Networking

From Things and Stuff Wiki
Revision as of 23:03, 24 November 2017 by Milk (talk | contribs) (→‎Software)
Jump to navigation Jump to search


still a mess.

to totally rejig

General






  • https://en.wikipedia.org/wiki/Channel_(communications) - or simply channel refers either to a physical transmission medium such as a wire, or to a logical connection over a multiplexed medium such as a radio channel in telecommunications and computer networking. A channel is used to convey an information signal, for example a digital bit stream, from one or several senders (or transmitters) to one or several receivers. A channel has a certain capacity for transmitting information, often measured by its bandwidth in Hz or its data rate in bits per second. Communicating data from one location to another requires some form of pathway or medium. These pathways, called communication channels, use two types of media: cable (twisted-pair wire, cable, and fiber-optic cable) and broadcast (microwave, satellite, radio, and infrared).




  • https://en.wikipedia.org/wiki/Connection-oriented_communication - a network communication mode in telecommunications and computer networking, where a communication session or a semi-permanent connection is established before any useful data can be transferred, and where a stream of data is delivered in the same order as it was sent. The alternative to connection-oriented transmission is connectionless communication, for example the datagram mode communication used by the IP and UDP protocols, where data may be delivered out of order, since different packets are routed independently, and may be delivered over different paths.


  • https://en.wikipedia.org/wiki/Connectionless_communication - often referred to as CL-mode communication, is a data transmission method used in packet switching networks in which each data unit is individually addressed and routed based on information carried in each unit, rather than in the setup information of a prearranged, fixed data channel as in connection-oriented communication. Under connectionless communication between two network end points, a message can be sent from one end point to another without prior arrangement. The device at one end of the communication transmits data addressed to the other, without first ensuring that the recipient is available and ready to receive the data. Some protocols allow for error correction by requested retransmission. Internet Protocol (IP) and User Datagram Protocol (UDP) are connectionless protocols.


Topology














to sort





Internet


Backbone





Hardware



  • https://en.wikipedia.org/wiki/Forwarding_information_base - also known as a forwarding table or MAC table, is most commonly used in network bridging, routing, and similar functions to find the proper interface to which the input interface should forward a packet. It is a dynamic table that maps MAC addresses to ports. It is the essential mechanism that separates network switches from network hubs. Content-addressable memory (CAM) is typically used to efficiently implement the FIB, thus it is sometimes called a CAM table.

Cisco

Home router

  • LEDE project is founded as a spin-off of the OpenWrt project and shares many of the same goals. We are building an embedded Linux distribution that makes it easy for developers, system administrators or other Linux enthusiasts to build and customize software for embedded devices, especially wireless routers. The name LEDE stands for Linux Embedded Development Environment. [5]

Quagga

  • Quagga is a routing software suite, providing implementations of OSPFv2, OSPFv3, RIP v1 and v2, RIPng and BGP-4 for Unix platforms, particularly FreeBSD, Linux, Solaris and NetBSD. Quagga is a fork of GNU Zebra.

Other



Layer 1/2

  • https://en.wikipedia.org/wiki/Link_layer - the group of methods and communications protocols that only operate on the link that a host is physically connected to. The link is the physical and logical network component used to interconnect hosts or nodes in the network and a link protocol is a suite of methods and standards that operate only between adjacent network nodes of a local area network segment or a wide area network connection.

Despite the different semantics of layering in TCP/IP and OSI, the link layer is sometimes described as a combination of the data link layer (layer 2) and the physical layer (layer 1) in the OSI model. However, the layers of TCP/IP are descriptions of operating scopes (application, host-to-host, network, link) and not detailed prescriptions of operating procedures, data semantics, or networking technologies.





Modem





xDSL

Fiber

Ethernet

etc..


Wireless

  • WiGLE.net - All the networks. Found by Everyone.

Wi-Fi



  • https://en.wikipedia.org/wiki/IEEE_802.11s - an IEEE 802.11 amendment for mesh networking, defining how wireless devices can interconnect to create a WLAN mesh network, which may be used for static topologies and ad hoc networks.




iwlist wlan0 scanning


Avoid NetworkManager if possible?

Other

LTE

Linux

  • iw - a new nl80211 based CLI configuration utility for wireless devices. It supports all new drivers that have been added to the kernel recently. The old tool iwconfig, which uses Wireless Extensions interface, is deprecated and it's strongly recommended to switch to iw and nl80211.



