More netblob
This commit is contained in:
parent
f1d1aa8064
commit
0da41431f0
|
|
@ -133,3 +133,84 @@ Good learning resources for ARP:
|
||||||
- TLS/SSL
|
- TLS/SSL
|
||||||
- Inspection and Testing Tools: tcpdump, wireshark, netcat and more
|
- Inspection and Testing Tools: tcpdump, wireshark, netcat and more
|
||||||
- HTTP/2, HTTP/3
|
- HTTP/2, HTTP/3
|
||||||
|
|
||||||
|
|
||||||
|
## NET RAMBLE
|
||||||
|
|
||||||
|
physical cables -- bits on wire / optics
|
||||||
|
BGP -- Major Routing Hub to Major Routing Hub
|
||||||
|
https://blog.benjojo.co.uk/post/bgp-battleships
|
||||||
|
|
||||||
|
IP Distribution via IANA / ICANN
|
||||||
|
-- blocks of IPv4 addresses auctioned to autonomous systems / organizations, who communication routing tables for blocks via BGP
|
||||||
|
|
||||||
|
TTL / congestion control / TCP_NODELAY vs TCP_QUICKACK / TCP_CORK
|
||||||
|
https://news.ycombinator.com/item?id=9048947
|
||||||
|
|
||||||
|
DNS -- Domain Name Registrars who own TLDs (ex: .com, .org, .io)
|
||||||
|
https://www.iana.org/domains/root/db
|
||||||
|
https://messwithdns.net/
|
||||||
|
https://wizardzines.com/zines/dns/
|
||||||
|
https://jvns.ca/blog/2022/05/10/pages-that-didn-t-make-it-into--how-dns-works-/
|
||||||
|
|
||||||
|
Switching -- on the Ethernet / MAC level, layer 2, VLANs can happen here
|
||||||
|
<ETHERNET><><ETHERNET>
|
||||||
|
Spanning Tree Protocol -- solves ARPSTORMs
|
||||||
|
|
||||||
|
Link speed negotiation
|
||||||
|
|
||||||
|
(intel) NUC with two (usb) NICs -- VMs that would tag traffic with VLAN.
|
||||||
|
Ethernet packet tagged with VLAN 1,
|
||||||
|
|
||||||
|
| 1 1 1 1 1 1 1 2 | | 2i 2o |
|
||||||
|
| 2 | | NUC |
|
||||||
|
| 2 | | |
|
||||||
|
|
||||||
|
layer 2 ethernet -- hamachi / layer 3 ip -- openvpn
|
||||||
|
|
||||||
|
Router in bridge mode -- Router A <=====> Router B
|
||||||
|
|
||||||
|
Hubs are layer 1
|
||||||
|
Switches are layer 2
|
||||||
|
Routers are layer 3
|
||||||
|
|
||||||
|
Home "router" is a router / switch combo
|
||||||
|
|
||||||
|
Network Topology -- this is mostly outside my wheelhouse; infiniband/optics?
|
||||||
|
|
||||||
|
"crossover cable"
|
||||||
|
A B
|
||||||
|
TX ---\/--- TX
|
||||||
|
RX ---/\--- RX
|
||||||
|
|
||||||
|
"standard cable"
|
||||||
|
A B
|
||||||
|
TX -------- TX
|
||||||
|
RX -------- RX
|
||||||
|
|
||||||
|
|
||||||
|
Switch maintains an ethernet routing table, uses mac addresses to determine which ports need to be routed to other ports
|
||||||
|
|
||||||
|
TTL -- preventing packets from hopping forever on layer 3 connections, ICMP is a totally separate thing
|
||||||
|
ICMP -- https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol
|
||||||
|
|
||||||
|
SEND CHEESEBURGER TO GOOGLE
|
||||||
|
A -> HR -> ISP -> | | | | -> GOOGLE
|
||||||
|
subnet 192.168.1.X
|
||||||
|
HR -> ISP | DESTINATION UNREACHABLE {ICMP 3} | TIME EXCEEDED {ICMP 11} TTL Expires
|
||||||
|
Blocking ICMP is messy, be careful!
|
||||||
|
|
||||||
|
https://en.wikipedia.org/wiki/Black_hole_(networking)
|
||||||
|
PING sends ICMP | TTL
|
||||||
|
traceroute {ICMP 30} tells each router on the chain to send back a response, they don't have to, they can just send through.
|
||||||
|
`traceroute bad.horse`
|
||||||
|
|
||||||
|
Network Tomography -- Mapping networks by gathering a bunch of timing data sending packets between nodes
|
||||||
|
https://en.wikipedia.org/wiki/Network_tomography
|
||||||
|
|
||||||
|
DHCP is automatic IP handouts
|
||||||
|
But also, it tells you where your mail server is, how to get fortune cookies, and is a source of fun vulnerabilities
|
||||||
|
|
||||||
|
TLS 1.2/1.3
|
||||||
|
https://tls12.ulfheim.net/
|
||||||
|
bearSSL
|
||||||
Loading…
Reference in New Issue