41 slides Fun with FCC part 15 Home speaker system on 107.3 (and that’s not easy in the NYC/PHL area)

Slides:



Advertisements
Similar presentations
Renumbering Networks: RFC 4192 Fred Baker. How RFC 4192 came to be I heard one too many times on operational lists it is impossible to renumber a network.
Advertisements

1 of 75Mapping the Internet and Intranets. 75 slides Mapping the Internet and Intranets Bill Cheswick
21.1 Chapter 21 Network Layer: Address Mapping, Error Reporting, and Multicasting Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.
System Security Scanning and Discovery Chapter 14.
Introduction to the Internet September 7, 2005 Lecture 1.
Internet Control Message Protocol (ICMP)
1 A survey of Internet Topology Discovery. 2 Outline Motivations Internet topology IP Interface Level Router Level AS Level PoP Level.
W7D2. Internet (topology) (recap) Local Area Networks (Ethernet) packet switched networks LAN-s patched together Internet addresses (Internet Protocol.
User-level Internet Path Diagnosis R. Mahajan, N. Spring, D. Wetherall and T. Anderson.
CSC458/2209 PA1 Simple Router Based on slides by: Antonin Seyed Amir Hejazi 19/09/2014 CSC458/ Computer Networks, University of Toronto.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 5 Introduction to DNS in Windows Server 2008.
Chapter 23: ARP, ICMP, DHCP IS333 Spring 2015.
Network Measurement Bandwidth Analysis. Why measure bandwidth? Network congestion has increased tremendously. Network congestion has increased tremendously.
Ch 20 Q and A IS333, Spring 2015 Victor Norman. Universal Service Means every computer can talk “directly” with every other one. A message is not addressed.
Copyright Kenneth M. Chipps Ph.D. How to Use SNMP to Collect Network Data Last Update
Virtual Private Network (VPN) © N. Ganesan, Ph.D..
CISCO NETWORKING ACADEMY Chabot College ELEC ping & traceroute.
TCP/IP Tools Lesson 5. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Using basic TCP/IP commands Understanding TCP/IP3.6.
Click to edit Master subtitle style Chapter 17: Troubleshooting Tools Instructor:
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
21.1 Chapter 21 Network Layer: Address Mapping, Error Reporting, and Multicasting Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.
Support Protocols and Technologies. Topics Filling in the gaps we need to make for IP forwarding work in practice – Getting IP addresses (DHCP) – Mapping.
Chapter Eleven An Introduction to TCP/IP. Objectives To compare TCP/IP’s layered structure to OSI To review the structure of an IP address To look at.
Microsoft Windows 2003 Server. Client/Server Environment Many client computers connect to a server.
1 Lab 3 Transport Layer T.A. Youngjoo Han. 2 Transport Layer  Providing logical communication b/w application processes running on different hosts 
Project Octopus: Network Topology Discovery Rachit Siamwalla Rosen Sharma MONET : Cornell Department of Computer Science.
Rhys McBreen (How the internet works) X. Contents The Layers and what they do IP Addressing X.
Databases and the Internet. Lecture Objectives Databases and the Internet Characteristics and Benefits of Internet Server-Side vs. Client-Side Special.
120 slides Mapping the Internet and Intranets Steve Branigan, Hal Burch, Bill Cheswick
Chapter 9.
21.1 Chapter 21 Network Layer: Address Mapping, Error Reporting, and Multicasting Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.
