You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
176 lines
4.9 KiB
176 lines
4.9 KiB
%% HINWEISE:
|
|
%% Hier müssen folgende Einstellungen vorgenommen werden:
|
|
\newif\ifeng
|
|
%% Sprache:
|
|
%% Falls die Dokumentensprache Englisch ist \engfalse mit einem %-Zeichen
|
|
%%%davor auskommentieren, falls Deutsch \engtrue auskommentieren:
|
|
%\engtrue
|
|
|
|
\input{header}
|
|
|
|
\title{Network}
|
|
\subtitle{}
|
|
\author{Michael Preisach}
|
|
\institute{}
|
|
\date{May 17 2019}
|
|
|
|
%%%%
|
|
%%%%%%%%%%%%%%%%
|
|
\begin{document}
|
|
%%%%%%%%%%%%%%%%
|
|
%%%%
|
|
{
|
|
\usebackgroundtemplate{\includegraphics[width=\paperwidth]{logos/hacker_flyer_bg_cmyk_slide.jpg}}
|
|
\begin{frame}[plain]
|
|
\titlepage
|
|
\end{frame}
|
|
}
|
|
\section{Networking Basics}
|
|
\begin{frame}
|
|
\frametitle{Networking Basics}
|
|
\begin{itemize}
|
|
\item How do you get the traffic between Alice and Bob?
|
|
\end{itemize}
|
|
\vfill
|
|
\begin{center}
|
|
\begin{tikzpicture}[scale=0.8]
|
|
\Vertex[ x=0, y=0, color=sigflagblue]{A}
|
|
\Vertex[ x=6, y=0, color=sigflagblue]{B}
|
|
\Vertex[ x=3, y=-3, Pseudo]{C}
|
|
\Vertex[ x=3, y=0, opacity=0, style={color=sigflagblue}]{D}
|
|
\Text[ x=0, y=0,color=white, position=above,distance=5mm]{\texttt{Alice}}
|
|
\Text[ x=6, y=0,color=white, position=above,distance=5mm]{\texttt{Bob}}
|
|
\Edge[color=white,Direct](C)(D)
|
|
\Edge[color=white](A)(B)
|
|
\Plane[x=-2.75, y=2.25, width=1.5, height=1.5,image=logos/thinkface, NoBorder]
|
|
\Text[ x=3, y=-3.5,color=white]{\texttt{Charlie}}
|
|
\end{tikzpicture}
|
|
\end{center}
|
|
\end{frame}
|
|
|
|
\begin{frame}
|
|
\frametitle{Networking Basics}
|
|
\begin{itemize}
|
|
\item Alice and Bob are connected directly:
|
|
\begin{itemize}
|
|
\item Use two bridged interfaces on your computer and connect them to Alice and Bob
|
|
\end{itemize}
|
|
\item Alice and Bob are connected via a hub
|
|
\begin{itemize}
|
|
\item Just plug in to one port of the hub
|
|
\end{itemize}
|
|
\end{itemize}
|
|
\vfill
|
|
\begin{center}
|
|
\begin{tikzpicture}[scale=0.8]
|
|
\Vertex[ x=0, y=0, color=sigflagblue]{A}
|
|
\Vertex[ x=6, y=0, color=sigflagblue]{B}
|
|
\Vertex[ x=3, y=-3, Pseudo]{C}
|
|
\Vertex[ x=3, y=0, opacity=0, style={color=sigflagblue}]{D}
|
|
\Text[ x=0, y=0,color=white, position=below,distance=5mm]{\texttt{Alice}}
|
|
\Text[ x=6, y=0,color=white, position=below,distance=5mm]{\texttt{Bob}}
|
|
\Edge[color=white,Direct](C)(D)
|
|
\Edge[color=white](A)(B)
|
|
\Plane[x=-3, y=2, width=2, height=2,image=logos/trollface, NoBorder]
|
|
\Text[ x=3, y=-3.5,color=white]{\texttt{Charlie}}
|
|
\end{tikzpicture}
|
|
\end{center}
|
|
\end{frame}
|
|
|
|
\begin{frame}
|
|
\frametitle{Networking Basics}
|
|
\begin{itemize}
|
|
\item Alice and Bob are connected via a switch:
|
|
\begin{itemize}
|
|
