- 1 Lectures at Hacking Feminism
- 2 Internet Plumbing
- 3 Basics
- 4 Networking Principles
- 5 Advanced topics
- 6 Next topics
Lectures at Hacking Feminism
Fist lecture in this series:
- Empower each-other with knowledge
- Learn the basics technical concepts of underlying Internet works
- Discover & emphesise roles of women
- Practice & get our hands dirty
- Work on the alternatives together!
- Personal goals: learn by teaching; develop series of lectures; practice practice practice!
- What's your goals?
Internet Plumbing is a word-game with multiple layers of meaning (ha! a recursive pun ;-)
Series of Tubes
- Andrew Blum 2012 book " Tubes: A Journey to The Center of The Internet" , starts with the squirrel that ruins his Internet (connection/tube).
Ubiquitous and complicated as plumbing?
- Internet as a utility
- just like "plumbing" (water & sewage), there is underlying "technology" to it, so complex, that no-one seems to grasp how all of it works
- 60% of the population of the planet does NOT have "teh Internets", and 30% does not have plumbing either (http://www.un.org/waterforlifedecade/sanitation.shtml)
- Mary Midgley: "Utopias, dolphins, and computers - problems in philosophical plumbing "
- Women in history of computing, engineering, internet
- Female_experts -- Women who wrote about Internet: history, hacking, ethics, (hack)tivism, governance, economy, (anti)capitalism , climate change, philosophy
- Geek/cyber feminism: Ladies_Night#Feminism
Participate, take action, join
- contribute to this wiki page
- learn more!
- join mailing lists discussions for technical policy development & Internet governance
- learn to code & take part in FLOSS community
- join a hackerspace
- teach your skills to others
- contact me: BECHA @ xs4all dot nl // @Ms_Multicolor
Internet is network of networks
Step by step
- "Small network" -- computers "talking" to each other
- Local Area Network = LAN
- With cables (ethernet), or Wireless (WiFi)
- How do they find each other? using unique numbers: MAC (ethernet) address (layer 2), translated by ARP (MAC to IP address)
- About IP (Internet Protocol) addresses
- binary numbers, written as decimal (IPv4) or hexadecimal (IPv6)
- Can be "public" or "private" (=local)
- What is the format?
- Typical / mainstream home (or small office) network
- Private IP addresses
- NAT = Network Address Translation - translated from multiple private to (usually) one public IP address
- Home router is (usually) a gateway, firewall, and NAT box at the same time
- ... and because of IPv4 exhaustion there is also double-NAT aka NAT444
10.0.0.0 - 10.255.255.255 (10/8 prefix) 172.16.0.0 - 172.31.255.255 (172.16/12 prefix) 192.168.0.0 - 192.168.255.255 (192.168/16 prefix)
- Video on NAT: https://www.youtube.com/watch?v=QBqPzHEDzvo (not to watch during the lesson...)
- Further reading about IPv6: User:Becha/DeeperIPv6
- Where do the IP addresses come from?
- Hierarchical distribution (see charts)
- Principles: fairness, aggregation, conservation, registration
- Used to be "needs based", now open to "market forces"
- Policies for distribution ("rules") are developed in open, transparent, bottom-up process
- IPv4 is "legacy", has run out - but is still DE FACTO THE ONLY STANDARD in use!
Inter-connecting and Routing
- Connecting "to the Internet"
- usually through commercial ISP (Internet Service Provider): dial-up, fibre, ... modem or router.
- "free Wifi"
- over mobile!
- alternatively: community-mesh-peer-to-peer : MeshNet
- ISPs connecting with each other
- ISPs are "autonomous networks" (autonomous from each other)
- Using BGP and AS numbers https://en.wikipedia.org/wiki/Border_Gateway_Protocol
- routing = finding a "path" between networks
- Advanced concepts: announcing, prefix, route,
- Later on: User:Becha/DeeperBGP
Exercise!! (ping) & Video!!! (https://www.youtube.com/watch?v=IzLPKuAOe50) (Youtube taken over / hijacked by Pakistan Telekom)
- Relationships between "providers"
- direct peering: between more-less same size & same "importance" ISPs
- usually at IXP (Internet eXchange Point, e.g. Ams-IX, LINX...)
