41 slides Fun with FCC part 15 Home speaker system on 107.3 (and that’s not easy in the NYC/PHL area)
41 slides Fun with FCC part 15 Home speaker system on 107.3 (and that’s not easy in the NYC/PHL area)
Dec 14, 2015
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
41 slides
Fun with FCC part 15
Home speaker system on 107.3
(and that’s not easy in the NYC/PHL area)
41 slides
This talk was going to be boring…
41 slides
Another Reason Why I Like the Window Seat
Bill Cheswick
41 slides
Mapping the Internet and
Intranets
Steve Branigan, Hal Burch, Bill Cheswick
Mapping the Internet and intranets slide 6 of 41
41 slides
How To Take the Internet Down for a
weekBill Cheswick
<startup-name>
41 slides
Our digital house
By Kestrel, Terence, Lorette, and Bill Cheswick
Mapping the Internet and intranets slide 10 of 41
Mapping the Internet and intranets slide 11 of 41
Mapping the Internet and intranets slide 12 of 41
Free at last!
• Nagata
• Varley
• Etc.
41 slides
Anything large enough to be called
an “intranet” isout of control
Mapping the Internet and intranets slide 14 of 41
Lumeta
• Spun off from Bell Labs in Sept. 2000
• B round funding last June
• Building a hang glider…
41 slides
Inside the Kimono…
Mapping the Internet and intranets slide 16 of 41
Mapping the Internet and intranets slide 17 of 41
Mapping the Internet and intranets slide 18 of 41
Mapping the Internet and intranets slide 19 of 41
Mapping the Internet and intranets slide 20 of 41
Mapping the Internet and intranets slide 21 of 41
Mapping the Internet and intranets slide 22 of 41
Mapping the Internet and intranets slide 23 of 41
Mapping the Internet and intranets slide 24 of 41
Mapping the Internet and intranets slide 25 of 41
Mapping the Internet and intranets slide 26 of 41
Some intranet statisticsfrom Lumeta clients
Intranet sizes (devices) 7,900 365,000Corporate address space 81,000 745,000,000Address space usage efficiency% devices in unknown address space 0.01% 20.86%
% routers responding to "public" 0.14% 75.50%% routers responding to other 0.00% 52.00%
Outbound host leaks on network 0 176,000% devices with outbound ICMP leaks 0% 79%% devices with outbound UDP leaks 0% 82%
Inbound UDP host leaks 0 5,800% devices with inbound ICMP leaks 0% 11%% devices with inbound UDP leaks 0% 12%
% hosts running Windows 36% 84%
Mapping the Internet and intranets slide 27 of 41
But how do we debug our software?
• We used to use Lucent’s network back when I was working at Bell Labs
• We have a very light touch on our clients’ networks, and they like it that way
• The Bank of Zork (NASDAQ: BOZO) doesn’t want us practicing on their network
Mapping the Internet and intranets slide 28 of 41
Simulation vs emulation
• Simulators run packet flows over imaginary networks
• Often run to test routing and queuing algorithms
• Emulator wants to appear to be the network
Mapping the Internet and intranets slide 29 of 41
What does a chief scientist do?
• Primarily a prima donna
• Certainly not in development– Travel too much to keep deadline
promises– Never was good at all-nighters
• Find a project that would be nice, but nobody is waiting for
• QA was a fine place to look
Mapping the Internet and intranets slide 30 of 41
Honeyd
• Written by Niels Provos at citi.umich.edu
• Name unrelated to, and vexes, Peter Honeyman, also of citi.umich.edu
• Designed to emulate one or more computers in a single host to lure and confuse hackers
• Responds using nmap and other host fingerprinting databases
• User scripts available to emulate specific web and other network server software
Mapping the Internet and intranets slide 31 of 41
Honeyd
• Designed to emulate one or more computers in a single host to lure and confuse hackers
• User scripts available to emulate specific web and other network server software– Microsoft IIS web server– A number of text-based services are
emulated in available scripts
Mapping the Internet and intranets slide 32 of 41
Honeyd
• Host fingerprint identification based on probe databases– Nmap– xprobe
Mapping the Internet and intranets slide 33 of 41
My Honeyd project
• Make honeyd configuration scripts that build our clients’ networks from the data we obtain
• Add UDP servers for– DNS (name service)– SNMP (Simple Network Management
Protocol)
Mapping the Internet and intranets slide 34 of 41
Uses
• Perfect test network for QA– Unchanging….diff the pages– Build pathological network configurations
• Training
• Sales demos
• Could this be a product?
Mapping the Internet and intranets slide 35 of 41
My honeyd scripts
• Generates entire network description for honeyd based on our client data
• You want a 50,000 node network based on real data? No problem. 300,000 nodes? OK
• DNS emulates name server lookups
• Routers respond with SNMP data
Mapping the Internet and intranets slide 36 of 41
How good is the emulation?
• Handles pings and traceroutes with no problem
• Handles “stealth hosts”, routers that don’t issue TTL exceeded messages
• Even does a fair job of simulating latencies
• Emulator for SNMP and DNS queries
• This is good enough for us: we don’t collect other data at present
• Real networks change as you test them.
Mapping the Internet and intranets slide 37 of 41Real
Mapping the Internet and intranets slide 38 of 41Simulated
Mapping the Internet and intranets slide 39 of 41
Certainly not perfect
• There isn’t nearly as much state in our network emulation as there is in a real network
• CPU time becomes an issue, and the emulator is not efficient at the moment– Moore’s law is a big help here
• Host fingerprinting could make the network much more convincing– We are working on it– Could just fake it
Mapping the Internet and intranets slide 40 of 41
Future work
• Many incremental improvements to network simulations
• Honeyd performance improvements
• Might release a large cleansed network configuration for research purposes
Related Documents
