Second part of a talk given on the VUC (http://www.voipusersconference.org/2014/vuc506-turn-and-stun-the-ice/) with Emil Ivov about how WebRTC uses ICE to get through firewalls.
This document provides an overview of the tcpdump network traffic analysis tool. It discusses how tcpdump can be used to capture and filter network packets, highlights some common workflows and options, describes the underlying Berkeley Packet Filter (BPF) architecture, and addresses some common issues and questions. The key points are:
- Tcpdump allows users to capture and filter live network traffic or read from saved packet capture (pcap) files.
- Common options include -n to disable DNS resolution for faster display, -s1500 to set the snapshot length, -X to print packets in hex/ascii, and various filters like port 80.
- Workflows include online analysis of live traffic or offline analysis of saved captures
This document provides an overview of TCPDUMP including:
- Introducing TCPDUMP as a command line network packet analyzer that comes pre-installed on Unix systems.
- Explaining how to decipher data packets captured by TCPDUMP.
- Detailing basic and intermediate TCPDUMP command line options and usage including filtering, reading from and writing to files.
- Outlining steps for network hacking techniques like footprinting, scanning, and DDoS attacks.
CNIT 50: 6. Command Line Packet Analysis ToolsSam Bowne
This document provides an overview of 6 command line packet analysis tools used for network security monitoring: Tcpdump, Dumpcap, Tshark, Argus, the Argus Ra client, and Argus Racluster. It describes what each tool is used for, basic syntax and examples of using filters to view specific traffic like ICMP, DNS, TCP handshakes. It also covers running these tools from the command line, reading captured packet files, and examining Argus session data files.
TCPDUMP is a command line tool for capturing network packets. It has many options for filtering, formatting, and saving packet captures. The document also provides details on capture filter primitives that can be used to match packets based on attributes like source/destination, protocols, ports, lengths, and more. Examples of filters are also given.
Beyond TCP: The evolution of Internet transport protocolsOlivier Bonaventure
The transport layer is one of the key layers of the Internet protocol stack. It enrichs the network layer service to make it suitable for applications. Almost 40 years after its initial design, TCP remains the most widely used transport protocol. In the early 2000s, SCTP was proposed as an alternative to TCP. Despite a clean and extensible design and many useful features, it did not reach wide deployment. This failure is mainly caused by middleboxes. We'll describe their operation and explain why Multipath TCP, which is a backward compatible evolution to TCP, has better chances of being deployed. We'll explain the main principles behind Multipath TCP and the lessons that can be drawn from its design. We'll then analyse why Internet giants like Google and Microsoft now consider application-layer solutions like QUIC to replace standard protocols like TCP.
TCPLS closely integrates TCP and TLS by using new TLS record types to carry TCP control plane information. This allows TCP options and control data to be encrypted and authenticated within TLS records. TCPLS provides benefits like securing Multipath TCP connections, enabling stronger TCP Fast Open, providing more space for TCP options, allowing true TCP keepalives, securely releasing TCP sessions, supporting Happy Eyeballs, and enabling connection migration. The integrated TCPLS protocol could improve privacy, security and functionality compared to treating TCP and TLS as separate and independent protocols.
Slides supporting the "Computer Networking: Principles, Protocols and Practice" ebook. The slides can be freely reused to teach an undergraduate computer networking class using the open-source ebook.
Netcat, also known as the Swiss Army knife of networking tools, can be used for various purposes including creating chat servers, serving web pages, port scanning, file transfers, and obtaining remote shells. The document discusses different versions of Netcat, provides examples of using Netcat for these tasks, and notes some security disadvantages when using it without encryption. Key topics covered include creating a basic chat server and web server, using Netcat for port scanning and file transfers, and obtaining a remote Windows command shell, although this last use raises security concerns.
This document provides an overview of the tcpdump network traffic analysis tool. It discusses how tcpdump can be used to capture and filter network packets, highlights some common workflows and options, describes the underlying Berkeley Packet Filter (BPF) architecture, and addresses some common issues and questions. The key points are:
- Tcpdump allows users to capture and filter live network traffic or read from saved packet capture (pcap) files.
- Common options include -n to disable DNS resolution for faster display, -s1500 to set the snapshot length, -X to print packets in hex/ascii, and various filters like port 80.
- Workflows include online analysis of live traffic or offline analysis of saved captures
This document provides an overview of TCPDUMP including:
- Introducing TCPDUMP as a command line network packet analyzer that comes pre-installed on Unix systems.
- Explaining how to decipher data packets captured by TCPDUMP.
- Detailing basic and intermediate TCPDUMP command line options and usage including filtering, reading from and writing to files.
- Outlining steps for network hacking techniques like footprinting, scanning, and DDoS attacks.
CNIT 50: 6. Command Line Packet Analysis ToolsSam Bowne
This document provides an overview of 6 command line packet analysis tools used for network security monitoring: Tcpdump, Dumpcap, Tshark, Argus, the Argus Ra client, and Argus Racluster. It describes what each tool is used for, basic syntax and examples of using filters to view specific traffic like ICMP, DNS, TCP handshakes. It also covers running these tools from the command line, reading captured packet files, and examining Argus session data files.
