Networking

-
DNS Server
On a typical small or home network, the DNS server IP addresses are often the same as the default gateway address. Devices send their DNS queries to your router, which then forwards the requests on to whatever DNS servers the router is configured to use.

 https://www.cyberciti.biz/faq/how-to-find-out-dns-for-router/

PING

ping operates by sending Internet Control Message Protocol (ICMP) echo request packets to the target host and waiting for an ICMP echo reply. The program reports errors, packet loss, and a statistical summary of the results, typically including the minimum, maximum, the mean round-trip times, and standard deviation of the mean.

ping requests host if it is alive and print required time to get a response from that host server.
ping www.google.com

check dns server
nslookup www.google.com
host www.google.com

 To view dns traffic run tcpudmp as root

 # tcpdump udp and src port 53
# tcpdump udp and dst port 53
# tcpdump -n -s 1500 -i eth0 udp port 53

 Traceroute - 


Traceroute will print out a list of all the routers, computers, and any other Internet entities that your packets must travel through to get to their destination. * in tracroute results mean udp/icmp is blocked by that router or ttl becomes 0.

 traceroute -I www.yahoo.com

Note that simply replacing domain name with server's IP won't work for most websites. It's because of virtual hosts. It's a mechanism that lets you run multiple websites on one IP address. When the server behind an IP receives a HTTP request, it checks request headers to determine what website the client wants to see. Then it serves appropriate document. Now, if a server 198.51.100.1 is configured to accept only requests for example.com, it won't respond to your request for http://198.51.100.1/ because the domain is not example.com.
TTL
Time to live (TTL) or hop limit is a mechanism that limits the lifespan or lifetime of data in a computer or network. TTL prevents a data packet from circulating indefinitely. Under the Internet Protocol, TTL is an 8-bit field. The maximum TTL value is 255. A recommended initial value is 64. TTL is measured in seconds, although every host that passes the datagram must reduce the TTL by at least one unit.



IP: The full ip assigned to a user has two parts - network id and host id, which is used to communicate over an inter-connected network.
Network ID: Node where users of this specific branch are connected.
Host ID: User device id 
Subnet Mask: This is used to identify the range of network ID.

 Default Gateway Address
It’s the default IP address to which a device sends network data when that data is intended to go to a different network than the one the device is on. On a home network that uses 192.168.1.0 for a network ID, the router is usually going to be 192.168.1.1.





TCP/IP Protocol Layers

Transmission Control Protocol

TCP is responsible for routing application protocols to the correct application on the destination computer. To accomplish this, port numbers are used. Ports can be thought of as seperate channels on each computer. For example, you can surf the web while reading e-mail. This is because these two applications (the web browser and the mail client) used different port numbers. When a packet arrives at a computer and makes its way up the protocol stack, the TCP layer decides which application receives the packet based on a port number.


TCP is a connection-oriented, reliable, byte stream service. Connection-oriented means that two applications using TCP must first establish a connection before exchanging data.

  • When the TCP layer receives the application layer protocol data from above, it segments it into manageable 'chunks' and then adds a TCP header with specific TCP information to each 'chunk'. The TCP header includes the port number of the application the data needs to be sent to.
  • When the TCP layer receives a packet from the IP layer below it, the TCP layer strips the TCP header data from the packet and then sends the data to the correct application using the port number taken from the TCP header.

Internet Protocol

 IP is an unreliable, connectionless protocol. IP doesn't care whether a packet gets to it's destination or not. Nor does IP know about connections and port numbers. IP's job is too send and route packets to other computers.

IP layer adds IP header in the packet received from TCP Layer which includes IP addresses of the sending and receiving computers.

The application layer data is segmented in the TCP layer, the TCP header is added, the packet continues to the IP layer, the IP header is added, and then the packet is transmitted across the Internet.






Router

This a node where two different host/client/network connected. Which is also called Hop. 


  • OSI Layer 2 uses MAC addresses and is responsible for packet delivery from hop to hop.
  • OSI Layer 3 uses IP addresses and is responsible for packet delivery from end to end.

Between each Router, the MAC address header is stripped and regenerated to get it to the next hop. The IP header generated by the first computer is only stripped off by the final computer, hence the IP header handled the “end to end” delivery, and each of the four different MAC headers involved in this animation handled the “hop to hop” delivery.



