Application

From Things and Stuff Wiki
Revision as of 07:58, 14 October 2023 by Milk (talk | contribs) (Created page with "{{menu}} == Layer 5 / 6 / 7 == See also Sharing * https://en.wikipedia.org/wiki/Session_layer * https://en.wikipedia.org/wiki/Presentation_layer * https://en.wikipedia...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search


Layer 5 / 6 / 7

See also Sharing





  • https://github.com/alsmith/multicast-relay - Relay broadcast and multicast packets between interfaces Useful, for example, if you have Sonos speakers on one interface, or VLAN, and you want to be able to control them from devices on a different interface/VLAN. Similar for Chromecast devices.


SNMP

  • http://en.wikipedia.org/wiki/Simple_Network_Management_Protocol - an Internet-standard protocol for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behavior. Devices that typically support SNMP include routers, switches, servers, workstations, printers, modem racks and more. SNMP is widely used in network management systems to monitor network-attached devices for conditions that warrant administrative attention. SNMP exposes management data in the form of variables on the managed systems, which describe the system configuration. These variables can then be queried (and sometimes set) by managing applications.


  • Net-SNMP - a suite of applications used to implement SNMP v1, SNMP v2c and SNMP v3 using both IPv4 and IPv6, widely used protocols for monitoring the health and welfare of network equipment (eg. routers), computer equipment and even devices like UPSs.


  • qtmib - an easy-to-use SNMP MIB Browser based on QT4 library. It is build as a front-end for net-snmp, and it allows the user to query any SNMP-enabled device. It implements SNMPv1 and SNMPv2c, and it is released under GPL v2 license.


  • Devmon - a Perl daemon designed to supplement and enhance the monitoring capabilities of a server running either the BigBrother or Hobbit monitoring software. BigBrother and Hobbit, at present, only support monitoring remote devices via ICMP or TCP port tests. Devmon takes this a step further, allowing a system administrator to proactively monitor remote devices via SNMP (Simple Network Management Protocol), querying said devices for current status and alarms. Devmon takes the data that it obtains via SNMP and applies user-defined logic against it and compares the results to user-customizable thresholds. It uses the final data to determine if the remote device is in an abnormal or critical state, and reports accordingly to the BigBrother/Hobbit display server.


SSDP

  • https://en.wikipedia.org/wiki/Simple_Service_Discovery_Protocol - a network protocol based on the Internet protocol suite for advertisement and discovery of network services and presence information. It accomplishes this without assistance of server-based configuration mechanisms, such as Dynamic Host Configuration Protocol (DHCP) or Domain Name System (DNS), and without special static configuration of a network host. SSDP is the basis of the discovery protocol of Universal Plug and Play (UPnP) and is intended for use in residential or small office environments. It was formally described in an Internet Engineering Task Force (IETF) Internet Draft by Microsoft and Hewlett-Packard in 1999. Although the IETF proposal has since expired (April, 2000), SSDP was incorporated into the UPnP protocol stack, and a description of the final implementation is included in UPnP standards documents.


Telnet






r0c

HTTP

See HTTP

Gopher





  • Little Gopher Client - a client for the Gopher protocol written in Free Pascal and Lazarus with support for the Windows, Linux and Mac OS X operating systems. It is mainly made to browse and read articles in gopherspace, so for the moment it only supports menus and text content - no downloads, images or queries. In the future i might add features for these. The client supports only the original Gopher protocol as specified RFC1436. There is no support for the incompatible Gopher+ protocol (which should be fine in practice since no gopherhole seems to use it anyway - its complexity was most likely its downfall). The biggest feature it has compared to most other Gopher clients is the browser sidebar which maps the gopherspace as you go, taking advantage of Gopher's hierarchical nature. Or at least it tries to, since many modern gopherholes today treat Gopher menus as HTML-lite, adding back links and such. Still, it helps to navigate faster than without it.