  • hostapd - a user space daemon for access point and authentication servers. It implements IEEE 802.11 access point management, IEEE 802.1X/WPA/WPA2/EAP Authenticators, RADIUS client, EAP server, and RADIUS authentication server. The current version supports Linux (Host AP, madwifi, mac80211-based drivers) and FreeBSD (net80211). hostapd is designed to be a "daemon" program that runs in the background and acts as the backend component controlling authentication. hostapd supports separate frontend programs and an example text-based frontend, hostapd_cli, is included with hostapd.


Security

  • wifite - An automated wireless attack tool.


  • You Are a Rogue Device - A New Apparatus Capable of Spying on You Has Been Installed Throughout Downtown Seattle. Very Few Citizens Know What It Is, and Officials Don’t Want to Talk About It. [13]

Other

  • https://en.wikipedia.org/wiki/UUCP - an abbreviation of Unix-to-Unix Copy. The term generally refers to a suite of computer programs and protocols allowing remote execution of commands and transfer of files, email and netnews between computers. Specifically, a command named uucp is one of the programs in the suite; it provides a user interface for requesting file copy operations. The UUCP suite also includes uux (user interface for remote command execution), uucico (the communication program that performs the file transfers), uustat (reports statistics on recent activity), uuxqt (execute commands sent from remote machines), and uuname (reports the UUCP name of the local system).


  • https://en.wikipedia.org/wiki/Serial_Line_Internet_Protocol - SLIP, an encapsulation of the Internet Protocol designed to work over serial ports and modem connections. It is documented in RFC 1055. On personal computers, SLIP has been largely replaced by the Point-to-Point Protocol (PPP), which is better engineered, has more features and does not require its IP address configuration to be set before it is established. On microcontrollers, however, SLIP is still the preferred way of encapsulating IP packets due to its very small overhead.
  • https://en.wikipedia.org/wiki/Parallel_Line_Internet_Protocol - PLIP - direct computer-to-computer communications using the parallel port normally used for connections to a printer.The Parallel Line Internet Protocol provides Link Layer services for the Internet Protocol, the protocol used for forming small local area networks and large computer networks, such as the Internet, enabling computers without standard dedicated networking hardware, such as Ethernet, but with older parallel port devices, to communicate.
  • https://en.wikipedia.org/wiki/Point-to-Point_Protocol - PPP - a data link protocol used to establish a direct connection between two nodes. It can provide connection authentication, transmission encryption (using ECP, RFC 1968), and compression. PPP is used over many types of physical networks including serial cable, phone line, trunk line, cellular telephone, specialized radio links, and fiber optic links such as SONET. PPP is also used over Internet access connections. Internet service providers (ISPs) have used PPP for customer dial-up access to the Internet, since IP packets cannot be transmitted over a modem line on their own, without some data link protocol. Two derivatives of PPP, Point-to-Point Protocol over Ethernet (PPPoE) and Point-to-Point Protocol over ATM (PPPoA), are used most commonly by Internet Service Providers (ISPs) to establish a Digital Subscriber Line (DSL) Internet service connection with customers.

Audio / ultrasonic

Layer 3/4



  • The History of Packets - This guide seeks to take you on the adventure of the changing packet, and how it has survived over the past four decades of networking hardware and computer software. The Internet started in the late 1960s as ARPANET.




Ports

Scanning

nmap -A 192.168.1.1
  scan machine and report

nmap -v -A 192.168.1.1-255
  verbose scan range and report

nmap -sT -sU -O -p 1-65535 localhost
  full port scan, to check args
nmap -p T:110,955
nmap -R -sL 209.85.229.99/27 | awk ‘{if($3==”not”)print”(“$2″) no PTR”;else print$3″ is “$2}’ | grep ‘(‘

"This command uses nmap to perform reverse DNS lookups on a subnet. It produces a list of IP addresses with the corresponding PTR record for a given subnet. You can enter the subnet in CDIR notation (i.e. /24 for a Class C)). You could add “–dns-servers x.x.x.x” after the “-sL” if you need the lookups to be performed on a specific DNS server. On some installations nmap needs sudo I believe. Also I hope awk is standard on most distros."