TCPDUMP is a command line tool for capturing network packets. It has many options for filtering, formatting, and saving packet captures. The document also provides details on capture filter primitives that can be used to match packets based on attributes like source/destination, protocols, ports, lengths, and more. Examples of filters are also given.
Beyond TCP: The evolution of Internet transport protocolsOlivier Bonaventure
The transport layer is one of the key layers of the Internet protocol stack. It enrichs the network layer service to make it suitable for applications. Almost 40 years after its initial design, TCP remains the most widely used transport protocol. In the early 2000s, SCTP was proposed as an alternative to TCP. Despite a clean and extensible design and many useful features, it did not reach wide deployment. This failure is mainly caused by middleboxes. We'll describe their operation and explain why Multipath TCP, which is a backward compatible evolution to TCP, has better chances of being deployed. We'll explain the main principles behind Multipath TCP and the lessons that can be drawn from its design. We'll then analyse why Internet giants like Google and Microsoft now consider application-layer solutions like QUIC to replace standard protocols like TCP.
TCPLS closely integrates TCP and TLS by using new TLS record types to carry TCP control plane information. This allows TCP options and control data to be encrypted and authenticated within TLS records. TCPLS provides benefits like securing Multipath TCP connections, enabling stronger TCP Fast Open, providing more space for TCP options, allowing true TCP keepalives, securely releasing TCP sessions, supporting Happy Eyeballs, and enabling connection migration. The integrated TCPLS protocol could improve privacy, security and functionality compared to treating TCP and TLS as separate and independent protocols.
Slides supporting the "Computer Networking: Principles, Protocols and Practice" ebook. The slides can be freely reused to teach an undergraduate computer networking class using the open-source ebook.
Netcat, also known as the Swiss Army knife of networking tools, can be used for various purposes including creating chat servers, serving web pages, port scanning, file transfers, and obtaining remote shells. The document discusses different versions of Netcat, provides examples of using Netcat for these tasks, and notes some security disadvantages when using it without encryption. Key topics covered include creating a basic chat server and web server, using Netcat for port scanning and file transfers, and obtaining a remote Windows command shell, although this last use raises security concerns.
Netcat is a versatile networking tool that can be used for port scanning, port redirection, listening for incoming connections, and creating remote connections. It allows creating a simple command line chat server by running nc in listen mode on one system and connecting to it from another. Netcat can also identify services running on specific ports by obtaining port banners, and has been used by hackers to create backdoors by launching a shell on a listened port.
TProxy is a tool that allows transparent interception of TCP traffic. The document discusses using TProxy to get in the middle of traffic by ARP spoofing or physical access to redirect connections to a proxy for inspection. It also covers intercepting and editing messages and protocols like SSL/TLS, RDP, and IMAP to demonstrate TProxy's abilities.
This document discusses common web technology protocols. It explains that protocols are sets of rules that govern data exchange between devices and are usually assigned to specific ports. It then describes some key protocols including IP, TCP, UDP, HTTP, HTTPS, FTP, SSH, and others. It lists the standard ports used by these various protocols and provides a brief overview of their functions and whether they transmit encrypted or unencrypted data.
Netcat is a versatile network utility tool that can be used for both legitimate network analysis and security issues identification. It allows creating inbound or outbound TCP or UDP connections to any ports and can be used for port scanning, data transfer, and performance testing. However, it also poses security risks if used maliciously by allowing execution of programs on listening ports, which could enable attacks like SYN flooding.
NetCat - the suiss army knife of networkMehdi Djoughi
NetCat is a utility used for reading and writing to network connections using TCP or UDP. It has several features including port scanning, proxying, transferring files, banner grabbing, and creating backdoors. NetCat allows creating reverse or bind shells and is useful for sys admins to scan networks and penetration testers to perform vulnerability assessments and create unauthorized access to systems.
Tcpdump is a command line packet analyzer that allows users to intercept and display TCP/IP and other network packets. It can be used to debug applications that use the network, analyze network setups, and intercept unencrypted network traffic passing through systems with appropriate privileges. Tcpdump displays captured packets and allows filtering by protocol, port, or other criteria using command line flags.
Netcat is a tool that can be used for port scanning, banner grabbing, file transfer, remote shell access, and chatting over networks using TCP or UDP. It allows viewing open ports on a system through port scanning. Banner grabbing determines the service, version, and OS by connecting to an open port. File transfer and chat are done by setting up Netcat in server and client modes. Remote shell access can be provided through a bind shell, which binds a shell like cmd.exe to a port, or a reverse shell, which sends a shell from the client to a listening Netcat server.
Ultra fast DDoS Detection with FastNetMon at Coloclue (AS 8283)Pavel Odintsov
This document discusses how Coloclue, a non-profit volunteer-driven ISP, automated the detection and mitigation of DDoS attacks through the use of FastNetMon and BIRD. FastNetMon allows for detection of attacks within 3 seconds by monitoring traffic levels. BIRD then injects selective blackhole routes within 1 second to mitigate attacks by dropping traffic for 1 IP or subnet for 60 seconds. This approach solves the DDoS problem within 4 seconds through 100% automated detection and mitigation.
This document discusses TCP and UDP network protocols. TCP is a connection-oriented protocol that ensures reliable delivery of data packets in the correct order using three-way handshake, flow control, error checking and recovery. UDP is an alternative connectionless protocol that is faster but unreliable, making it better for real-time applications like video chatting where speed is prioritized over reliability. The key difference is that TCP establishes connections to guarantee delivery while UDP prioritizes speed over reliability.