RTP / RTCP

  • https://en.wikipedia.org/wiki/Real-time_Transport_Protocol - a network protocol for delivering audio and video over IP networks. RTP is used extensively in communication and entertainment systems that involve streaming media, such as telephony, video teleconference applications including WebRTC, television services and web-based push-to-talk features.

RTP typically runs over User Datagram Protocol (UDP). RTP is used in conjunction with the RTP Control Protocol (RTCP). While RTP carries the media streams (e.g., audio and video), RTCP is used to monitor transmission statistics and quality of service (QoS) and aids synchronization of multiple streams. RTP is one of the technical foundations of Voice over IP and in this context is often used in conjunction with a signaling protocol such as the Session Initiation Protocol (SIP) which establishes connections across the network.

RTP was developed by the Audio-Video Transport Working Group of the Internet Engineering Task Force (IETF) and first published in 1996 as RFC 1889, superseded by RFC 3550 in 2003.


SRTP / SRTCP

  • https://en.wikipedia.org/wiki/Secure_Real-time_Transport_Protocol - a Real-time Transport Protocol (RTP) profile, intended to provide encryption, message authentication and integrity, and replay attack protection to the RTP data in both unicast and multicast applications. It was developed by a small team of Internet Protocol and cryptographic experts from Cisco and Ericsson. It was first published by the IETF in March 2004 as RFC 3711.

Since RTP is closely related to RTP Control Protocol (RTCP) which can be used to control the RTP session, SRTP also has a sister protocol, called Secure RTCP (SRTCP); SRTCP securely provides the same features to RTCP, as the ones provided by SRTP to RTP. Utilization of SRTP or SRTCP is optional in RTP or RTCP applications; but even if SRTP or SRTCP are used, all provided features (such as encryption and authentication) are optional and can be separately enabled or disabled. The only exception is the message authentication feature which is indispensably required when using SRTCP.

UDT

  • UDT - a reliable UDP based application level data transport protocol for distributed data intensive applications over wide area high-speed networks. UDT uses UDP to transfer bulk data with its own reliability control and congestion control mechanisms. The new protocol can transfer data at a much higher speed than TCP does. UDT is also a highly configurable framework that can accommodate various congestion control algorithms. [7]


BGP


  • BGP4.as - your independent starting point for all BGP routing related information. It contains references to all major BGP software, vendors, presentations, research work, as well as practical BGP tools, and IETF reference material.
  • BGPStream - a free resource for receiving alerts about hijacks, leaks, and outages in the Border Gateway Protocol. With BGP Stream, we use an automated process to cull the largest and most important outages, what type of outage it is, and which ASNs are involved and publish those updates for free to a Twitter feed and this site. It is important to us to provide this information free, in a real-time format, providing contextual information so network engineers and owners can respond to outages as quickly as possible.






  • FRRouting - an IP routing protocol suite for Linux and Unix platforms whichincludes protocol daemons for BGP, IS-IS, LDP, OSPF, PIM, and RIP.FRR’s seamless integration with the native Linux/Unix IP networking stacksmakes it applicable to a wide variety of use cases including connectinghosts/VMs/containers to the network, advertising network services, LANswitching and routing, Internet access routers, and Internet peering.FRR has its roots in the Quagga project. In fact, it was started by manylong-time Quagga developers who combined their efforts to improve onQuagga's well-established foundation in order to create the best routingprotocol stack available. We invite you to participate in the FRRoutingcommunity and help shape the future of networking.




BGPsec

  • https://en.wikipedia.org/wiki/BGPsec - a security extension of the Border Gateway Protocol defined in RFC 8205, published in September 2017. BGPsec provides to receivers of valid BGPsec UPDATE messages cryptographic verification of the routes they advertise.[1] BGPsec replaces the BGP AS_PATH attribute with a new BGPsec_Path attribute.

