Difference between revisions of "User:Becha/InternetPlumbing"
(→Ubiquitous and complicated as plumbing?) |
(→Domain Name System) |
||
(108 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
− | [[File:Hacking-feminism-screenshot.png| | + | [[File:Hacking-feminism-screenshot.png|400px|right]] |
− | = | + | =Lectures at Hacking Feminism= |
+ | Fist lecture in this series: | ||
* 6 April 2016, 8PM | * 6 April 2016, 8PM | ||
+ | * At LAG | ||
* By '''[[User:Becha|Becha]]''' | * By '''[[User:Becha|Becha]]''' | ||
* https://wiki.laglab.org/Hacking_Feminism | * https://wiki.laglab.org/Hacking_Feminism | ||
+ | |||
+ | GOALS: | ||
+ | * Empower each-other with knowledge | ||
+ | * Learn the basics technical concepts of underlying Internet works | ||
+ | * Discover & emphesise roles of women | ||
+ | * Practice & get our hands dirty | ||
+ | * Work on the alternatives together! | ||
+ | * Personal goals: learn by teaching; develop series of lectures; practice practice practice! | ||
+ | * What's your goals? | ||
=Internet Plumbing= | =Internet Plumbing= | ||
Line 11: | Line 22: | ||
Internet Plumbing is a word-game with multiple layers of meaning (ha! a recursive pun ;-) | Internet Plumbing is a word-game with multiple layers of meaning (ha! a recursive pun ;-) | ||
− | ===Series of Tubes=== | + | [[File:Squirrel eating cable.jpg|200px|right]] |
+ | |||
+ | ===Internet As a Series of Tubes=== | ||
* https://en.wikipedia.org/wiki/Series_of_tubes | * https://en.wikipedia.org/wiki/Series_of_tubes | ||
− | * | + | * Andrew Blum 2012 book " Tubes: A Journey to The Center of The Internet" , starts with the squirrel that ruins his Internet (connection/tube). |
* http://knowyourmeme.com/memes/series-of-tubes | * http://knowyourmeme.com/memes/series-of-tubes | ||
− | * http://www.submarinecablemap.com/ | + | * http://www.submarinecablemap.com/ |
===Ubiquitous and complicated as plumbing?=== | ===Ubiquitous and complicated as plumbing?=== | ||
Line 23: | Line 36: | ||
* just like "plumbing" (water & sewage), there is underlying "technology" to it, so complex, that no-one seems to grasp how all of it works | * just like "plumbing" (water & sewage), there is underlying "technology" to it, so complex, that no-one seems to grasp how all of it works | ||
* 60% of the population of the planet does NOT have "teh Internets", and 30% does not have plumbing either (http://www.un.org/waterforlifedecade/sanitation.shtml) | * 60% of the population of the planet does NOT have "teh Internets", and 30% does not have plumbing either (http://www.un.org/waterforlifedecade/sanitation.shtml) | ||
+ | * Mary Midgley: "Utopias, dolphins, and computers - problems in philosophical plumbing " | ||
+ | https://openlibrary.org/books/OL968959M/Utopias_dolphins_and_computers | ||
+ | |||
+ | [[File:women role models in computing.jpg|right|300px]] | ||
+ | |||
+ | ===Women's role=== | ||
+ | |||
+ | * [[Ladies_Night/women_in_history_of_STEM | Women in history of computing, engineering, internet]] | ||
+ | * [[Female_experts]] -- Women who wrote about Internet: history, hacking, ethics, (hack)tivism, governance, economy, (anti)capitalism , climate change, philosophy | ||