Header compression and multiplexing in LISPJose Saldana
When small payloads are transmitted through a packet-switched network, the resulting overhead may result significant. This is stressed in the case of LISP, where a number of headers are prepended to a packet, as new headers have to be added to each packet.
This presentation proposes to send together a number of small packets, which are in the buffer of a ITR, having the same ETR as destination, into a single packet. Therefore, they will share a single LISP header, and therefore bandwidth savings can be obtained, and a reduction in the overall number of packets sent to the network can be achieved.
This document discusses DPDK support for new hardware offloads. It describes the Netronome Agilio SmartNIC, which has hardware accelerators and can offload tasks like cryptography and flow processing. It discusses using the SmartNIC with DPDK and OVS for improved performance over kernel-based solutions. Full flow classification and action offloading to the SmartNIC is proposed to reduce CPU usage, along with exploring eBPF/XDP offloading possibilities and virtio offloading to enable VM migration.
The TC Flower Classifier allows control of packets based on flows determined by matching of well-known packet fields and metadata. This is inspired by similar flow classification described by OpenFlow and implemented by Open vSwitch. Offload of the TC Flower classifier and related modules provides a powerful mechanism to both increase throughput and reduce CPU utilisation for users of such flow-based systems. This presentation will give an overview of the evolution of offload of the TC Flower classifier: where it came from, the current status and possible future directions.
This document discusses security topics for service providers in 2014. It outlines Colt's network which includes a 47,000km fiber network across Europe and transatlantic with data centers and connected buildings. It then lists topics such as internet traffic trends, denial of service attacks, security information and event management, identity and access management, BGP, DNS, data locality, disaster recovery, localization, and cloud computing, virtualization, software-defined networking, and network functions virtualization. The document provides an overview of these security issues that service providers may face and need to address.
Slides supporting the "Computer Networking: Principles, Protocols and Practice" ebook. The slides can be freely reused to teach an undergraduate computer networking class using the open-source ebook.
Slides supporting the "Computer Networking: Principles, Protocols and Practice" ebook. The slides can be freely reused to teach an undergraduate computer networking class using the open-source ebook.
LF_OVS_17_OVS/OVS-DPDK connection tracking for Mobile usecasesLF_OpenvSwitch
1) Mobile networks today handle a large number of simultaneous short duration flows, with high call rates of 100k-200k connections per second. Statistics like call duration and bandwidth usage need to be tracked for each flow for billing purposes.
2) Testing was conducted injecting a 10Gbps mobile traffic profile of 1 million flows into OVS, with 200k flows created and destroyed per second. Key metrics measured were maximum throughput, latency, and jitter at different flow table sizes and core counts.
3) Conntrack performance was tested for OVS kernel and DPDK versions. For 100k flows, OVS kernel achieved 152k pps for 4-tuple matching while OVS-DPDK achieved
Slides supporting the "Computer Networking: Principles, Protocols and Practice" ebook. The slides can be freely reused to teach an undergraduate computer networking class using the open-source ebook.
This document summarizes Linux TCP/IP tuning techniques for optimizing real-time communication. It discusses adjusting interrupts, transmission/receiving queues, socket buffer sizes, protocol parameters, port ranges, shell limits, packet marking, traffic control, connection tracking, and more. The goal is to configure these various network parameters together to ensure high availability, media quality with low delay, jitter and packet loss for signaling and media packets. Proper testing and measurement tools are also needed to validate any tuning changes.
This library provides functions for interfacing with the DS1307 real-time clock chip using an Arduino. It allows reading and writing time and date values to the chip without needing the standard Wire library. The library is open source under the GNU LGPL license and defines structures and constants to work with the date, time, and RAM on the DS1307 chip.
This document provides instructions for setting up a DHCP server on a Linux CentOS system. It outlines steps to check if the DHCP package is installed, install it from the CentOS disc if needed, create and configure the dhcpd.conf script file, and start, stop, and restart the DHCP service. It also includes an example dhcpd.conf configuration with an IP range, gateway, DNS, and domain settings for a DHCP server lab setup with a Linux server and Windows clients.
If the number of spine switches were to be merely doubled, the effect of a single switch failure is halved. With 8 spine switches, the effect of a single switch failure only causes a 12% reduction in available bandwidth. So, in modern data centers, people build networks with anywhere from 4 to 32 spine switches. With a leaf-spine network, every server on the network is exactly the same distance away from all other servers – three port hops, to be precise. The benefit of this architecture is that you can just add more spines and leaves as you expand the cluster and you don't have to do any recabling. Intuition Systems will also get more predictable latency between the nodes.
As a trend, disaggregation seems to be most useful for very large companies like Facebook and Google, or cloud providers. The technology does not necessarily have significant implications for small or medium sized businesses. Historically, however, technology has a way of trickling down from the pioneering phases of existing only within large companies with tremendous resources, to becoming more standardized across the board.
1. The document discusses WebRTC, which defines an API and protocol for real-time communication between browsers or mobile applications. It allows for audio and video calls, data sharing, and peer-to-peer file sharing without plugins.
