Ratnasamy UC Berkeley

ABSTRACT

Many network middleboxes（中间件） perform deep packet inspection (DPI), a set of useful tasks which examine packet payloads. These tasks include intrusion detection (IDS), exfiltration detection（渗透检测）, and parental filtering（家长监管）. However, a long-standing（长期存在的） issue is that once packets are sent over HTTPS, middleboxes can no longer accomplish（完成） their tasks because the payloads are encrypted. Hence, one is faced with the choice of only one of two desirable（理想的） properties: the functionality of middleboxes and the privacy of encryption（加密的私密性）. We propose BlindBox, the first system that simultaneously（同时） provides both of these properties. The approach of BlindBox is to perform the deep-packet inspection directly on the encrypted traffic. BlindBox realizes this approach（实现了这种方法） through a new protocol and new encryption schemes. We demonstrate（证明了） that BlindBox enables applications such as IDS, exfiltration detection and parental filtering, and supports real rulesets（真实的规则集） from both open-source and industrial DPI systems. We implemented BlindBox and showed that it is practical for settings with long-lived HTTPS connections. Moreover, its core encryption scheme is 3-6 orders of magnitude（3-6个数量级） faster than existing relevant cryptographic schemes.