+ | * [[Ladies_Night#Gender_gap_in_tech]] | ||
+ | * [[Ladies_Night#Increasing_the_gender_diversity]] | ||
+ | * [[Ladies_Night#Anti-capitalism]] | ||
+ | * Geek/cyber feminism: [[Ladies_Night#Feminism]] | ||
+ | |||
+ | ==Participate, take action, join== | ||
+ | |||
+ | * contribute to this wiki page | ||
+ | * learn more! | ||
+ | * join mailing lists discussions for technical policy development & Internet governance | ||
+ | * learn to code & take part in FLOSS community | ||
+ | * join a hackerspace | ||
+ | * teach your skills to others | ||
+ | |||
+ | * contact me: BECHA @ xs4all dot nl // @Ms_Multicolor | ||
+ | |||
+ | =Basics= | ||
+ | |||
+ | Internet is network of networks | ||
+ | |||
+ | ==Step by step== | ||
+ | |||
+ | [[File:Addressing-basics.png|300px|right]] | ||
+ | |||
+ | ===Local networks=== | ||
+ | |||
+ | * "Small network" -- computers "talking" to each other | ||
+ | ** Local Area Network = LAN | ||
+ | ** With cables (ethernet), or Wireless (WiFi) | ||
+ | ** How do they find each other? using unique numbers: MAC (ethernet) address (layer 2), translated by ARP (MAC to IP address) | ||
+ | |||
+ | [[File:750px-Ipv4 address.svg.png|300px|right ]] | ||
+ | |||
+ | ===IP addresses=== | ||
+ | |||
+ | * About IP (Internet Protocol) addresses | ||
+ | ** binary numbers, written as decimal (IPv4) or hexadecimal (IPv6) | ||
+ | ** Can be "public" or "private" (=local) | ||
+ | ** What is the format? | ||
+ | |||
+ | '''Exercise!!''' (ifconfig) | ||
+ | |||
+ | * Typical / mainstream home (or small office) network | ||
+ | ** Private IP addresses | ||
+ | ** NAT = Network Address Translation - translated from multiple private to (usually) one public IP address | ||
+ | ** Home router is (usually) a gateway, firewall, and NAT box at the same time | ||
+ | ** ... and because of IPv4 exhaustion there is also double-NAT aka NAT444 | ||
+ | |||
+ | 10.0.0.0 - 10.255.255.255 (10/8 prefix) | ||
+ | 172.16.0.0 - 172.31.255.255 (172.16/12 prefix) | ||
+ | 192.168.0.0 - 192.168.255.255 (192.168/16 prefix) | ||
+ | |||
+ | [[File:TheNAT444Model1.jpg|right|300px]] | ||
+ | |||
+ | [[File:Nat-images.png]] | ||
+ | |||
+ | * Video on NAT: https://www.youtube.com/watch?v=QBqPzHEDzvo (not to watch during the lesson...) | ||
+ | * Further reading about IPv6: [[User:Becha/DeeperIPv6]] | ||
+ | |||
+ | [[File:Where do they come from.png|300px]] | ||
+ | |||
+ | * Where do the IP addresses come from? | ||
+ | ** Hierarchical distribution (see charts) | ||
+ | ** Principles: fairness, aggregation, conservation, registration | ||
+ | ** Used to be "needs based", now open to "market forces" | ||
+ | ** Policies for distribution ("rules") are developed in open, transparent, bottom-up process | ||
+ | ** IPv4 is "legacy", has run out - but is still DE FACTO THE ONLY STANDARD in use! | ||
+ | |||
+ | [[File:Ipv4-space-distribution.png|300px]] | ||
+ | |||
+ | ===Inter-connecting and Routing=== | ||
+ | |||
+ | [[File:Isps.png|right|200px]] | ||
+ | |||
+ | * Connecting "to the Internet" | ||
