Network analysis and security

• Live data graphing
• Network performance
• Network protocols
• Network security
• Network technologies
• Network tools
• Packet capture and analysis
• Software-defined radio
• Technology and ethics
• Electronics

Network tools

• net-tools is the collection of network tools that go back to the origins of Unix systems. They include ifconfig, netstat, arp, route and hostname. In many modern systems they are either obsolete or deprecated in favour of iproute2 (see below). Jonathan Corbet wrote an article for LWN subscribers in January 2017 on Moving on from net-tools.
• tcpdump tutorial and primer by Daniel Miessler.
• tcpdump examples at Hacker Target.
• Traceroute map generator from MIT.
• iproute2 is the collection of network utilities to replace and extend net-tools (see above). It includes ip and tc. The iproute2 summary sheet by Daniil Baturin gives a nice overview with lots of examples of how to achieve results using iproute2 that are comparable to those from net-tools.
• IPv6 is best defined by RFC8200. IPv6 deployment in 2018, from the Internet Society, based on Google reports.
• IPv6 toolkit by van Hauser for testing the attack resistance of IPv6 configurations.
• Review of network monitoring tools by CellStream.

Back to top of page

Network technologies

• DSLreports, US-based reports and tools for DSL services.
• netplan configuration with YAML.
• ThinkBroadband, was ADSL Guide, UK-based broadband information.

Back to top of page

Live data graphing

• MRTG, the multi-router traffic graphercan store and display years of data. It stores data with decreasing granularity as the time period increases.
• Netdata has real-time performance monitoring, in great detail, covering the last few minutes of a huge range of server statistics.

Back to top of page

Network security

• Andrew Case’s reading list on computer security, digital forensics, incident response, malware analysis, and reverse engineering.
• Cryptography
  • Cryptography in an hour video by Colin Percival.
  • CyberChef from GCHQ is a web interface for analysing and decoding data. The program is available vis GitHub for download under the Apache licence.
  • A Riddle Wrapped in an Enigma, a paper by Koblitz and Menezes from the IACR Cryptology ePrint Archive revised on 26 November 2015. The paper gives a detailed history of ECC and evaluates speculations on the deprecation of ECC and other Suite B technologies by the NSA in August 2015. The deprecation of P-256 was immediate, that of other technologies on a somewhat longer timescale.
  • ECC safe curves at safecurves.cr.yp.to. An introduction to safe curve considerations.
  • How to encrypt your entire life in less than an hour by Quincy Larson, teacher at FreeCodeCamp from 2016-11-9.
  • Have I Been Pwned?
  • IACR, the International Association for Cryptological Research
  • List of naughty strings for testing software that accepts user input.
  • Post-Quantum Cryptography for Long-Term Security paper by the PQCRYPTO working party for the EC Horizon 2020 project.
  • Project Wycheproof from Google provides a test framework for encryption algorithm testing.
• Dan Geer’s publications.
• dcp disk copy and profile utility from the NSA Technology Transfer program.
• Dingo is a caching DNS server that accesses Google DNS servers over HTTPS. Written in GO by Pawel Foremski.
• GPG for data encryption guidance from NASA.
• DNSSEC, TLS and DANE by R L Barnes, IETF Journal, October 2011.
• DNSSpy.io runs a comprehensive test of the performance and security of a domain’s DNS servers.
• Krebs on security
• Mark Jeftovic’s Blog. Mark is the CEO of EasyDNS and author of an O’Reilly book on DNS.
• Firewalls
  • IPTables on RHEL/CentOS
  • firewalld on RHEL/CentOS
  • What comes after iptables? Its successor, of course: nftables. Posted on the Red Hat Developer blog by Florian Westphal on 28 October 2016.
• Gibson Research Corporation.
• Help Net Security provide InfoSec news as a website, with archive, and as a weekly or daily email newsletter.
• Ivan Ristić’s blog. Ivan operates SSL Labs.
• Mitch Kabay’s web site, security resources.
• OneRNG is a reliable and open verifiable USB-connected hardware entropy source and random number generator. Excellent random number generation is essential to achieve robust encryption.
• NIST National Cybersecurity Center of Excellence with building blocks, under projects in the site menu, that include DNS-based email.
• The Open Web Application Security Project (OWASP) focuses on improving the security of software and systems. Includes cheat sheets such as the HTML5 Security Cheat Sheet that includes advice on HTTP headers, Communication APIs, Storage APIs, Geolocation, Web Workers, Sandboxed Frames, and Offline Applications.
• QUIC Performance and Security at the Transport Layer by Samuel Jero in the November 2016 edition of the IETF Journal. The article introduces a security review of QUIC (Quick UDP Internet Connections), a proposal by Google for lower latency secure web traffic.
• Risks Register
• Securi-Pi: Using the Raspberry Pi as a Secure Landing Point using SSLH and OpenVPN. By Bill Childers, 2015-12-09.
• Security Now, a TWIT TV programme. Show notes and transcripts at Gibson Research Corp.
• Security in Times of Surveillance conference on Friday 08 May 2015 was hosted by the Eindhoven Institute for the Protection of Systems and Information (Ei/PSI, EiΨ).
• TLS parameters from IANA.
• Top 125 Network Security Tools, originally from an insecure.org nmap user survey.
• UDP amplification attack background and mitigation, US CERT report TA14-017A from 2014> was revised on <2016-04-13.
• Yubikey NEO Smartcard features, an lwn.net article from November 2014.

Back to top of page

Network performance

• TCP BBR congestion control to increase server speed. Needs kernel version 4.9 or higher.

Back to top of page

Network protocols

• IEEE standards
• Ipv6: IAB statement on IPv4 address space exhaustion of 07 November 2016. In brief, all network protocols must work with IPv6 and no longer require IPv4. Hence, future IETF protocol work will optimize for and depend on IPv6.
• Linux network stack monitoring and tuning from the packagecloud blog in 2017.
• Protocols web site.
• RFC Editor
• TCP/IP Port List by Richard Akerman.
• Unix domain sockets v. IP performance in a blog article from 2017 by Tiago “Myhro” Ilieve.

Packet capture and analysis

• Packetbomb.com by Kary: case studies and tutorials using Wireshark.
• SharkFest US and SharkFest Europe include sessions from previous conferences.
• WireShark packet capture tools.

Software-defined radio

• Wide-band WebSDR at ETGD at the University of Twente

Technology and Ethics

• Do artifacts have ethics? A 2014 blogpost by Michael Sacasas that proposes 41 questions to explore the wide-ranging “moral dimension” of our technologies.
• BCS ITNow magazine often considers Ethics. The Summer 2018 issue includes articles including an interview with Luciano Floridi and on responsible research in IT.

Back to top of page

Electronics

This may be more historic than useful nowadays. In days long ago it was not unusual to need to wire up a connector, often requiring soldering, and to have some understanding of basic electronics and components.

• All ABout Circuits