2. WebRTC uses several protocols including ICE for connectivity, DTLS for security, and SDP for signaling. It establishes connections in four steps: signaling to exchange metadata, connecting using ICE, securing the connection with DTLS, and communicating via RTP, RTCP, and SCTP.
3. The document provides examples of using WebRTC for applications like remote desktop sharing, video calls, file sharing, and more. It also discusses challenges like NAT traversal
Netcat is a versatile networking tool that can be used for port scanning, port redirection, listening for incoming connections, and creating remote connections. It allows creating a simple command line chat server by running nc in listen mode on one system and connecting to it from another. Netcat can also identify services running on specific ports by obtaining port banners, and has been used by hackers to create backdoors by launching a shell on a listened port.
TProxy is a tool that allows transparent interception of TCP traffic. The document discusses using TProxy to get in the middle of traffic by ARP spoofing or physical access to redirect connections to a proxy for inspection. It also covers intercepting and editing messages and protocols like SSL/TLS, RDP, and IMAP to demonstrate TProxy's abilities.
This document discusses common web technology protocols. It explains that protocols are sets of rules that govern data exchange between devices and are usually assigned to specific ports. It then describes some key protocols including IP, TCP, UDP, HTTP, HTTPS, FTP, SSH, and others. It lists the standard ports used by these various protocols and provides a brief overview of their functions and whether they transmit encrypted or unencrypted data.
Netcat is a versatile network utility tool that can be used for both legitimate network analysis and security issues identification. It allows creating inbound or outbound TCP or UDP connections to any ports and can be used for port scanning, data transfer, and performance testing. However, it also poses security risks if used maliciously by allowing execution of programs on listening ports, which could enable attacks like SYN flooding.
NetCat - the suiss army knife of networkMehdi Djoughi
NetCat is a utility used for reading and writing to network connections using TCP or UDP. It has several features including port scanning, proxying, transferring files, banner grabbing, and creating backdoors. NetCat allows creating reverse or bind shells and is useful for sys admins to scan networks and penetration testers to perform vulnerability assessments and create unauthorized access to systems.
Tcpdump is a command line packet analyzer that allows users to intercept and display TCP/IP and other network packets. It can be used to debug applications that use the network, analyze network setups, and intercept unencrypted network traffic passing through systems with appropriate privileges. Tcpdump displays captured packets and allows filtering by protocol, port, or other criteria using command line flags.
Netcat is a tool that can be used for port scanning, banner grabbing, file transfer, remote shell access, and chatting over networks using TCP or UDP. It allows viewing open ports on a system through port scanning. Banner grabbing determines the service, version, and OS by connecting to an open port. File transfer and chat are done by setting up Netcat in server and client modes. Remote shell access can be provided through a bind shell, which binds a shell like cmd.exe to a port, or a reverse shell, which sends a shell from the client to a listening Netcat server.
Ultra fast DDoS Detection with FastNetMon at Coloclue (AS 8283)Pavel Odintsov
This document discusses how Coloclue, a non-profit volunteer-driven ISP, automated the detection and mitigation of DDoS attacks through the use of FastNetMon and BIRD. FastNetMon allows for detection of attacks within 3 seconds by monitoring traffic levels. BIRD then injects selective blackhole routes within 1 second to mitigate attacks by dropping traffic for 1 IP or subnet for 60 seconds. This approach solves the DDoS problem within 4 seconds through 100% automated detection and mitigation.
This document discusses TCP and UDP network protocols. TCP is a connection-oriented protocol that ensures reliable delivery of data packets in the correct order using three-way handshake, flow control, error checking and recovery. UDP is an alternative connectionless protocol that is faster but unreliable, making it better for real-time applications like video chatting where speed is prioritized over reliability. The key difference is that TCP establishes connections to guarantee delivery while UDP prioritizes speed over reliability.
Header compression and multiplexing in LISPJose Saldana
When small payloads are transmitted through a packet-switched network, the resulting overhead may result significant. This is stressed in the case of LISP, where a number of headers are prepended to a packet, as new headers have to be added to each packet.
This presentation proposes to send together a number of small packets, which are in the buffer of a ITR, having the same ETR as destination, into a single packet. Therefore, they will share a single LISP header, and therefore bandwidth savings can be obtained, and a reduction in the overall number of packets sent to the network can be achieved.
This document discusses DPDK support for new hardware offloads. It describes the Netronome Agilio SmartNIC, which has hardware accelerators and can offload tasks like cryptography and flow processing. It discusses using the SmartNIC with DPDK and OVS for improved performance over kernel-based solutions. Full flow classification and action offloading to the SmartNIC is proposed to reduce CPU usage, along with exploring eBPF/XDP offloading possibilities and virtio offloading to enable VM migration.
The TC Flower Classifier allows control of packets based on flows determined by matching of well-known packet fields and metadata. This is inspired by similar flow classification described by OpenFlow and implemented by Open vSwitch. Offload of the TC Flower classifier and related modules provides a powerful mechanism to both increase throughput and reduce CPU utilisation for users of such flow-based systems. This presentation will give an overview of the evolution of offload of the TC Flower classifier: where it came from, the current status and possible future directions.