- "buying transit" from a "national Telco", usually
- large providers and carriers create a "backbone"
- Further reading: Social scientist explains: Uta Meier-Hahn
- Internet Interconnection: Networking in Uncertain Terrain https://labs.ripe.net/Members/uta_meier_hahn/internet-interconnection-networking-in-uncertain-terrain
- The Regulatory Conditions of IP Interconnection 2016 https://labs.ripe.net/Members/uta_meier_hahn/the-regulatory-conditions-of-ip-interconnection
- October 2016: the death of transit? https://blog.apnic.net/2016/10/28/the-death-of-transit/
Video!!! "Internet Revealed, a movie about IXPs" https://www.youtube.com/watch?v=QuBde4Sn3f0
Domain Name System
- How do humans find services on the Internet? -> BY NAME!
- numbers (IP addresses) are translated to names by DNS
- web-sites, servers, services have DNS "names"
- hierarchical distribution of names
- Advanced concepts: resolver, cashing, primary & secondary name-servers, master-slave, recursive resolver, labels, zones, A & AAAA records
- DNS with NAT
- COMIC BOOK by "Simple" DNS: https://howdns.works/
- Much later: User:Becha/DeeperDNS
- youtube hijack
- How IXP's work
- Net of Rights
Want to learn more?
- ISOC on-line course: https://www.internetsociety.org/what-we-do/inforum-learn-online/inforum-course-introduction-network-operations
- RIPE NCC training materials are free to use: https://ripe.net/training
- See also "resources"
- packets & packet switching
- layered network model
- (open) protocols & (open) standards
- end-to-end principle
- server/client architecture
Comparing OSI & TCP / IP layers
Original borrowed from: https://en.wikipedia.org/wiki/OSI_model
|TCP / IP Model||OSI Model|
|Layer||OSI Layer||Protocol data unit (PDU)||Function||Examples|
|Application||7. Application||Data||High-level APIs, including resource sharing, remote file access, directory services and virtual terminals||TLS, FTP, HTTP, HTTPS, SMTP, SSH, Telnet, BGP!|
|6. Presentation||Translation of data between a networking service and an application; including character encoding, data compression and encryption/decryption||CSS, GIF, HTML, XML, JSON|
|Transport||5. Session||Managing communication sessions, i.e. continuous exchange of information in the form of multiple back-and-forth transmissions between two nodes||RPC, SCP, NFS, PAP,|
|4. Transport||Segment (TCP) / Datagram (UDP)||Reliable transmission of data segments between points on a network, including segmentation, acknowledgement and multiplexing||NBF, TCP, UDP|
| Network /
|3. Network||Packet||Structuring and managing a multi-node network, including addressing, routing and traffic control||AppleTalk, ICMP, IPsec, IPv4, IPv6|
|2. Data link||Frame||Reliable transmission of data frames between two nodes connected by a physical layer||IEEE 802.2, L2TP, LLDP, MAC, PPP, ATM, MPLS|
|1. Physical||Bit||Transmission and reception of raw bit streams over a physical medium||DOCSIS, DSL, Ethernet physical layer, ISDN, USB|
- ARP is used to translate IPv4 addresses (OSI layer 3) into Ethernet MAC addresses (OSI layer 2).
- Domain Name Service is an Application Layer service which is used to look up the IP address of a given domain name. Once a reply is received from the DNS server, it is then possible to form a Layer 3 connection to the third-party host.
Many many more resources: books, videos:
- DNS & CDNs: Internet plumbing: Think globally, route locally, Mar 16th 2011, http://www.economist.com/node/21016766/print
Wonderful site for teaching Internet concepts to children: http://networks.land/
- IPv4, IPv6: Internet Protocol (IP) addresses
- NAT: Network Address Translation
- DNS: Domain Name System
- ASN: Autonomous System Number
- used for BGP routing (Border Gateway Protocol)
- IXP: Internet eXchange Point
Layers as an allegory
Left: OSI Model T-shirt enhanced to include an 8th and 9th layer as defined by Evi Nemeth: https://en.wikipedia.org/wiki/Evi_Nemeth // https://www.isc.org/product/isc-9-layer-osi-model-cotton-t-shirt/
(TODO: add ISC reference to Evi's wikipedia page!!)
Right: back of the T-shirt from the IETF75 in Stockholm, 2005
Explaining complex concepts using layers is a useful abstraction.
Goal here is to illustrate layers by practical examples, and point out owners, developers, dangers, mitigations & alternatives.