+ | ** usually through commercial ISP (Internet Service Provider): dial-up, fibre, ... modem or router. | ||
+ | ** "free Wifi" | ||
+ | ** over mobile! | ||
+ | ** alternatively: community-mesh-peer-to-peer : [[MeshNet]] | ||
+ | |||
+ | * ISPs connecting with each other | ||
+ | ** ISPs are "autonomous networks" (autonomous from each other) | ||
+ | ** Using BGP and AS numbers https://en.wikipedia.org/wiki/Border_Gateway_Protocol | ||
+ | ** routing = finding a "path" between networks | ||
+ | ** Advanced concepts: announcing, prefix, route, | ||
+ | |||
+ | * Monty Python's "Life of Brian": Funny way to illustrate BGP hijacking: | ||
+ | ** https://youtu.be/OMtoGj0dcSo?t=213 | ||
+ | ** https://youtu.be/CcSOr0HHmbo?t=4338 | ||
+ | ** http://montypython.50webs.com/scripts/Life_of_Brian/35.htm | ||
+ | |||
+ | Judith: Release Brian! | ||
+ | Pilates: I shall... "welease" "Bwian"! | ||
+ | ... | ||
+ | Guard: Where is Brian of Nazareth? I have an order for his release. | ||
+ | Brian: ... You stupid bastards! | ||
+ | Joker: Uh, I'm Brian of Nazareth. | ||
+ | Brian: What? | ||
+ | Joker: Yeah, I'm Brian of Nazareth. | ||
+ | Guard: Take him down. | ||
+ | Brian: I'm Brian of Nazareth! | ||
+ | random slave: I'm Brian! | ||
+ | Another random slave: I'm Brian! | ||
+ | Rich merchant: I'm Brian, and so's my wife! | ||
+ | Guard (pointing to Joker): Take him away and release him. | ||
+ | Joker: No, I'm only joking. I'm not really Brian. I'm only pulling your leg. It's a joke! I'm not him! | ||
+ | Guard (hits him) | ||
+ | Joker: Bloody Romans. Can't take a joke. | ||
+ | |||
+ | |||
+ | * Later on: [[User:Becha/DeeperBGP]] | ||
+ | |||
+ | [[File:Becha-Autonomous-system.png | 400px ]] | ||
+ | |||
+ | '''Exercise!!''' (ping) & '''Video!!!''' (https://www.youtube.com/watch?v=IzLPKuAOe50) (Youtube taken over / hijacked by Pakistan Telekom) | ||
+ | |||
+ | [[File:With-ixp.png|300px|right]] | ||
+ | |||
+ | * Relationships between "providers" | ||
+ | ** direct peering: between more-less same size & same "importance" ISPs | ||
+ | ** usually at IXP (Internet eXchange Point, e.g. Ams-IX, LINX...) | ||
+ | ** "buying transit" from a "national Telco", usually | ||
+ | ** large providers and carriers create a "backbone" | ||
+ | |||
+ | * Further reading: Social scientist explains: Uta Meier-Hahn | ||
+ | ** Internet Interconnection: Networking in Uncertain Terrain https://labs.ripe.net/Members/uta_meier_hahn/internet-interconnection-networking-in-uncertain-terrain | ||
+ | ** The Regulatory Conditions of IP Interconnection 2016 https://labs.ripe.net/Members/uta_meier_hahn/the-regulatory-conditions-of-ip-interconnection | ||
+ | ** October 2016: the death of transit? https://blog.apnic.net/2016/10/28/the-death-of-transit/ | ||
+ | |||
+ | '''Video!!!''' "Internet Revealed, a movie about IXPs" https://www.youtube.com/watch?v=QuBde4Sn3f0 | ||
+ | |||
+ | ===Domain Name System=== | ||
+ | |||
+ | [[File:500px-An_example_of_theoretical_DNS_recursion-nl.svg.png|right|500px]] | ||
+ | |||
+ | * How do '''humans''' find services on the Internet? -> BY NAME! | ||