This document discusses security topics for service providers in 2014. It outlines Colt's network which includes a 47,000km fiber network across Europe and transatlantic with data centers and connected buildings. It then lists topics such as internet traffic trends, denial of service attacks, security information and event management, identity and access management, BGP, DNS, data locality, disaster recovery, localization, and cloud computing, virtualization, software-defined networking, and network functions virtualization. The document provides an overview of these security issues that service providers may face and need to address.
Slides supporting the "Computer Networking: Principles, Protocols and Practice" ebook. The slides can be freely reused to teach an undergraduate computer networking class using the open-source ebook.
Slides supporting the "Computer Networking: Principles, Protocols and Practice" ebook. The slides can be freely reused to teach an undergraduate computer networking class using the open-source ebook.
LF_OVS_17_OVS/OVS-DPDK connection tracking for Mobile usecasesLF_OpenvSwitch
1) Mobile networks today handle a large number of simultaneous short duration flows, with high call rates of 100k-200k connections per second. Statistics like call duration and bandwidth usage need to be tracked for each flow for billing purposes.
2) Testing was conducted injecting a 10Gbps mobile traffic profile of 1 million flows into OVS, with 200k flows created and destroyed per second. Key metrics measured were maximum throughput, latency, and jitter at different flow table sizes and core counts.
3) Conntrack performance was tested for OVS kernel and DPDK versions. For 100k flows, OVS kernel achieved 152k pps for 4-tuple matching while OVS-DPDK achieved
Slides supporting the "Computer Networking: Principles, Protocols and Practice" ebook. The slides can be freely reused to teach an undergraduate computer networking class using the open-source ebook.
This document summarizes Linux TCP/IP tuning techniques for optimizing real-time communication. It discusses adjusting interrupts, transmission/receiving queues, socket buffer sizes, protocol parameters, port ranges, shell limits, packet marking, traffic control, connection tracking, and more. The goal is to configure these various network parameters together to ensure high availability, media quality with low delay, jitter and packet loss for signaling and media packets. Proper testing and measurement tools are also needed to validate any tuning changes.
This library provides functions for interfacing with the DS1307 real-time clock chip using an Arduino. It allows reading and writing time and date values to the chip without needing the standard Wire library. The library is open source under the GNU LGPL license and defines structures and constants to work with the date, time, and RAM on the DS1307 chip.
This document provides instructions for setting up a DHCP server on a Linux CentOS system. It outlines steps to check if the DHCP package is installed, install it from the CentOS disc if needed, create and configure the dhcpd.conf script file, and start, stop, and restart the DHCP service. It also includes an example dhcpd.conf configuration with an IP range, gateway, DNS, and domain settings for a DHCP server lab setup with a Linux server and Windows clients.
If the number of spine switches were to be merely doubled, the effect of a single switch failure is halved. With 8 spine switches, the effect of a single switch failure only causes a 12% reduction in available bandwidth. So, in modern data centers, people build networks with anywhere from 4 to 32 spine switches. With a leaf-spine network, every server on the network is exactly the same distance away from all other servers – three port hops, to be precise. The benefit of this architecture is that you can just add more spines and leaves as you expand the cluster and you don't have to do any recabling. Intuition Systems will also get more predictable latency between the nodes.
As a trend, disaggregation seems to be most useful for very large companies like Facebook and Google, or cloud providers. The technology does not necessarily have significant implications for small or medium sized businesses. Historically, however, technology has a way of trickling down from the pioneering phases of existing only within large companies with tremendous resources, to becoming more standardized across the board.
1. The document discusses WebRTC, which defines an API and protocol for real-time communication between browsers or mobile applications. It allows for audio and video calls, data sharing, and peer-to-peer file sharing without plugins.
2. WebRTC uses several protocols including ICE for connectivity, DTLS for security, and SDP for signaling. It establishes connections in four steps: signaling to exchange metadata, connecting using ICE, securing the connection with DTLS, and communicating via RTP, RTCP, and SCTP.
3. The document provides examples of using WebRTC for applications like remote desktop sharing, video calls, file sharing, and more. It also discusses challenges like NAT traversal
WebRTC allows browsers to communicate directly through peer-to-peer connections without plugins. It uses protocols like SRTP for secure media, ICE for network traversal, and SDP for session description. Signaling can be done through any protocol that supports SDP exchange. WebRTC addresses issues like NAT traversal using STUN, TURN servers, and trickle ICE. RTP bundling allows multiple media streams to be multiplexed over a single port.
Abandon Decades-Old TCPdump for Modern TroubleshootingAvi Networks
Are you tired of troubleshooting with TCPdump? The Avi Vantage Platform is here to help. Learn how you can abandon your decades-old CPU-intensive logging tools – and gain intuitive, real-time analytics, faster time-to-resolution, modern SSL encryption, and (most importantly) happy IT teams focused on delivering applications.