RPKI

  • https://en.wikipedia.org/wiki/Resource_Public_Key_Infrastructure - also known as Resource Certification, is a specialized public key infrastructure (PKI) framework designed to secure the Internet's routing infrastructure. RPKI provides a way to connect Internet number resource information (such as Autonomous System numbers and IP addresses) to a trust anchor. The certificate structure mirrors the way in which Internet number resources are distributed. That is, resources are initially distributed by the IANA to the regional Internet registries (RIRs), who in turn distribute them to local Internet registries (LIRs), who then distribute the resources to their customers. RPKI can be used by the legitimate holders of the resources to control the operation of Internet routing protocols to prevent route hijacking and other attacks. In particular, RPKI is used to secure the Border Gateway Protocol (BGP) through BGP Route Origin Validation (ROV), as well as Neighbor Discovery Protocol (ND) for IPv6 through the Secure Neighbor Discovery protocol (SEND).

SOCKS


tsocks

  • tsocks - a transparent SOCKS proxying library. tsocks' role is to allow non SOCKS aware applications (e.g telnet, ssh, ftp etc) to use SOCKS without any modification. It does this by intercepting the calls that applications make to establish network connections and negotating them through a SOCKS server as necessary.

Shadowsocks

File systems

See Storage/Files#Networked, etc.

File sharing

See Sharing

  • tus - The protocol provides a mechanism for resumable file uploads via HTTP/1.1 (RFC 7230) and HTTP/2 (RFC 7540).


  • InterPlanetary File System - IPFS, a peer-to-peer distributed file system that seeks to connect all computing devices with the same system of files. In some ways, IPFS is similar to the Web, but IPFS could be seen as a single BitTorrent swarm, exchanging objects within one Git repository. In other words, IPFS provides a high throughput content-addressed block storage model, with content-addressed hyperlinks. This forms a generalized Merkle DAG, a data structure upon which one can build versioned file systems, blockchains, and even a Permanent Web. IPFS combines a distributed hashtable, an incentivized block exchange, and a self-certifying namespace. IPFS has no single point of failure, and nodes do not need to trust each other.




Authentication, ID

  • https://en.wikipedia.org/wiki/Authentication - the act of proving an assertion, such as the identity of a computer system user. In contrast with identification, the act of indicating a person or thing's identity, authentication is the process of verifying that identity. It might involve validating personal identity documents, verifying the authenticity of a website with a digital certificate, determining the age of an artifact by carbon dating, or ensuring that a product or document is not counterfeit.


  • https://en.wikipedia.org/wiki/Identity_management - also known as identity and access management (IAM or IdAM), is a framework of policies and technologies for ensuring that the proper people in an enterprise have the appropriate access to technology resources. IdM systems fall under the overarching umbrellas of IT security and data management. Identity and access management systems not only identify, authenticate, and authorize individuals who will be utilizing IT resources, but also the hardware and applications employees need to access. Identity and access management solutions have become more prevalent and critical in recent years as regulatory compliance requirements have become increasingly more rigorous and complex.


  • https://en.wikipedia.org/wiki/Authorization - the function of specifying access rights/privileges to resources, which is related to information security and computer security in general and to access control in particular. More formally, "to authorize" is to define an access policy. For example, human resources staff are normally authorized to access employee records and this policy is usually formalized as access control rules in a computer system. During operation, the system uses the access control rules to decide whether access requests from (authenticated) consumers shall be approved (granted) or disapproved (rejected). Resources include individual files or an item's data, computer programs, computer devices and functionality provided by computer applications. Examples of consumers are computer users, computer Software and other Hardware on the computer.


LDAP



Kerberos

SASL

RADIUS

SpaceFED

  • SpaceFED - an inter-(hacker)space federated authentication platform which currently offers the following services: spacenet - federated authentication using RADIUS, useful for 802.1X and more spacesaml - federated authentication for cloudservices spaceconnect - seamless encrypted connectivity between hackerspaces, based on IPsec and NHRP

OpenAM

  • OpenAM - The only “all-in-one” access management solution that includes Authentication, SSO, Authorization, Federation, Entitlements, Adaptive Authentication, Strong Authentication, and Web Services Security, in a single, unified product. Mobile support out of the box with full OAuth 2.0 and OpenID Connect support, modern protocols that provide the most efficient method for developing secure native or HTML5 mobile applications optimized for bandwidth and CPU.

pwm

  • https://github.com/pwm-project/pwm - an open source password self service application for LDAP directories. PWM is an ideal candidate for organizations that wish to “roll their own” password self service solution, but do not wish to start from scratch.

