Mobile frequency allocation

GSM 850-900 MHz 1.228 MHz = 3Mb/s Wireless 802.11n 40 MHz channel width 2.4 GHz 5 GHz,g_WLAN).svg 2412, 2417, 2422, 2427 2432, 2437, 2442, 2447 2452, 2457, 2462, 2467 2472, 2484 UMTS (3G) 3GPP W-CDMA (wideband) 2100 MHz 5 MHz = 2Mb/s Each cell uses 1.8-12 kb/s U-NII 5.150 - 5.925 Bluetooth 2.4 to 2.485 GHz A computer chip selects the 79 channels of the ISM band automatically to prevent eavesdropping and interference with other equipment. [Read More]

Stayin' alive...

Detecting closed sockets

OS config Linux proc echo 600 > /proc/sys/net/ipv4/tcp_keepalive_time echo 60 > /proc/sys/net/ipv4/tcp_keepalive_intvl echo 20 > /proc/sys/net/ipv4/tcp_keepalive_probes Registry keys HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters TCP_KEEPCNT: overrides tcp_keepalive_probes TCP_KEEPIDLE: overrides tcp_keepalive_time TCP_KEEPINTVL: overrides tcp_keepalive_intvl Peek data to check socket is open. recv(sock, &buf, 1, MSG_PEEK | MSG_DONTWAIT); Linux only MSG_DONTWAIT: set blocking per recv call Script while (1) {clear; echo hello; netstat -n -a | select-string 2300; sleep 1} C Set extra params using SOL_TCP. optval = 1; optlen = sizeof(optval); if(setsockopt(s, SOL_SOCKET, SO_KEEPALIVE, &optval, optlen) < 0) { perror("setsockopt()"); close(s); exit(EXIT_FAILURE); } Nagle’s algorithm – “Congestion Control in IP/TCP Internetworks” TCP_NODELAY https://en. [Read More]


Layers and protocols

Please Do Not Take Salami Pizza Away Comparison of OSI and TCP/IP models. OSI TCP/IP Protocol Data Unit Protocols Example Hardware example Application Application Files/data Facebook Application layer gateway (packet inspection) Presentation ssh Encryption Session http, telnet Login Transport Transport Segments/datagrams TCP, UDP TCP Firewall (port number) Network Internet Packets IP, ICMP, ARP ping Router, layer 3 switch Datalink Network Frames/bits fibre, Ethernet, Wi-Fi ARP Bridge, switch (forward or not forward) Physical Wi-Fi Repeater, hub (multiport repeater) Additionally ICMP: ping, sends echo request. [Read More]

Network analysis

On the Linux command line

For the purposes of this exercise we’re not employing any nefarious means to gain access to packets. Generally Ethernet switches attempt to intelligently direct packets to only the intended host so an ordinary machine sat on a subnet will only receive its own packets and broadcasts. But unsolicited broadcasts will at least show you some other active IPs on the network. You want to get “in the way” of as much data as possible so if you can run these tests on the router then even better. [Read More]

Imagine you're a browser...

Technologies and protocols

An example of technologies encountered when a browser requests a page from a server. In this case the browser is running on a laptop connected by Wi-Fi. Forming a request User types a URL into the browser: Host performs DNS resolution to convert the URL into an IP address (the web server) The DNS server (and host IP) could be set manually but it will probably be part of a DHCP offer The application (browser) attempts a TCP connection with the server IP If no protocol is specified (http, https, ftp) the browser will default to 80 The browser must now work out how to reach the server The netmask is ANDed with the host IP address, if they’re on the same network then the request can be emitted immediately Otherwise, the host must send the packet via the default gateway (also configured by DHCP) The information makes its way down the TCP stack Layer two adds the MAC header Frame is transmitted between devices Frame is encrypted as it is transmitted through the air At the gateway the request makes its way back up to the TCP layer where it can be forwarded to the next gateway The browser will probably be running from a private network so the router must translate the local to the WAN network (NAT) Reaching the server Upon reaching the destination the server will probably send a redirect to the HTTPS version of the website (. [Read More]

Generate a network topology

From a hosts file

tracehost is a bash script that parses a standard hosts files and generates an SVG. The script accepts a standard system hosts file format but actually it only cares about the first host or IP on a line. In fact any line format may be used as long as each line begins with something that can be pinged. localhost # for local people - google # Zero waste The image below is generated as a daily GitLab cron job. [Read More]