+ | ** numbers (IP addresses) are translated to names by DNS | ||
+ | ** web-sites, servers, services have DNS "names" | ||
+ | ** hierarchical distribution of names | ||
+ | ** Advanced concepts: resolver, cashing, primary & secondary name-servers, master-slave, recursive resolver, labels, zones, A & AAAA records | ||
+ | |||
+ | |||
+ | * DNS with NAT | ||
+ | |||
+ | [[File:Network Address Translation (file2).jpg|right|500px]] | ||
+ | |||
+ | '''Exercise!!''' | ||
+ | |||
+ | * COMIC BOOK by "Simple" DNS: https://howdns.works/ | ||
+ | |||
+ | * Much later: [[User:Becha/DeeperDNS]] | ||
+ | |||
+ | * Video / movie: "From .yu to .me" https://vimeo.com/95833310 | ||
+ | |||
+ | * https://messwithdns.net/ | ||
+ | |||
+ | * Funny facts: https://www.netmeister.org/blog/tlds.html | ||
+ | |||
+ | ==Exercises== | ||
+ | |||
+ | [[User:Becha/InternetPlumbing/Exercises]] | ||
+ | |||
+ | ==Videos== | ||
+ | |||
+ | * youtube hijack | ||
+ | * How IXP's work | ||
+ | * Net of Rights | ||
+ | |||
+ | ==Want to learn more?== | ||
+ | |||
+ | * ISOC on-line course: https://www.internetsociety.org/what-we-do/inforum-learn-online/inforum-course-introduction-network-operations | ||
+ | * RIPE NCC training materials are free to use: https://ripe.net/training | ||
+ | * See also "resources" | ||
+ | |||
+ | * "Lesson 8: The Internet Is for Everyone" https://curriculum.code.org/csp-18/unit1/8/#:~:text=He%20wrote%20a%20memo%20entitled,%2C%20gender%2C%20creed%2C%20location%2C | ||
+ | |||
+ | * CS Principles 2020-2021 https://curriculum.code.org/csp-20/ | ||
+ | |||
+ | =Networking Principles= | ||
+ | |||
+ | [[File:protocol stack hourglass 1.jpeg|200px|right]] | ||
+ | |||
+ | ==Concepts== | ||
+ | |||
+ | [[File:More-dolls-fig2.jpg|200px|right]] | ||
+ | |||
+ | * packets & packet switching | ||
+ | * encapsulation | ||
+ | * layered network model | ||
+ | * (open) protocols & (open) standards | ||
+ | * end-to-end principle | ||
+ | * ports | ||
+ | * server/client architecture | ||
+ | * cryptography | ||
+ | |||
+ | [[File:Networking-fig3.jpg|200px]] [[File:Email-tmp3163.jpg|400px]] | ||
+ | |||
+ | [[File:Tcpip pat.gif|400px]] | ||
+ | |||
+ | ==Comparing OSI & TCP / IP layers== | ||
+ | |||
+ | Original borrowed from: https://en.wikipedia.org/wiki/OSI_model | ||
+ | |||
+ | {| class="wikitable" style="margin: 1em auto 1em auto;" | ||
+ | |- | ||
+ | | TCP / IP Model | ||
+ | ! colspan="4" | OSI Model | ||
+ | |- | ||
+ | | Layer | ||
+ | | OSI Layer | ||
+ | ! [[Protocol data unit]] (PDU) | ||
+ | ! style="width:30em;" | Function | ||
+ | ! Examples | ||
+ | |- | ||
+ | ! rowspan="2" | Application | ||
+ | | style="background:#d8ec9b;" | 7. [[Application layer|Application]] | ||
+ | | style="background:#d8ec9c;" rowspan="3" | [[Data (computing)|Data]] | ||
+ | | style="background:#d8ec9c;" | <small>High-level [[API]]s, including resource sharing, remote file access, [[directory service]]s and [[virtual terminal]]s</small> | ||
+ | | [[Transport Layer Security|TLS]], [[FTP]], [[HTTP]], [[HTTPS]], [[SMTP]], [[Secure Shell|SSH]], [[Telnet]], BGP! | ||