IP

  • onics - A suite of command line tools and libraries for manipulating packets in the style of cat, sed, awk, grep, diff, etc... [19]



ARP

Protocol to resolve IPv4 addresses to lower level addressed, i.e., ethernet MAC.


arp -e
  # list arp table


arp-scan --interface=eth0 --localnet




Subnetting


Addressing

Switching

Routing

  • https://en.wikipedia.org/wiki/Interface_Message_Processor - the packet-switching node used to interconnect participant networks to the ARPANET from the late 1960s to 1989. It was the first generation of gateways, which are known today as routers.[1][2][3] An IMP was a ruggedized Honeywell DDP-516 minicomputer with special-purpose interfaces and software.[4] In later years the IMPs were made from the non-ruggedized Honeywell 316 which could handle two-thirds of the communication traffic at approximately one-half the cost. An IMP requires the connection to a host computer via a special bit-serial interface, defined in BBN Report 1822. The IMP software and the ARPA network communications protocol running on the IMPs was discussed in RFC 1, the first of a series of standardization documents published by the Internet Engineering Task Force (IETF).

DHCP

  • dhclient - The Internet Systems Consortium DHCP Client, dhclient, provides a means for configuring one or more network interfaces using the Dynamic Host Configuration Protocol, BOOTP protocol, or if these protocols fail, by statically assigning an address.


NAT

ICMP

Tunnelling

  • iodine lets you tunnel IPv4 data through a DNS server. This can be usable in different situations where internet access is firewalled, but DNS queries are allowed.


IPsec

IPv6

Security

NCP

  • https://en.wikipedia.org/wiki/Network_Control_Program - preceded the Transmission Control Protocol (TCP) as a transport layer protocol used during the early ARPANET. NCP was a simplex protocol that utilized two port addresses, establishing two connections, for two-way communications. An odd and an even port were reserved for each application layer application or protocol. The standardization of TCP and UDP reduced the need for the use of two simplex ports for each application down to one duplex port

UDP

See also DNS

UPnP

TCP

See also HTTP, SSH, Gopher

traceroute -m 100 216.81.59.173
traceroute -m 120 216.81.59.173

Tunnelling

  • sshuttle - Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.
  • Localtunnel allows you to easily share a web service on your local development machine without messing with DNS and firewall settings. Localtunnel will assign you a unique publicly accessible url that will proxy all requests to your locally running webserver. [26]

UDT

  • UDT is a reliable UDP based application level data transport protocol for distributed data intensive applications over wide area high-speed networks. UDT uses UDP to transfer bulk data with its own reliability control and congestion control mechanisms. The new protocol can transfer data at a much higher speed than TCP does. UDT is also a highly configurable framework that can accommodate various congestion control algorithms. [27]

SCTP

DCCP

Other

  • Secure Socket Funneling (SSF) is a network tool and toolkit. It provides simple and efficient ways to forward data from multiple sockets (TCP or UDP) through a single secure TLS link to a remote computer. [31]


Virtual


  • https://en.wikipedia.org/wiki/Virtual_network - a computer network that consists, at least in part, of virtual network links. A virtual network link is a link that does not consist of a physical (wired or wireless) connection between two computing devices but is implemented using methods of network virtualization. The two most common forms of network virtualization are protocol-based virtual networks (such as VLANs, VPNs, and VPLSs) and virtual networks that are based on virtual devices (such as the networks connecting virtual machines inside a hypervisor). In practice, both forms can be used in conjunction.




Circuit

hmm

X.25

  • https://en.wikipedia.org/wiki/X.25 - an ITU-T standard protocol suite for packet switched wide area network (WAN) communication. An X.25 WAN consists of packet-switching exchange (PSE) nodes as the networking hardware, and leased lines, plain old telephone service connections, or ISDN connections as physical links.

X.25 is a family of protocols that was popular during the 1980s with telecommunications companies and in financial transaction systems such as automated teller machines. X.25 was originally defined by the International Telegraph and Telephone Consultative Committee (CCITT, now ITU-T) in a series of drafts and finalized in a publication known as The Orange Book in 1976. While X.25 has, to a large extent, been replaced by less complex protocols, especially the Internet protocol (IP), the service is still used (e.g. as of 2012 in the credit card payment industry) and available in niche and legacy applications.

Beginning in the early 1990s, in North America, use of X.25 networks (predominated by Telenet and Tymnet)[11] started to be replaced by Frame Relay, service offered by national telephone companies. Most systems that required X.25 now use TCP/IP, however it is possible to transport X.25 over TCP/IP when necessary.

X.25 networks are still in use throughout the world. A variant called AX.25 is also used widely by amateur packet radio. Racal Paknet, now known as Widanet, is still in operation in many regions of the world, running on an X.25 protocol base. In some countries, like the Netherlands or Germany, it is possible to use a stripped version of X.25 via the D-channel of an ISDN-2 (or ISDN BRI) connection for low volume applications such as point-of-sale terminals; but, the future of this service in the Netherlands is uncertain.