Watch this Avi webinar to #ByeByeTCPdump forever and learn:
- Why TCPdump should be your tool of last resort
- How headers compressed with HTTP/2, SSL leveraging PFS, and distributed systems have rendered certain tools useless
- How automation and visibility can help you troubleshoot more quickly
- How you can replace TCPdump with intelligent logs and analytics
Watch the full webinar: https://info.avinetworks.com/webinars-avi-tech-corner-episode-1
This document provides information on networking topics in Linux including:
- How to connect to Linux systems using SSH and things that can be done from the Linux command line interface
- IP addressing and subnet masking
- Setting up networks and creating permanent network configuration files
- Network troubleshooting tools like traceroute, nmap, netstat
- Reasons why network software may not work like firewalls blocking ports or network speed issues
- An overview of VPNs versus proxy servers and how each works
VoIP allows analog voice signals to be transmitted over the internet by converting voice data into digital packets. At the sender, the analog voice input is converted to digital data using codecs and loaded into IP packets according to protocols. These packets are transmitted over the internet and received, where they are merged back into a binary data stream and converted to analog voice using codecs. Common protocols used include SIP for signaling and RTP within UDP/IP for transmitting voice data packets in real-time. VoIP provides advantages over PSTN like lower costs and increased functionality like conferencing and simultaneous voice and data transmission.
Sshuttle is a VPN that runs on top of ssh. It allows connecting to remote networks through any ssh server without requiring administrative access or special server software. Sshuttle uses transparent proxying instead of encapsulating traffic, avoiding issues with TCP-over-TCP. It also includes features like self-assembly, DNS remangling, automatic host and network discovery to simplify VPN configuration and usage.
Reconsider TCPdump for Modern TroubleshootingAvi Networks
Are you tired of troubleshooting with TCPdump? The Avi Vantage Platform is here to help. Learn how you can reconsider your decades-old CPU-intensive logging tools – and gain intuitive, real-time analytics, faster time-to-resolution, modern SSL / TLS encryption, and (most importantly) happy IT teams focused on delivering applications.
Watch this Avi webinar to learn:
- Why TCPdump should be your tool of last resort
- How headers compressed with HTTP/2, PFS, and distributed systems have rendered certain tools useless
- How you can replace TCPdump with intelligent logs and analytics
- How to future proof your troubleshooting tools with HTTP/3, TLS 1.3, containers and Kubernetes
Watch on-demand here https://www.networkworld.com/resources/form?placement_id=de4979d3-4f46-498e-8285-2bdad91ca3fb&brand_id=512
The document discusses Jingle, an open standard protocol for real-time communication like voice and video calls over the XMPP protocol. Jingle allows for peer-to-peer connections using techniques like STUN and ICE to traverse NATs and firewalls, with the ability to fallback to using media servers. It describes the Jingle protocol which negotiates sessions and transports in three steps. Open source libraries and servers like libjingle and Openfire support Jingle implementations.
The document discusses Jingle, an open standard protocol for real-time communication like voice and video calls over the XMPP protocol. Jingle allows for peer-to-peer connections using techniques like STUN and ICE to traverse NATs and firewalls, with the ability to fallback to using media servers. The standard is maturing and implementations exist in libraries like libjingle, allowing for open, interoperable voice and video communication on a global federated XMPP network.
Advancing IoT Communication Security with TLS and DTLS v1.3Hannes Tschofenig
Missing communication security is a common vulnerability in Internet of Things deployments. Addressing this vulnerability is, in theory, relatively easy: with TLS and DTLS, two widely used security protocols are available. They are used to secure web and smart phone apps.
In this talk Hannes Tschofenig explains how the TLS/DTLS 1.3 protocols work and how they differ from previous versions. Hannes also speaks about the performance improvements and how they help in IoT deployments.
TCP/IP is a suite of protocols that allow devices on a network to communicate. It includes two main protocols: Transmission Control Protocol (TCP) and Internet Protocol (IP). TCP establishes connections between devices and ensures reliable delivery of data packets. IP provides addressing so packets can be routed between networks to their destination. Together, TCP and IP handle reliable data transmission and packet delivery across interconnected networks like the Internet.
The document provides an overview of IT network design and installation topics covered in a MaxWiFi training course, including network models, IP addressing, NAT, routing, DHCP, VLANs, wireless networking, and Cisco device configuration.
The document discusses TCP/IP networking fundamentals including:
- The TCP/IP protocol suite model with layers for internet, transport, and applications.
- Key protocols like IP, TCP, UDP that operate at each layer.
- IP addressing and routing protocols like RIP and OSPF.
- Network applications that use TCP/IP like HTTP, FTP, SMTP, and DNS.
- Networking services like DHCP, NAT, and firewalls.
- Emerging technologies like IPv6 that expand addressing and add new features.
Communication over the kinds of Data-Links used for unmanned vehicles presents important challenges dues to the low bandwidth, intermittent, and lower reliability of these links. Classic network protocols such as TCP do not operate well in this environment forcing application developers to implement their own reliability and session management. This presentation describes he issues and alternatives.
The document discusses using tcpdump and ssldump on an F5 device to analyze network traffic. It provides examples of commands to capture full traffic flows, including specifying filters. It also describes how to use tcpdump to troubleshoot issues like traffic not reaching servers. The document discusses using Wireshark with the F5 plugin to decrypt SSL traffic for analysis and provides instructions for configuring Wireshark. It briefly mentions using sFlow for performance monitoring and analytics.
This document summarizes information about the Stream Control Transmission Protocol (SCTP), Real-time Transport Protocol (RTP), and RTP Control Protocol (RTCP). SCTP is a transport layer protocol that provides reliable message delivery like TCP with multi-streaming capabilities. RTP is used for delivering audio and video over IP and defines packet formats with timestamps and sequence numbers. RTCP monitors RTP transmission quality and provides feedback on metrics like packet loss.