+ | |- | ||
+ | | style="background:#d8ec9b;" | 6. [[Presentation layer|Presentation]] | ||
+ | | style="background:#d8ec9b;" | <small>Translation of data between a networking service and an application; including [[character encoding]], [[data compression]] and [[Encryption|encryption/decryption]]</small> | ||
+ | | [[CSS]], [[GIF]], [[HTML]], [[XML]], [[JSON]] | ||
+ | |- | ||
+ | ! rowspan="2" | Transport | ||
+ | | style="background:#d8ec9b;" | 5. [[Session layer|Session]] | ||
+ | | style="background:#d8ec9b;" | <small>Managing communication [[Session (computer science)|sessions]], i.e. continuous exchange of information in the form of multiple back-and-forth transmissions between two nodes</small> | ||
+ | | [[Remote Procedure Call|RPC]], [[DECnet|SCP]], [[Network File System|NFS]], [[Password authentication protocol|PAP]], | ||
+ | |- | ||
+ | | style="background:#e7ed9c;" | 4. [[Transport layer|Transport]] | ||
+ | | style="background:#e7ed9c;" | [[Packet segmentation|Segment]] (TCP) / [[Datagram]] (UDP) | ||
+ | | style="background:#e7ed9c;" | <small>Reliable transmission of data segments between points on a network, including [[Packet segmentation|segmentation]], [[Acknowledgement (data networks)|acknowledgement]] and [[multiplexing]]</small> | ||
+ | | [[NetBIOS Frames protocol|NBF]], [[Transmission Control Protocol|TCP]], [[User Datagram Protocol|UDP]] | ||
+ | |- | ||
+ | | Network / <br> Internet | ||
+ | | style="background:#eddc9c;" | 3. [[Network layer|Network]] | ||
+ | | style="background:#eddc9c;" | [[Network packet|Packet]] | ||
+ | | style="background:#eddc9c;" | <small>Structuring and managing a multi-node network, including [[Address space|addressing]], [[routing]] and [[Network traffic control|traffic control]]</small> | ||
+ | | [[AppleTalk]], [[Internet Control Message Protocol|ICMP]], [[IPsec]], [[IPv4]], [[IPv6]] | ||
+ | |- | ||
+ | ! rowspan="2" | Link <br> layer | ||
+ | | style="background:#e9c189;" | 2. [[Data link layer|Data link]] | ||
+ | | style="background:#e9c189;" | [[Frame (networking)|Frame]] | ||
+ | | style="background:#e9c189;" | <small>Reliable transmission of data frames between two nodes connected by a physical layer</small> | ||
+ | | [[IEEE 802.2]], [[L2TP]], [[LLDP]], [[Media access control|MAC]], [[Point-to-Point Protocol|PPP]], [[Asynchronous Transfer Mode|ATM]], [[Multiprotocol Label Switching|MPLS]] | ||
+ | |- | ||
+ | | style="background:#e9988a;" | 1. [[Physical layer|Physical]] | ||
+ | | style="background:#e9988a;" | [[Bit]] | ||
+ | | style="background:#e9988a;" | <small>Transmission and reception of raw bit streams over a physical medium</small> | ||
+ | | [[DOCSIS]], [[DSL]], [[Ethernet physical layer]], [[ISDN]], [[USB]] | ||
+ | |} | ||
+ | <!----- {{Clear}} -------> | ||
+ | |||
+ | Cross-layer functions: | ||
+ | |||
+ | * ARP is used to translate IPv4 addresses (OSI layer 3) into Ethernet MAC addresses (OSI layer 2). | ||
+ | * Domain Name Service is an Application Layer service which is used to look up the IP address of a given domain name. Once a reply is received from the DNS server, it is then possible to form a Layer 3 connection to the third-party host. | ||
