thoughts…

rants and bookmarks about programming stuff…

Tag Archives: network


by

A tcpdump Tutorial and Primer

tcpdump is the premier network analysis tool for information security professionals. Having a solid grasp of this über-powerful application is mandatory for anyone desiring a thorough understanding of TCP/IP. Many prefer to use higher level analysis tools such as Ethereal Wireshark, but I believe this to usually be a mistake.

In a discipline so dependent on a true understanding of concepts vs. rote learning, it’s important to stay fluent in the underlying mechanics of the TCP/IP suite. A thorough grasp of these protocols allows one to troubleshoot at a level far beyond the average analyst, but mastery of the protocols is only possible through continued exposure to them.

When using a tool that displays network traffic a more natural (raw) way the burden of analysis is placed directly on the human rather than the application. This approach cultivates continued and elevated understanding of the TCP/IP suite, and for this reason I strongly advocate using tcpdump instead of other tools whenever possible…”

http://danielmiessler.com/study/tcpdump/


by

Linux TCP/IP tuning for scalability

“We’re a performance company, and performance and scalability go hand in hand. Better scalability results in more consistent performance and at LogNormal, we like pushing our hardware as far as it will go.

Today’s post is about some of the infrastructure we use and how we tune it to handle a large number of requests.

We have separate components of our software stack to handle different tasks. In this post I’ll only cover the parts that make up our beacon collection component and how we tune it. Only a few of the tuning points are specific to this component…”

http://www.lognormal.com/blog/2012/09/27/linux-tcpip-tuning/


by Leave a comment

TeleHash – Distributed JSON

“A Kademlia-based DHT and JSON protocol for application meshing and eventing…”

“It works by sending and receiving small bits of JSON via UDP using an efficient routing system based on Kademlia, a proven and popular Distributed Hash Table. Everything within TeleHash is routed based on a generic SHA hash of the related id or URL…”

http://telehash.org/

http://en.wikipedia.org/wiki/Kademlia


by Leave a comment

Ubuntu 12.04 LTS Precise Pangolin: Building a Firewall

“The default firewall configuration tool for Ubuntu is known as ‘UFW’. Developed to ease iptables firewall configuration, UFW provides a user-friendly way to create an IPv4 or IPv6 host-based firewall that will serve to protect your computer from un-authorised access and in this article I am going to show you how to setup, configure and manage your security needs on Ubuntu 12.04 LTS Precise Pangolin…”

http://www.sitepoint.com/ubuntu-12-04-lts-precise-pangolin-building-a-firewall/


by Leave a comment

Dissecting SSL handshake

“Not everyone knows that the SSL handshake is not encrypted. When you think about it – there isn’t other way, before the keys are exchanged the communication must be unencrypted. But I doubt many people think about it.

Not only the SSL handshake is plain-text, but also it contains rather interesting data. I decided to find out how much information can be retrieved from it…”

https://idea.popcount.org/2012-06-16-dissecting-ssl-handshake/


by Leave a comment

The bandwidth of a Boeing 747 and its impact on web browsing

“Suppose you needed to transfer 1TB of data (perhaps your home movie collection) from San Francisco to London. What would be the fastest route? Put the disk on British Airways flight 286 at SFO, or transfer it across the Internet using a 100 Mbps connection?…”

http://blog.cloudflare.com/the-bandwidth-of-a-boeing-747-and-its-impact


by Leave a comment

Connecting containers on several hosts with Open vSwitch

“Lxc is great for starting up several containers on your laptop or on an ec2 host. But what if you want to fire up containers on multiple ec2 instances, and have them talk to each other?

An easy way to support that is using openvswitch. This script is a user-data-script which you can use to fire up instances ready to connect containers…”

http://s3hh.wordpress.com/2012/05/28/connecting-containers-on-several-hosts-with-open-vswitch/


by Leave a comment

IPTABLES – Limit rate of a specific incoming IP

“IPTables isnt made for this kind of work, where lots and lots of packets need to be analyzed to make these decisions. IPTables is partly the answer though!

The real answer to this is the awesome and underused traffic control facilities in linux. Note that mucking around with this without knowing what is going on may lead to you losing network connectivity to the machine! You have been warned!

Assuming eth0 is the outgoing device you will need to create a class-based traffic control queue which will by default output most traffic throught the ‘fast’ queue and put a specific list of people into the ‘slow’ queue.

The beauty of this is you can create a situation whereby you allow lots of outbound traffic for the slow user unless an overriding class wants the bandwidth, but this example does not do this (will always provide 10kbps to the slow users). The queing system will look something like this…”

http://serverfault.com/questions/384132/iptables-limit-rate-of-a-specific-incoming-ip/384155#384155

Follow

Get every new post delivered to your Inbox.

Join 516 other followers