This document summarizes an assignment submitted by Abhishek Kesharwani on the Stream Control Transmission Protocol (SCTP), Real-time Transport Protocol (RTP), and RTP Control Protocol (RTCP). It describes SCTP as a transport layer protocol that provides reliable message transport like TCP with multi-streaming capabilities. RTP is defined as a standard packet format for delivering audio and video over IP networks, often used with RTCP for quality monitoring and stream synchronization. The document outlines key features of SCTP including multihoming and message ordering, and components of RTP including its data transfer and control protocols.
The document discusses 10 mistakes made with VoIP systems that could also impact IoT devices. These include assuming a perfect network without redundancy, difficult provisioning processes, closed identity systems without interoperability, using multiple incompatible protocols, unencrypted media, insecure authentication, systems that were difficult to update securely, latency from routing through central servers, and not prioritizing user benefits. It recommends learning from these lessons by using auto-provisioning, federated identities, open standards, encryption, strong authentication, automatic updates, local routing when possible, and designing for clear user benefits like convenience.
Kranky geek15 - securing IoT with webrtcTim Panton
Tim Panton builds a webRTC app that controls an IoT device from a chrome browser using a secure (QRcode based) proximity pairing protocol. (with added lego dog) https://www.youtube.com/watch?v=TLXmB2TZyZE
How to build a new webRTC app - not by cloning 100 year old tech, but by market research, prototyping and listening to users, even if they have paws or feathers.
This document discusses various options for integrating WebRTC with carrier IMS networks. A gateway is currently needed due to incompatibilities between WebRTC and IMS protocols and codecs. Possible integration architectures described include using SIP in the browser with an SBC, REST calls to a WebRTC gateway, and XMPP through a gateway. Issues around identity mapping, scalability of gateways, and the immaturity of WebRTC on mobile are also covered.
This session will provide an overview of standards for WebRTC and discuss related regulatory issues. The standards overview will cover both the IETF protocols for real-time communications as well as the W3C JavaScript API specifications. While progress has been made, challenges remain regarding browser support, mobile accommodation, and complexity of the signaling standards. Understanding regulatory responses to WebRTC will also be important for service providers given recent moves impacting voice, recording, and other areas.
Skybuffer SAM4U tool for SAP license adoptionTatiana Kojar
Manage and optimize your license adoption and consumption with SAM4U, an SAP free customer software asset management tool.
SAM4U, an SAP complimentary software asset management tool for customers, delivers a detailed and well-structured overview of license inventory and usage with a user-friendly interface. We offer a hosted, cost-effective, and performance-optimized SAM4U setup in the Skybuffer Cloud environment. You retain ownership of the system and data, while we manage the ABAP 7.58 infrastructure, ensuring fixed Total Cost of Ownership (TCO) and exceptional services through the SAP Fiori interface.
Generating privacy-protected synthetic data using Secludy and MilvusZilliz
During this demo, the founders of Secludy will demonstrate how their system utilizes Milvus to store and manipulate embeddings for generating privacy-protected synthetic data. Their approach not only maintains the confidentiality of the original data but also enhances the utility and scalability of LLMs under privacy constraints. Attendees, including machine learning engineers, data scientists, and data managers, will witness first-hand how Secludy's integration with Milvus empowers organizations to harness the power of LLMs securely and efficiently.
Have you ever been confused by the myriad of choices offered by AWS for hosting a website or an API?
Lambda, Elastic Beanstalk, Lightsail, Amplify, S3 (and more!) can each host websites + APIs. But which one should we choose?
Which one is cheapest? Which one is fastest? Which one will scale to meet our needs?
Join me in this session as we dive into each AWS hosting service to determine which one is best for your scenario and explain why!
This presentation provides valuable insights into effective cost-saving techniques on AWS. Learn how to optimize your AWS resources by rightsizing, increasing elasticity, picking the right storage class, and choosing the best pricing model. Additionally, discover essential governance mechanisms to ensure continuous cost efficiency. Whether you are new to AWS or an experienced user, this presentation provides clear and practical tips to help you reduce your cloud costs and get the most out of your budget.
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slackshyamraj55
Discover the seamless integration of RPA (Robotic Process Automation), COMPOSER, and APM with AWS IDP enhanced with Slack notifications. Explore how these technologies converge to streamline workflows, optimize performance, and ensure secure access, all while leveraging the power of AWS IDP and real-time communication via Slack notifications.
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdfflufftailshop
When it comes to unit testing in the .NET ecosystem, developers have a wide range of options available. Among the most popular choices are NUnit, XUnit, and MSTest. These unit testing frameworks provide essential tools and features to help ensure the quality and reliability of code. However, understanding the differences between these frameworks is crucial for selecting the most suitable one for your projects.
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc
How does your privacy program stack up against your peers? What challenges are privacy teams tackling and prioritizing in 2024?
In the fifth annual Global Privacy Benchmarks Survey, we asked over 1,800 global privacy professionals and business executives to share their perspectives on the current state of privacy inside and outside of their organizations. This year’s report focused on emerging areas of importance for privacy and compliance professionals, including considerations and implications of Artificial Intelligence (AI) technologies, building brand trust, and different approaches for achieving higher privacy competence scores.