http://www.practicalnetworking.net/series/packet-traveling/osi-model/
https://www.howtogeek.com/341307/how-do-ip-addresses-work/

http://www.theshulers.com/whitepapers/internet_whitepaper/



 HTTPS
HTTPS is based on public/private-key cryptography. This basically means that there is a key pair: The public key is used for encryption and the secret private key is required for decryption.
certificate is basically a public key with a label identifying the owner.
So when your browser connects to an HTTPS server, the server will answer with its certificate. The browser checks if the certificate is valid:
  • the owner information need to match the server name that the user requested.
  • the certificate needs to be signed by a trusted certification authority.
If one of these conditions is not met, the user is informed about the problem.
After the verification, the browser extracts the public key and uses it to encrypt some information before sending it to the server. The server can decrypt it because the server has the matching private key.
The certificate contains the public key of the webserver. The malicious proxy is not in the possession of the matching private key. So if the proxy forwards the real certificate to the client, it cannot decrypt information the client sends to the webserver.
The proxy server may try to forge the certificate and provide his own public key instead. This will, however, destroy the signature of the certification authorities. The browser will warn about the invalid certificate.
If the administrator of your computer cooperates, it is possible for a proxy server to sniff https connections. This is used in some companies in order to scan for viruses and to enforce guidelines of acceptable use.
local certification authority is setup and the administrator tells your browser that this CA is trustworthy. The proxy server uses this CA to sign his forged certificates.

  1. When a client and a server negotiate HTTPS, the server sends its public key to the client.
  2. The client encrypts the session encryption key that it wants to use using the server's public key, and sends that encrypted data to the server.
  3. The server decrypts that session encryption key using its private key, and starts using it.
  4. The session is protected now, because only the client and the server can know the session encryption key. It was never transmitted in the clear, or in any way an attacker could decrypt, so only they know it.

Proxy server can act as a certificate authority, however, not a very trustworthy one: Instead of issuing certificates to actual persons or organizations, proxy dynamically generates certificates to whatever hostname is needed for a connection. If, for instance, a client wants to connect to https://www.facebook.com, proxy generates a certificate for “www.facebook.com” and signs it with its own CA. Provided that the client trusts this CA, both of the above mentioned conditions are true (trusted CA, same CN) — meaning that the client believes that the proxy server is in fact “www.facebook.com”. 

SSL VS TLS

The terms SSL and TLS are often used interchangeably or in conjunction with each other (TLS/SSL), but one is in fact the predecessor of the other — SSL 3.0 served as the basis for TLS 1.0 which, as a result, is sometimes referred to as SSL 3.1.
Hole Punching

Comments

Post a Comment

Popular posts from this blog

Thread & Locks

-
Image
Threads Threads are subunits of processes, which can be scheduled independently by the operating system scheduler. Multiple threads can be executed at the same time on a single CPU core. The operating system assigns small slices of computing time to each thread, so that it seems to the user as if multiple tasks are executed at the same time. If multiple CPU cores are available, then multiple threads can be executed truly in parallel. We can either use the POSIX thread API, or the Objective-C wrapper around this API, NSThread. NSThread is a simple Objective-C wrapper around pthreads. Grand Central Dispatch With GCD you don’t interact with threads directly anymore. Instead you add blocks of code to queues, and GCD manages a thread pool behind the scenes. GCD decides on which particular thread your code blocks are going to be executed on, and it manages these threads according to the available system resources. This alleviates the problem of too many threads being cre
Read more

Opengl-es Buffer

-
Image
Framebuffer A  Framebuffer  is a collection of buffers that can be used as the destination for rendering. OpenGL has two kinds of framebuffers: the  Default Framebuffer , which is provided by the  OpenGL Context ; and user-created framebuffers called  Framebuffer Objects  (FBOs). The buffers for default framebuffers are part of the context and usually represent a window or display device. The buffers for FBOs reference images from either  Textures  or  Renderbuffers ; they are never directly visible. Default Framebuffer The Default Framebuffer is the Framebuffer that OpenGL is created with. It is created along with the OpenGL Context. Like Framebuffer Objects , the default framebuffer is a series of images. Unlike FBOs, one of these images usually represents what you actually see on some part of your screen. Framebuffer Object FBO contains a collection of rendering destinations; color, depth and stencil buffer. These logical buffers in a FBO are called framebuffer-attachab
Read more

Opengl Stages of Vertex Transformation

-
Image
Stages of Vertex Transformation Required to render the desired scene of a 3d world in a 2d screen Object Coordinates : local coordinate system of object before any transformation is applied. Eye coordinates : the result of multiplication of GL_MODELVIEW matrix and object coordinates. Objects are transformed from object space to eye space. M(ModelView) = M(view). M(model) where M(model) = object space to world space and M(view) = world space to eye space. Clip coordinates : the result of multiplication of GL_PROJECTION matrix and eye coordinates. GL_PROJECTION matrix used to define the frustum. It determined hot the 3D scene is projected onto the screen. NDC : Perspective division which is yielded by dividing the clip coordinates by w. Window coordinates : NDC are scaled and translated in order to fit into the rendering screen. Analogy With a Camera Transformations : Viewing Transformation : Setting up tripod and pointing the camera at the scene.
Read more