Keycloak

Authelia

  • Authelia - an open-source authentication and authorization server and portal fulfilling the identity and access management (IAM) role of information security in providing multi-factor authentication and single sign-on (SSO) for your applications via a web portal. It acts as a companion for common reverse proxies.

RPC

See also Data, HTTP, Semantic

  • https://en.wikipedia.org/wiki/Remote_procedure_call - In distributed computing, a remote procedure call (RPC) is when a computer program causes a procedure (subroutine) to execute in a different address space (commonly on another computer on a shared network), which is coded as if it were a normal (local) procedure call, without the programmer explicitly coding the details for the remote interaction. That is, the programmer writes essentially the same code whether the subroutine is local to the executing program, or remote. This is a form of client–server interaction (caller is client, executor is server), typically implemented via a request–response message-passing system. In the object-oriented programming paradigm, RPC calls are represented by remote method invocation (RMI). The RPC model implies a level of location transparency, namely that calling procedures is largely the same whether it is local or remote, but usually they are not identical, so local calls can be distinguished from remote calls. Remote calls are usually orders of magnitude slower and less reliable than local calls, so distinguishing them is important.

RPCs are a form of inter-process communication (IPC), in that different processes have different address spaces: if on the same host machine, they have distinct virtual address spaces, even though the physical address space is the same; while if they are on different hosts, the physical address space is different. Many different (often incompatible) technologies have been used to implement the concept.


Messaging

Apache Kafka

RabbitMQ

Iggy

  • https://github.com/iggy-rs/iggy - the persistent message streaming platform written in Rust, supporting QUIC, TCP and HTTP transport protocols, capable of processing millions of messages per second.

Distributed


  • https://en.wikipedia.org/wiki/Virtual_synchrony - an interprocess message passing (sometimes called ordered, reliable multicast) technology. Virtual synchrony systems allow programs running in a network to organize themselves into process groups, and to send messages to groups (as opposed to sending them to specific processes). Each message is delivered to all the group members, in the identical order, and this is true even when two messages are transmitted simultaneously by different senders.

Consensus

Raft

Vsync

  • Vsync - can enable reliable, secure replication of data even in the highly elastic first-tier of the cloud. Vsync is a new name for a fairly mature project of Ken Birman at Cornell University, previously called Isis2. The Vsync software library helps you build applications that will run on multiple computers, coordinating actions, sharing replicated data, moving files and other information at high speeds, cooperating to support key-value storage (DHT storage), etc. Vsync aims at sophisticated developers with challenging needs, and is designed to be highly secure, fault-tolerant, consistent and very scalable, even under "cloudy conditions."

Other



  • https://en.wikipedia.org/wiki/Link-Local_Multicast_Name_Resolution - a protocol based on the Domain Name System (DNS) packet format that allows both IPv4 and IPv6 hosts to perform name resolution for hosts on the same local link. It is included in Windows Vista, Windows Server 2008, Windows 7, Windows 8 and Windows 10. It is also implemented by systemd-resolved on Linux. LLMNR is defined in RFC 4795.

Anti-spam




  • Resilience - an ad blocker for your computer that works with any browser on any operating system. Resilience on macOS. Resilience doesn't sell out your privacy with "acceptable ads". Built-in support for EasyList and EasyPrivacy. Transparent HTTP/HTTPS proxy for Windows, Linux and macOS.Launches at startup and shows a system tray icon. Automatically updates block lists every 24 hours. Checks for Resilience client updates automatically.