See how organizational priorities and strategic approaches to data security and privacy are evolving around the globe.
This webinar will review:
- The top 10 privacy insights from the fifth annual Global Privacy Benchmarks Survey
- The top challenges for privacy leaders, practitioners, and organizations in 2024
- Key themes to consider in developing and maintaining your privacy program
5th LF Energy Power Grid Model Meet-up SlidesDanBrown980551
5th Power Grid Model Meet-up
It is with great pleasure that we extend to you an invitation to the 5th Power Grid Model Meet-up, scheduled for 6th June 2024. This event will adopt a hybrid format, allowing participants to join us either through an online Mircosoft Teams session or in person at TU/e located at Den Dolech 2, Eindhoven, Netherlands. The meet-up will be hosted by Eindhoven University of Technology (TU/e), a research university specializing in engineering science & technology.
Power Grid Model
The global energy transition is placing new and unprecedented demands on Distribution System Operators (DSOs). Alongside upgrades to grid capacity, processes such as digitization, capacity optimization, and congestion management are becoming vital for delivering reliable services.
Power Grid Model is an open source project from Linux Foundation Energy and provides a calculation engine that is increasingly essential for DSOs. It offers a standards-based foundation enabling real-time power systems analysis, simulations of electrical power grids, and sophisticated what-if analysis. In addition, it enables in-depth studies and analysis of the electrical power grid’s behavior and performance. This comprehensive model incorporates essential factors such as power generation capacity, electrical losses, voltage levels, power flows, and system stability.
Power Grid Model is currently being applied in a wide variety of use cases, including grid planning, expansion, reliability, and congestion studies. It can also help in analyzing the impact of renewable energy integration, assessing the effects of disturbances or faults, and developing strategies for grid control and optimization.
What to expect
For the upcoming meetup we are organizing, we have an exciting lineup of activities planned:
-Insightful presentations covering two practical applications of the Power Grid Model.
-An update on the latest advancements in Power Grid -Model technology during the first and second quarters of 2024.
-An interactive brainstorming session to discuss and propose new feature requests.
-An opportunity to connect with fellow Power Grid Model enthusiasts and users.
HCL Notes and Domino License Cost Reduction in the World of DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/
The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this!
We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model.
Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward.
These topics will be covered
- Reducing license cost by finding and fixing misconfigurations and superfluous accounts
- How do CCB and CCX licenses really work?
- Understanding the DLAU tool and how to best utilize it
- Tips for common problem areas, like team mailboxes, functional/test users, etc
- Practical examples and best practices to implement right away
Digital Marketing Trends in 2024 | Guide for Staying AheadWask
https://www.wask.co/ebooks/digital-marketing-trends-in-2024
Feeling lost in the digital marketing whirlwind of 2024? Technology is changing, consumer habits are evolving, and staying ahead of the curve feels like a never-ending pursuit. This e-book is your compass. Dive into actionable insights to handle the complexities of modern marketing. From hyper-personalization to the power of user-generated content, learn how to build long-term relationships with your audience and unlock the secrets to success in the ever-shifting digital landscape.
Letter and Document Automation for Bonterra Impact Management (fka Social Sol...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on automated letter generation for Bonterra Impact Management using Google Workspace or Microsoft 365.
Interested in deploying letter generation automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Driving Business Innovation: Latest Generative AI Advancements & Success StorySafe Software
Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency.
During the hour, we’ll take you through:
Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board.
Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes.
Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI.
We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI.
This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
3. Make a secure P2P media
+ data connection?
Use existing protocols:
SRTP x2 - encrypted RTP for voice + video
DTLS - secure set up
SCTP - datagram protocol
RTCP - channel stats and management
4. Multiplex all the things
+----------------+
| 127 < B < 192 -+--> forward to RTP
| |
packet --> | 19 < B < 64 -+--> forward to DTLS
| |
| B < 2 -+--> forward to ICE
+----------------+
5. Huh ? Why is ICE there ?
Continuing consent to send:
We are sending ~1mbit/s of video
Imagine the user closes the receiving tab
Signalling is gone
ICE re-tests connection every 30s
Can re-establish a session over different path
6. We know all about RTP
Maybe not:
SRTP - but uses DTLS to exchange the keys.
Possibly multiple multiplexed streams
RTCP too.
Optional Headers (voice level etc)
7. DTLS - what is that?
TLS (aka SSL) ’s UDP cousin:
Uses Public key crypto to exchange session key
Session key extracted and used for SRTP key
Also carries datachannel messages
Does not carry media
8. DTLS - not quite like SSL
DTLS in webRTC has different requirements:
Does not use PKI - no certs to buy
Has heartbeat
DTLS is client server
Peers have to agree who is the client (rant)
9. Was all that worth it?
Probably:
Secure - selectable crypto suites
No passwords
No central authority
Distributed system - but existing SRTP code used
10. You forgot STCP
Oops:
Originally designed to run alongside TCP
webRTC uses it to provide Datachannel transport
Run over DTLS (over UDP)
Useful semantics - more flexible that TCP
More widely used than you think (telcos)
11. A new layer?
Perhaps:
We have a modern set of secure peer to peer network
protocols supported by > 1bn endpoints and counting.
It runs well over the existing internet infrastructure
Lets use it to build fun stuff.