Frame Relay

ATM


Virtual LAN


Network virtualization

  • Mininet creates a realistic virtual network, running real kernel, switch and application code, on a single machine (VM, cloud or native), in seconds, with a single command

Virtual Extensible LAN

  • https://en.wikipedia.org/wiki/Virtual_Extensible_LAN - VXLAN, a network virtualization technology that attempts to improve the scalability problems associated with large cloud computing deployments. It uses a VLAN-like encapsulation technique to encapsulate MAC-based OSI layer 2 Ethernet frames within layer 4 UDP packets, using 4789 as the default IANA-assigned destination UDP port number. VXLAN endpoints, which terminate VXLAN tunnels and may be both virtual or physical switch ports, are known as VXLAN tunnel endpoints (VTEPs).


NGN

MPLS

  • https://en.wikipedia.org/wiki/Multiprotocol_Label_Switching - type of data-carrying technique for high-performance telecommunications networks that directs data from one network node to the next based on short path labels rather than long network addresses, avoiding complex lookups in a routing table. The labels identify virtual links (paths) between distant nodes rather than endpoints. MPLS can encapsulate packets of various network protocols, hence its name "multiprotocol". MPLS supports a range of access technologies, including T1/E1, ATM, Frame Relay, and DSL.


VPN

PPTP

Not recommended for use any more.

L2TP

Requires use of encrypted protocol (IPsec). Uses UDP port 500, which is more easily blocked by NAT firewalls.

L2FP

  • https://en.wikipedia.org/wiki/Layer_2_Forwarding_Protocol - a tunneling protocol developed by Cisco Systems, Inc. to establish virtual private network connections over the Internet. L2F does not provide encryption or confidentiality by itself; It relies on the protocol being tunneled to provide privacy. L2F was specifically designed to tunnel Point-to-Point Protocol (PPP) traffic.[

IPsec

IPsec is an end-to-end security scheme operating in the Internet Layer of the Internet Protocol Suite, while some other Internet security systems in widespread use, such as Secure Sockets Layer (SSL), Transport Layer Security (TLS) and Secure Shell (SSH), operate in the upper layers of the TCP/IP model. Hence, IPsec protects any application traffic across an IP network.

OpenVPN

n2n

Tinc

WireGuard

strongSwan

Algo

  • Algo VPN - short for "Al Gore", the Vice President of Networks everywhere for inventing the Internet, a set of Ansible scripts that simplifies the setup of a personal IPSEC VPN. It contains the most secure defaults available, works with common cloud providers, and does not require client software on most devices.

DNS

Services

Systems

  • BadVPN is a peer-to-peer VPN system. It provides a Layer 2 (Ethernet) network between the peers (VPN network nodes). The peers connect to a central server which acts as a chat server for them to establish direct connections between each other (data connections). These connections are used for transferring network data (Ethernet frames).
  • Freelan - A free, open-source, multi-platform, highly-configurable and peer-to-peer VPN software, designed to easily connect remote hosts and mainly focused on security and performance. [41]
  • Social VPN Project - free and open-source P2P Social Virtual Private Network (VPN) that seamlessly networks your computer with the computers of your friends.
  • Campagnol is a distributed IP-based VPN software able to open new connections through NATs or firewalls without any configuration. It uses UDP for the transport layer and utilizes tunneling and encryption (with DTLS) and the UDP hole punching NAT traversal technique. The established connections are P2P.


  • SigmaVPN is simple, light-weight and modular VPN software for UNIX systems, deploying the NaCl encryption library. It's easy to configure, has low overheads and is reliable. No longer is it necessary to waste precious time configuring overcomplicated tunnels. [44]

Overlay

Tor

Usage

sudo systemctl start tor

google-chrome-stable --proxy-server="socks://localhost:9050" -incognito
chromium --proxy-server="socks://localhost:9050" -incognito

Software

Exit nodes

Hidden services

Chat

Search

Social

Other

I2P

Other


Cloud

See also Cloud

  • Maestro is an "operating system" for orchestrating network control applications. Maestro provides interfaces for implementing modular network control applications to access and modify state of the network, and coordinate their interactions. Maestro is a platform for achieving automatic and programmatic network control functions using these modularized applications. Although this project focuses on building an OpenFlow controller using Maestro, Maestro is not only limited to OpenFlow networks.

Mesh

See also Open social.