+ | * etc | ||
+ | |||
+ | ==Resources== | ||
+ | |||
+ | Many many more resources: books, videos: | ||
+ | * [[Internet_Governance_and_hackers#How_does_the_Internet_work]] | ||
+ | |||
+ | Links: | ||
+ | * http://en.flossmanuals.net/bypassing-censorship/ch006_chapter-1-how/ | ||
+ | * https://en.wikipedia.org/wiki/Internet_protocol_suite | ||
+ | * http://what-when-how.com/data-communications-and-networking/network-and-transport-layers-data-communications-and-networking/ | ||
+ | * http://what-when-how.com/data-communications-and-networking/network-models-data-communications-and-networking/ | ||
+ | * http://www.laneye.com/network/how-network-works/mac-address-and-ip-address-relationship.htm | ||
+ | * https://www.amplicon.com/building/networking-principles.cfm#ip | ||
+ | * DNS & CDNs: Internet plumbing: Think globally, route locally, Mar 16th 2011, http://www.economist.com/node/21016766/print | ||
+ | |||
+ | Wonderful site for teaching Internet concepts to children: | ||
+ | http://networks.land/ | ||
==Acronyms!== | ==Acronyms!== | ||
+ | |||
+ | RIPE NCC Glossary: https://www.ripe.net/participate/member-support/new-member/ncc_glossary_print.pdf/at_download/file | ||
* TCP/IP | * TCP/IP | ||
Line 35: | Line 334: | ||
* SMTP | * SMTP | ||
* HTTP | * HTTP | ||
− | * CDN | + | * CDN |
− | + | =Advanced topics= | |
− | |||
− | + | ==Layers as an allegory== | |
− | + | [[File:Osi-layers-ti-shirt-download.jpeg|200px]] [[File:Evi nemeth.jpg|300px]] [[File:The art of engineering.png|right|200px]] | |
− | + | ||
+ | Left: OSI Model T-shirt enhanced to include an 8th and 9th layer as defined by Evi Nemeth: https://en.wikipedia.org/wiki/Evi_Nemeth // (old, broken link -> https://www.isc.org/product/isc-9-layer-osi-model-cotton-t-shirt/ ) | ||
+ | |||
+ | https://shop.isc.org/collections/shirts/products/osi-9-layer-model-t-shirt-1 | ||
+ | |||
+ | |||
+ | (TODO: add ISC reference to Evi's wikipedia page!!) | ||
+ | |||
+ | Right: back of the T-shirt from the IETF75 in Stockholm, 2005 | ||
+ | |||
+ | ==ABSTRACTION== | ||
+ | |||
+ | [[File:Osi-deployment-layers.png|right|300px]] | ||
+ | |||
+ | Explaining complex concepts using layers is a useful abstraction. | ||
+ | |||
+ | Goal here is to illustrate layers by practical examples, and point out '''owners, developers, dangers, mitigations & alternatives.''' | ||
+ | |||
+ | This is not exactly technically correct, for the detail oriented people! | ||
− | + | {|class="wikitable sortable" | |
− | + | |- | |
− | + | | Number | |
− | + | | Layer name | |
− | + | | Example | |
− | + | | Practically | |
− | + | | Owner | |
− | + | | Developed by | |
+ | | Vulnerabilities / Dangers | ||
+ | | Mitigation / Securing | ||
+ | | Alternatives | ||
+ | | | ||
+ | |- | ||
+ | |9 | ||
+ | | Organisation / Political | ||
+ | | (Internet) Governance | ||
+ | | | ||
+ | | technical community, civil society, governments | ||
+ | | IGF (Internet Governance Forum), UN, ITU, IETF, ICANN, | ||
+ | | | ||
+ | | awareness, take part! | ||