PA3: Router Junxian (Jim) Huang EECS 489 W11 /
Network Management System The Concept –From a central computer, network administrator can manage entire network Collect data Give commands –Moving gradually.
HoneyD (Part 2) Small Business NIDS This presentation demonstrates the ability for Small Businesses to emulate virtual operating systems and conduct.
Chapter 1: Introduction to Web Applications. This chapter gives an overview of the Internet, and where the World Wide Web fits in. It then outlines the.
Copyright © 2002 Pearson Education, Inc. Slide 3-1 CHAPTER 3 Created by, David Zolzer, Northwestern State University—Louisiana The Internet and World Wide.
Your First Azure Application Michael Stiefel Reliable Software, Inc.
CIS 450 – Network Security Chapter 3 – Information Gathering.
A Virtual Honeypot Framework Author: Niels Provos Published in: CITI Report 03-1 Presenter: Tao Li.
15-1 Networking Computer network A collection of computing devices that are connected in various ways in order to communicate and share resources.
KFSensor Vs Honeyd Honeypot System Sunil Gurung
workshop eugene, oregon What is network management? System & Service monitoring  Reachability, availability Resource measurement/monitoring.
1 Chapter 7: NAT in Internet and Intranet Designs Designs That Include NAT Essential NAT Design Concepts Data Protection in NAT Designs NAT Design Optimization.
The Inter-network is a big network of networks.. The five-layer networking model for the internet.
A VIRTUAL HONEYPOT FRAMEWORK Author : Niels Provos Publication: Usenix Security Symposium Presenter: Hiral Chhaya for CAP6103.
Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.
Exploring Office 2003 – Grauer and Barber HTML And Basic Web page.
Application Layer Khondaker Abdullah-Al-Mamun Lecturer, CSE Instructor, CNAP AUST.
NETWORK HARDWARE AND SOFTWARE MR ROSS UNIT 3 IT APPLICATIONS.
A Virtual Honeypot Framework Niels Provos Google, Inc. The 13th USENIX Security Symposium, August 9–13, 2004 San Diego, CA Presented by: Sean Mondesire.
Networking Fundamentals. Basics Network – collection of nodes and links that cooperate for communication Nodes – computer systems –Internal (routers,
Module 1: Configuring Routing by Using Routing and Remote Access.
TCP/IP (Transmission Control Protocol / Internet Protocol)
9: Troubleshooting Your Network
IP addresses IPv4 and IPv6. IP addresses (IP=Internet Protocol) Each computer connected to the Internet must have a unique IP address.
Free, online, technical courses Take a free online course. Microsoft Virtual Academy.
Network Reconnaissance CS490 - Security in Computing Copyright © 2005 by Scott Orr and the Trustees of Indiana University.
(ITI310) By Eng. BASSEM ALSAID SESSIONS 9: Dynamic Host Configuration Protocol (DHCP)
A Web Based Job Submission System for a Physics Computing Cluster David Jones IOP Particle Physics 2004 Birmingham 1.
Network Monitoring Sebastian Büttrich, NSRC / IT University of Copenhagen Last edit: February 2012, ICTP Trieste
Common System Exploits Tom Chothia Computer Security, Lecture 17.
UDP TCP.
TCP/IP Utilities Richard Goldman May 29, 2003.
8 Network Layer Part V Computer Networks Tutun Juhana
Lecture 6: TCP/IP Networking By: Adal Alashban
Ping Hackathon 2018.
Internet Control Message Protocol (ICMP)
Internet Control Message Protocol (ICMP)
Intro to Ethical Hacking
Internet Control Message Protocol (ICMP)
Presentation transcript:

41 slides Fun with FCC part 15 Home speaker system on (and that’s not easy in the NYC/PHL area)

41 slides Emulating large intranets with honeyd Bill Cheswick

41 slides This talk was going to be boring…

41 slides Another Reason Why I Like the Window Seat Bill Cheswick

41 slides Mapping the Internet and Intranets Steve Branigan, Hal Burch, Bill Cheswick

Mapping the Internet and intranets slide 6 of 41

41 slides How To Take the Internet Down for a week Bill Cheswick

41 slides Our digital house By Kestrel, Terence, Lorette, and Bill Cheswick

41 slides Emulating large intranets with honeyd Bill Cheswick

Mapping the Internet and intranets slide 10 of 41

Mapping the Internet and intranets slide 11 of 41

Mapping the Internet and intranets slide 12 of 41 Free at last! Nagata Varley Etc.

41 slides Anything large enough to be called an “intranet” is out of control

Mapping the Internet and intranets slide 14 of 41 Lumeta Spun off from Bell Labs in Sept B round funding last June Building a hang glider…

41 slides Inside the Kimono…

Mapping the Internet and intranets slide 16 of 41

Mapping the Internet and intranets slide 17 of 41

Mapping the Internet and intranets slide 18 of 41

Mapping the Internet and intranets slide 19 of 41

Mapping the Internet and intranets slide 20 of 41

Mapping the Internet and intranets slide 21 of 41

Mapping the Internet and intranets slide 22 of 41

Mapping the Internet and intranets slide 23 of 41

Mapping the Internet and intranets slide 24 of 41

Mapping the Internet and intranets slide 25 of 41

Mapping the Internet and intranets slide 26 of 41 Some intranet statistics from Lumeta clients

Mapping the Internet and intranets slide 27 of 41 But how do we debug our software? We used to use Lucent’s network back when I was working at Bell Labs We have a very light touch on our clients’ networks, and they like it that way The Bank of Zork (NASDAQ: BOZO) doesn’t want us practicing on their network

Mapping the Internet and intranets slide 28 of 41 Simulation vs emulation Simulators run packet flows over imaginary networks Often run to test routing and queuing algorithms Emulator wants to appear to be the network

Mapping the Internet and intranets slide 29 of 41 What does a chief scientist do? Primarily a prima donna Certainly not in development – Travel too much to keep deadline promises – Never was good at all-nighters Find a project that would be nice, but nobody is waiting for QA was a fine place to look

Mapping the Internet and intranets slide 30 of 41 Honeyd Written by Niels Provos at citi.umich.edu Name unrelated to, and vexes, Peter Honeyman, also of citi.umich.edu Designed to emulate one or more computers in a single host to lure and confuse hackers Responds using nmap and other host fingerprinting databases User scripts available to emulate specific web and other network server software

Mapping the Internet and intranets slide 31 of 41 Honeyd Designed to emulate one or more computers in a single host to lure and confuse hackers User scripts available to emulate specific web and other network server software – Microsoft IIS web server – A number of text-based services are emulated in available scripts

Mapping the Internet and intranets slide 32 of 41 Honeyd Host fingerprint identification based on probe databases – Nmap – xprobe

Mapping the Internet and intranets slide 33 of 41 My Honeyd project Make honeyd configuration scripts that build our clients’ networks from the data we obtain Add UDP servers for – DNS (name service) – SNMP (Simple Network Management Protocol)

Mapping the Internet and intranets slide 34 of 41 Uses Perfect test network for QA – Unchanging….diff the pages – Build pathological network configurations Training Sales demos Could this be a product?

Mapping the Internet and intranets slide 35 of 41 My honeyd scripts Generates entire network description for honeyd based on our client data You want a 50,000 node network based on real data? No problem. 300,000 nodes? OK DNS emulates name server lookups Routers respond with SNMP data

Mapping the Internet and intranets slide 36 of 41 How good is the emulation? Handles pings and traceroutes with no problem Handles “stealth hosts”, routers that don’t issue TTL exceeded messages Even does a fair job of simulating latencies Emulator for SNMP and DNS queries This is good enough for us: we don’t collect other data at present Real networks change as you test them.

Mapping the Internet and intranets slide 37 of 41 Real

Mapping the Internet and intranets slide 38 of 41 Simulated

Mapping the Internet and intranets slide 39 of 41 Certainly not perfect There isn’t nearly as much state in our network emulation as there is in a real network CPU time becomes an issue, and the emulator is not efficient at the moment – Moore’s law is a big help here Host fingerprinting could make the network much more convincing – We are working on it – Could just fake it

Mapping the Internet and intranets slide 40 of 41 Future work Many incremental improvements to network simulations Honeyd performance improvements Might release a large cleansed network configuration for research purposes

41 slides Emulating large intranets with honeyd Bill Cheswick

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.