roygbyte.com

       NET-101
       
       This entry tracks my progress towards more advanced knowledge of
       computer networking. Content is structured according to this learning
       pattern:
       
       - Subject
         - Problem
           - Solution
             - Results
       
       "Subject" is the broad area of knowledge. "Problem" is a statement of
       my incomprehension of something within the subject. "Solution" are
       theoretical steps towards gaining sufficient knowledge to resolve the
       problem. Results are any work I have done towards implementing the
       solution.
       
       
       TCP/IP Protocol Suite
       ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
       I don't know how TCP streams compare across the application protocols
       I routinely use (IMAP, Gopher, HTTP, IRC, SSH).
       ----------------------------------------------------------------------
       Solution
       ......................................................................
       Run and capture packet data for three to four application protocols
       that use TCP. Capture the data while performing a few common uses of
       these applications. Explain and summarize how this data was captured
       (and how, writing down any pcap rules) and what can be observed in the
       streams. Identify remarkable attributes of each packet stream such as
       TCP options used, number of packets sent, and contents of the
       application data. Annotate, cross-reference, and augment your
       observations with reference to the RFC for your selected protocols.
       
       Resources used: rfc-editor.org, tcpdump(1), pcap-filter(7), Wireshark
       
       
       I don't know how and why application protocols are planned, designed,
       and implemented.
       ----------------------------------------------------------------------
       Solution
       ......................................................................
       Choose two application protocols (using TCP or UDP, doesn't
       matter). Research and summarize each protocol's purpose, originating
       context, and historical precedent. Find an open-source program that
       implements each protocol (you can choose one program for one protocol,
       or one program for both protocols). Capture snippets of code from the
       program(s) showing how the protocol is implemented. Research and
       explain two to three flaws, weakness, and/or vulnerability in each
       protocol (these can be historical--and thus obselete--or relevant
       today.) Where applicable, indicate how these negative attributes are
       inherent in the protocol's design.
       
       
       I haven't had the experience of building my own application protocol
       onto of TCP or UDP.
       ----------------------------------------------------------------------
       Solution
       ......................................................................
       Design a new application protocol suited to some purpose of your own
       conception. Research and understand the RFC format, then write your
       protocol using the RFC format: describe motivation, requirements, and
       include a brief outline of the protocol. The purpose of the protocol
       is up to you. As an example, it could include mechanisms for
       initiating an initial handshake and reconnection handshake, sending
       payloads with 2 or more attributes, and checking client and server
       health (response time, availability). Build a small program that
       implements some part of your protocol.
       
       
       Networking tools and their use
       ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
       I don't know the workflow for capturing and introspecting arbitrary
       packet data for monitoring, defensive security, or debugging perposes.
       ----------------------------------------------------------------------
       Solution
       ......................................................................
       Use `tcpdump' to create a packet capture of a workstation or (ideally)
       server over a few days. Use `tshark' to parse and organize the large
       pcap file into smaller, filtered pcap files. Each files should contain
       only the packets for a given application protocol. Choose these
       filters based on protocols you commonly use (HTTP/HTTPS, Gopher, SSH,
       IRC). Research and summarize three common packet analysis methods and
       processes in Wireshark. Then perform these processes on the filtered
       pcap files. Document your findings (or lack thereof).
       
       
       I don't understand how an internet arrives to my house, gets router to
       my computer and back out again.
       ----------------------------------------------------------------------
       Solution
       ......................................................................
       Investigate and summarize the infrastructure and technology used to
       initiate and carry an internet connection into your house. Describe
       this process with relation to the OSI model: summarize the purpose of
       each layer and annote it with details of the layer's implementation
       for you.
       
       
       I don't know how to setup a network
       ----------------------------------------------------------------------
       TBD...
       
       analysi