\item Managed switch: Mirror the port of either Alice or Bob to Charlie
|
|
\item Unmanaged switch: use a managed switch
|
|
\end{itemize}
|
|
\end{itemize}
|
|
\vfill
|
|
\begin{center}
|
|
\begin{tikzpicture}[scale=0.8]
|
|
\Vertex[ x=0, y=0, color=sigflagblue]{A}
|
|
\Vertex[ x=6, y=0, color=sigflagblue]{B}
|
|
\Vertex[ x=3, y=-3, Pseudo]{C}
|
|
\Vertex[ x=3, y=0, opacity=0, style={color=sigflagblue}]{D}
|
|
\Text[ x=0, y=0,color=white, position=below,distance=5mm]{\texttt{Alice}}
|
|
\Text[ x=6, y=0,color=white, position=below,distance=5mm]{\texttt{Bob}}
|
|
\Edge[color=white,Direct](C)(D)
|
|
\Edge[color=white](A)(B)
|
|
\Plane[x=-3, y=2, width=2, height=2,image=logos/trollface, NoBorder]
|
|
\Text[ x=3, y=-3.5,color=white]{\texttt{Charlie}}
|
|
\end{tikzpicture}
|
|
\end{center}
|
|
\end{frame}
|
|
|
|
\begin{frame}
|
|
\frametitle{Networking Basics}
|
|
\begin{itemize}
|
|
\item How do you capture the traffic?
|
|
\begin{itemize}
|
|
\item tcpdump (CLI)
|
|
\item Wireshark (GUI)
|
|
\end{itemize}
|
|
\end{itemize}
|
|
\vfill
|
|
\begin{block}{Example: Capturing traffic from \texttt{eth0}}
|
|
\lstinputlisting[language=bash,numbers=none,linerange={1-1}]{sources/tcpdump.sh}
|
|
\end{block}
|
|
\end{frame}
|
|
|
|
|
|
\section{Wireshark}
|
|
\begin{frame}
|
|
\frametitle{Wireshark}
|
|
\begin{itemize}
|
|
\item Open a \texttt{.dump} file OR capture from NIC
|
|
\item Filter traffic
|
|
\begin{itemize}
|
|
\item Big variety of supported protocols
|
|
\item Filter rules down to single bits of a protocol possible
|
|
\item Where should I start?
|
|
\end{itemize}
|
|
\end{itemize}
|
|
\end{frame}
|
|
|
|
\begin{frame}
|
|
\frametitle{Wireshark}
|
|
\begin{itemize}
|
|
\item Find the interesting parts in a dump: Filter packets
|
|
\begin{itemize}
|
|
\item by IP address,
|
|
\item port number,
|
|
\item protocol flag,
|
|
\item \ldots
|
|
\end{itemize}
|
|
\item \texttt{Menu->Analyze->Follow->* Stream}
|
|
\begin{itemize}
|
|
\item Displays the payload of one connection (SYN to FIN)
|
|
\end{itemize}
|
|
\end{itemize}
|
|
\vfill
|
|
\begin{block}{Example: Filtering packets in Wireshark}
|
|
\lstinputlisting[language=bash,numbers=none,linerange={2-4}]{sources/tcpdump.sh}
|
|
\end{block}
|
|
|
|
\end{frame}
|
|
|
|
\section{Conclusion}
|
|
\begin{frame}
|
|
\frametitle{Conclusion}
|
|
\begin{itemize}
|
|
\item TCPdump can also handle filter rules (same syntax)
|
|
\end{itemize}
|
|
\begin{block}{Example: TCPdump with filter rule}
|
|
\lstinputlisting[language=bash,numbers=none,linerange={5-5}]{sources/tcpdump.sh}
|
|
\end{block}
|
|
\begin{itemize}
|
|
\item TCPdump man page:\\
|
|
\url{www.tcpdump.org/manpages/tcpdump.1.html}
|
|
\item Wireshark User's Guide: \\\url{www.wireshark.org/docs/wsug_html_chunked}
|
|
\end{itemize}
|
|
\end{frame}
|
|
|
|
\section{Happy Dumpster Diving!}
|
|
|
|
\end{document}
|
|
|