%% HINWEISE:
%% Hier müssen folgende Einstellungen vorgenommen werden:
\newif\ifeng
%% Sprache:
%% Falls die Dokumentensprache Englisch ist \engfalse mit einem %-Zeichen 
%%%davor auskommentieren, falls Deutsch \engtrue auskommentieren:
%\engtrue

\input{header}

\title{Network}
\subtitle{}
\author{Michael Preisach}
\institute{}
\date{May 17 2019}

%%%%
	%%%%%%%%%%%%%%%%
\begin{document}
	%%%%%%%%%%%%%%%%
%%%%
{
	\usebackgroundtemplate{\includegraphics[width=\paperwidth]{logos/hacker_flyer_bg_cmyk_slide.jpg}}
	\begin{frame}[plain]
		\titlepage
	\end{frame}
}
\section{Networking Basics}
\begin{frame}
\frametitle{Networking Basics}
\begin{itemize}
	\item How do you get the traffic between Alice and Bob?
\end{itemize}
\vfill
\begin{center}
	\begin{tikzpicture}[scale=0.8]
		\Vertex[ x=0, y=0, color=sigflagblue]{A}
		\Vertex[ x=6, y=0, color=sigflagblue]{B}
		\Vertex[ x=3, y=-3, Pseudo]{C}
		\Vertex[ x=3, y=0, opacity=0, style={color=sigflagblue}]{D}
		\Text[ x=0, y=0,color=white, position=above,distance=5mm]{\texttt{Alice}}
		\Text[ x=6, y=0,color=white, position=above,distance=5mm]{\texttt{Bob}}
		\Edge[color=white,Direct](C)(D)
		\Edge[color=white](A)(B)
		\Plane[x=-2.75, y=2.25, width=1.5, height=1.5,image=logos/thinkface, NoBorder]
		\Text[ x=3, y=-3.5,color=white]{\texttt{Charlie}}
	\end{tikzpicture}
\end{center}
\end{frame}

\begin{frame}
\frametitle{Networking Basics}
\begin{itemize}
	\item Alice and Bob are connected directly: 
	\begin{itemize}
		\item Use two bridged interfaces on your computer and connect them to Alice and Bob
	\end{itemize}
	\item Alice and Bob are connected via a hub
	\begin{itemize}
		\item Just plug in to one port of the hub
	\end{itemize}
\end{itemize}
\vfill
\begin{center}
	\begin{tikzpicture}[scale=0.8]
		\Vertex[ x=0, y=0, color=sigflagblue]{A}
		\Vertex[ x=6, y=0, color=sigflagblue]{B}
		\Vertex[ x=3, y=-3, Pseudo]{C}
		\Vertex[ x=3, y=0, opacity=0, style={color=sigflagblue}]{D}
		\Text[ x=0, y=0,color=white, position=below,distance=5mm]{\texttt{Alice}}
		\Text[ x=6, y=0,color=white, position=below,distance=5mm]{\texttt{Bob}}
		\Edge[color=white,Direct](C)(D)
		\Edge[color=white](A)(B)
		\Plane[x=-3, y=2, width=2, height=2,image=logos/trollface, NoBorder]
		\Text[ x=3, y=-3.5,color=white]{\texttt{Charlie}}
	\end{tikzpicture}
\end{center}
\end{frame}

\begin{frame}
\frametitle{Networking Basics}
	\begin{itemize}
		\item Alice and Bob are connected via a switch: 
		\begin{itemize}
			\item Managed switch: Mirror the port of either Alice or Bob to Charlie
			\item Unmanaged switch: use a managed switch
		\end{itemize}
	\end{itemize}
\vfill
	\begin{center}
		\begin{tikzpicture}[scale=0.8]
		\Vertex[ x=0, y=0, color=sigflagblue]{A}
		\Vertex[ x=6, y=0, color=sigflagblue]{B}
		\Vertex[ x=3, y=-3, Pseudo]{C}
		\Vertex[ x=3, y=0, opacity=0, style={color=sigflagblue}]{D}
		\Text[ x=0, y=0,color=white, position=below,distance=5mm]{\texttt{Alice}}
		\Text[ x=6, y=0,color=white, position=below,distance=5mm]{\texttt{Bob}}
		\Edge[color=white,Direct](C)(D)
		\Edge[color=white](A)(B)
		\Plane[x=-3, y=2, width=2, height=2,image=logos/trollface, NoBorder]
		\Text[ x=3, y=-3.5,color=white]{\texttt{Charlie}}
		\end{tikzpicture}
	\end{center}
\end{frame}

\begin{frame}
\frametitle{Networking Basics}
\begin{itemize}
	\item How do you capture the traffic?
	\begin{itemize}
		\item tcpdump (CLI)
		\item Wireshark (GUI)
	\end{itemize}
\end{itemize}
\vfill
\begin{block}{Example: Capturing traffic from \texttt{eth0}}
	\lstinputlisting[language=bash,numbers=none,linerange={1-1}]{sources/tcpdump.sh}
\end{block}
\end{frame}


\section{Wireshark}
\begin{frame}
\frametitle{Wireshark}
\begin{itemize}
	\item Open a \texttt{.dump} file OR capture from NIC
	\item Filter traffic
	\begin{itemize}
		\item Big variety of supported protocols
		\item Filter rules down to single bits of a protocol possible
		\item Where should I start?
	\end{itemize}
\end{itemize}
\end{frame}

\begin{frame}
\frametitle{Wireshark}
\begin{itemize}
	\item Find the interesting parts in a dump: Filter packets
	\begin{itemize}
		\item by IP address,
		\item port number,
		\item protocol flag,
		\item \ldots
	\end{itemize}
	\item \texttt{Menu->Analyze->Follow->* Stream}
	\begin{itemize}
		\item Displays the payload of one connection (SYN to FIN)
	\end{itemize}
\end{itemize}
\vfill
\begin{block}{Example: Filtering packets in Wireshark}
	\lstinputlisting[language=bash,numbers=none,linerange={2-4}]{sources/tcpdump.sh}
\end{block}

\end{frame}

\section{Conclusion}
\begin{frame}
\frametitle{Conclusion}
\begin{itemize}
	\item TCPdump can also handle filter rules (same syntax)
\end{itemize}
\begin{block}{Example: TCPdump with filter rule}
	\lstinputlisting[language=bash,numbers=none,linerange={5-5}]{sources/tcpdump.sh}
\end{block}
\begin{itemize}
	\item TCPdump man page:\\
	\url{www.tcpdump.org/manpages/tcpdump.1.html}
	\item Wireshark User's Guide:  \\\url{www.wireshark.org/docs/wsug_html_chunked}
\end{itemize}
\end{frame}

\section{Happy Dumpster Diving!}

	\end{document}