This is not exactly technically correct, for the detail oriented people!
|Number||Layer name||Example||Practically||Owner||Developed by||Vulnerabilities / Dangers||Mitigation / Securing||Alternatives|
|9||Organisation / Political||(Internet) Governance||technical community, civil society, governments||IGF (Internet Governance Forum), UN, ITU, IETF, ICANN,||awareness, take part!||someone will build a new *net, AlterNet :-)|
|8||Individual / Financial||Operating System (OS) + choice of software||Linux, FreeBSD, Minix...; iOS, Android, Windows...||User!|| programmers & developers: FLOSS community;
|backdoors, surveillance, spying on users; lock-in; monopoly;||community participation; unionization of programmers; see articles here [yy]||knowledge, self-empowerment, solidarity|
|7||Application||7.3 -> VoIP||skype|
|7.2 -> SMTP|
|7.1 HTTP: web, WWW||web sites! LoLCats!|| individuals, on their own servers!
blogs (blogspot?), mainstream media, hosting companies; CDNs (Akamai, Amazon...); corporations: Google, Facebook, Twitter... YouTube..
|W3c, IETF||censorship; silos; walled gardens; commercialization, consumerism;|| technically: httpS, SSL, TLS; Tor;
politically: activism, digital human rights; associations of users;
|torrent! p2p! alternative social media!|
|6||Presentation||HTML, CSS, JSON|
|5||Session||BGP (actually layer 7...)|| routing: exchanging AS reachability info via gossip: based on trust & peering agreements!
physical routers by routers: Cisco/Juniper (commercial monopolists ;-)
|Large ISPs; Tier1 / Tier2 ; IXPs!! RIRs give out AS numbers||"routing-wg" @ RIPE; *NOGs! (nano, nlnog, grnog; peering forums; Euro-IX); IETF; Open-Source community ; hackers||"route hijacks", government regulation & takeover (killer switch), hierarchies;|| technically: BGPsec, IRR, RPKI;
politically: influencing governance
|p2p protocols, Betman [xx]; MPLS, SDN; Tor?!|
|4||Transport||UDP -> e.g. DNS (see above!)||www.belastingdiest.nl||User; Registrar, Registry, ccTLD, gTLD, ICANN, US government!||DNS OARC, IETF, root-nameserver operators, ICANN, IGF/UN/ITU||"balkanisation", US hegemony; internationalization; censorship;|| technically: DNSSEC, DANE ; Tor;
politically: participating in governance
|Alternative trees; blockchain (namecoin); etc|
|3||Network||Internet / IP||ifconfig; IPv4, NAT, 10.10.10.10, IPv6|| no-one: IP addresses are "leased"!
|RIR PDP, IANA, IETF||hierarchy, run-out, incompatibility, market forces; surveillance||IPSec||Blockchain? GSM? Radio?|
|2||Data-link||MAC addresses, Ethernet device drivers, WiFi drivers||licensed to users||Broadcom, Realtech, INTEL..||patents, closed source, Intellectual Property Laws||open source SW, open HW||?!|
|1||Physical||Network connections||Ethernet cables, WiFi antennas, fibers, satellites, satellite dishes, base-stations, under-sea cables ; POTS (old-fashioned phones -> BBS, dialup)|| Individuals
communities, ISP, "carriers", corporations, governments,
commercial companies, governments
|"ownership" models; hierarchy of server-client model; pollution & distraction of Earth; surveillance||commoning; shared infrastructure; development of sustainable technologies (?!), recycling; awareness & activism||Community WiFi, Project Loon, Drones|
|HW - end user equipment||Computer, tablet, phone...||User||Commercial companies: Apple, Siemens, Samsung...||Un-ethical manufacturing, security backdoors, pollution caused by e-waste disposal,||Hard:||Open HW movement; fair-phone; DIY, Repair Cafes, fair-trade...|
Security, Privacy, Avoiding Censorship
- BGP security & plumbing:
- User Self-help:
MeshNet: "Hackers and philosophers building an utopia together": http://becha.home.xs4all.nl/hackers-philosophers-utopian-network-dec-2012-becha.pdf
November 2014: Nature will have the last word, on Future of Technology, RIPE69 https://wiki.techinc.nl/index.php/File:Nature-speaking-on-future_of_the_internet-RIPE69.pdf
UnCivilization: critical thinking about Internet & capitalism: https://lists.puscii.nl/wws/info/uncivilization
Playfull: Internet Simulator: https://github.com/nsec/the-internet
- Alternative Network Deployments: Taxonomy, characterization, technologies and architectures
- The Critical Engineering Manifesto: https://www.criticalengineering.org/
See this lecture : Internet_Governance_Digital_Culture#Internet_Governance
Linux Install Fest!
Lessons to be made yet
- Measurements & RIPE_Atlas_probes_at_hackerspaces
- Alternative networks: MeshNet
- It shouldn't be hard: http://www.explainxkcd.com/wiki/index.php/1349:_Shouldn%27t_Be_Hard // http://www.xkcd.com/1349/