General

Protocols

DSDV

Destination-Sequenced Distance-Vector Routing (DSDV) is a table-driven routing scheme for ad hoc mobile networks based on the Bellman–Ford algorithm. It was developed by C. Perkins and P.Bhagwat in 1994. The main contribution of the algorithm was to solve the routing loop problem. Each entry in the routing table contains a sequence number, the sequence numbers are generally even if a link is present; else, an odd number is used. The number is generated by the destination, and the emitter needs to send out the next update with this number. Routing information is distributed between nodes by sending full dumps infrequently and smaller incremental updates more frequently.

AODV

It is a reactive routing protocol, meaning that it establishes a route to a destination only on demand. In contrast, the most common routing protocols of the Internet are proactive, meaning they find routing paths independently of the usage of the paths. AODV is, as the name indicates, a distance-vector routing protocol. AODV avoids the counting-to-infinity problem of other distance-vector protocols by using sequence numbers on route updates, a technique pioneered by DSDV. AODV is capable of both unicast and multicast routing.

OLSR

Bmx6

  • Bmx6 is a routing protocol for Linux based operating systems.

Babel

Babel is based on the ideas in Destination-Sequenced Distance Vector routing (DSDV), Ad hoc On-Demand Distance Vector Routing (AODV), and Cisco's Enhanced Interior Gateway Routing Protocol (EIGRP), but it uses a variant of Expected Transmission Count (ETX) link cost estimation rather than a simple hop-count metric. It employs several techniques to ensure the absence of routing pathologies, such as routing loops. Babel operates on IPv4 and IPv6 networks. It has been reported to be a robust protocol and to have fast convergence properties.

Two implementations of Babel are freely available: the standalone sample implementation, and a version that is integrated into the Quagga routing suite. The version integrated into Quagga allows for authentication.

B.A.T.M.A.N.

HWMP

cjdns

Wanderlust

  • Wanderlust - A Worldwide Network with Distributed Routing through Location Swapping

Other

Router

Hardware

Projects

Networks

  • ninux.org is a Wireless Network Community in Italy. OLSR

Project Mesh Net

Serval

Commotion

OLSR

FabFi

OLSR

to sort



Stacks

Freedom Box

Byzantium

Other

ArcOS

Mapping

Darknets

Other

UK ISPs

Wireless broadband

Scotland

Shared/remote desktop

See also GUI#XDMCP

KVM

VNC


Server

  • x11vnc allows one to view remotely and interact with real X displays (i.e. a display corresponding to a physical monitor, keyboard, and mouse) with any VNC viewer. In this way it plays the role for Unix/X11 that WinVNC plays for Windows.
  • Vinagre (Remote Desktop Viewer) is the default VNC client in Ubuntu 8.04. It currently allows you to connect to desktops running VNC servers and control them. Specific connection options are not currently supported, e.g. high or low bandwidth settings, but it is planned to add them in an upcoming version.


Client

  • noVNC - VNC client using HTML5 (WebSockets, Canvas) with encryption (wss://) support. There are many companies/projects that have integrated noVNC into their products including: Ganeti Web Manager, Archipel, openQRM, OpenNode, OpenStack, Broadway (HTML5 GDK/GTK+ backend), OpenNebula, CloudSigma, Zentyal (formerly Ebox), SlapOS, Intel MeshCentral, Amahi, Brightbox, Foreman, LibVNCServer, and PocketVNC.

Chicken is a VNC client for Mac OS X. A VNC client allows remote access to another computer over the network. Chicken is based on Chicken of the VNC.

RDP

NX

FreeNX

Neatx

X2Go

  • X2Go enables you to access a graphical desktop of a computer over a low bandwidth (or high bandwidth) connection. Multiple users/clients can access a single X2Go Server at the same time, with each user/client having an individual Desktop session by default - however, Desktop sharing (Remote Assistance) is possible, too (see below). For the graphical part of remote desktop sessions, X2Go uses No Machine NX3 technology under the hood.

Other

  • ShareX - a free and open source program that lets you capture or record any area of your screen and share it with a single press of a key. It also allows uploading images, text or other types of files to over 80 supported destinations you can choose from. [62]
  • Apache Guacamole is a clientless remote desktop gateway. It supports standard protocols like VNC, RDP, and SSH. We call it clientless because no plugins or client software are required. Thanks to HTML5, once Guacamole is installed on a server, all you need to access your desktops is a web browser. [63] [64]

to sort

View The Daily Show, etc. in the UK, etc. Mofity HTTP headers; X-Forwarded-For "12.13.14.15" [65]

  • GLIF, the Global Lambda Integrated Facility, is an international consortium that promotes the paradigm of lambda networking.


  • OpenSignalMaps - database of cell phone towers, cell phone signal strength readings, and Wi-Fi access points around the world