+ | | someone will build a new *net, AlterNet :-) | ||
+ | |- | ||
+ | |8 | ||
+ | | Individual / Financial | ||
+ | | Operating System (OS) + choice of software | ||
+ | | Linux, FreeBSD, Minix...; iOS, Android, Windows... | ||
+ | | User! | ||
+ | | programmers & developers: FLOSS community; <br> Apple, Google,Micro$oft | ||
+ | | backdoors, surveillance, spying on users; lock-in; monopoly; | ||
+ | | community participation; unionization of programmers; see articles here [yy] | ||
+ | | knowledge, self-empowerment, solidarity | ||
+ | | | ||
+ | |- | ||
+ | ! rowspan="3" | 7 | ||
+ | ! rowspan="3" | Application | ||
+ | | 7.3 -> VoIP | ||
+ | | skype | ||
+ | | | ||
+ | | | ||
+ | | | ||
+ | | | ||
+ | |- | ||
+ | |7.2 -> SMTP | ||
+ | | email | ||
+ | | | ||
+ | | | ||
+ | | | ||
+ | | | ||
+ | | | ||
+ | |- | ||
+ | | 7.1 HTTP: web, WWW | ||
+ | | web sites! LoLCats! | ||
+ | | individuals, on their own servers! <br> blogs (blogspot?), mainstream media, hosting companies; CDNs (Akamai, Amazon...); corporations: Google, Facebook, Twitter... YouTube.. | ||
+ | | W3c, IETF | ||
+ | | censorship; silos; walled gardens; commercialization, consumerism; | ||
+ | | technically: httpS, SSL, TLS; Tor; <br> politically: activism, digital human rights; associations of users; | ||
+ | | torrent! p2p! alternative social media! | ||
+ | |- | ||
+ | |6 | ||
+ | | Presentation | ||
+ | | HTML, CSS, JSON | ||
+ | | | ||
+ | | | ||
+ | | | ||
+ | | | ||
+ | | | ||
+ | | | ||
+ | | | ||
+ | |- | ||
+ | |5 | ||
+ | | Session | ||
+ | | BGP (actually layer 7...) | ||
+ | | routing: exchanging AS reachability info via gossip: based on trust & peering agreements! <br> physical routers by routers: Cisco/Juniper (commercial monopolists ;-) | ||
+ | | Large ISPs; Tier1 / Tier2 ; IXPs!! RIRs give out AS numbers | ||
+ | | "routing-wg" @ RIPE; *NOGs! (nano, nlnog, grnog; peering forums; Euro-IX); IETF; Open-Source community ; hackers | ||
+ | | "route hijacks", government regulation & takeover (killer switch), hierarchies; | ||
+ | | technically: BGPsec, IRR, RPKI; <br> politically: influencing governance | ||
+ | | p2p protocols, Betman [xx]; MPLS, SDN; Tor?! | ||
+ | | | ||
+ | |- | ||
+ | |4 | ||
+ | | Transport | ||
+ | | UDP -> e.g. DNS (see above!) | ||
+ | | www.belastingdiest.nl | ||
+ | | User; Registrar, Registry, ccTLD, gTLD, ICANN, US government! | ||
+ | | DNS OARC, IETF, root-nameserver operators, ICANN, IGF/UN/ITU | ||
+ | | "balkanisation", US hegemony; internationalization; censorship; | ||
+ | | technically: DNSSEC, DANE ; Tor; <br> politically: participating in governance | ||
+ | | Alternative trees; blockchain (namecoin); etc | ||
+ | | | ||
+ | |- | ||
+ | |3 | ||
+ | | Network | ||
+ | | Internet / IP | ||
+ | | ifconfig; IPv4, NAT, 10.10.10.10, IPv6 | ||
+ | | no-one: IP addresses are "leased"! <br> (PI,PA,LIR,RIR,IANA,IETF) | ||
+ | | RIR PDP, IANA, IETF | ||
+ | | hierarchy, run-out, incompatibility, market forces; surveillance | ||
+ | | IPSec | ||
+ | | Blockchain? GSM? Radio? | ||
+ | | | ||
+ | |- | ||
+ | |2 | ||
+ | | Data-link | ||
+ | | | ||
+ | | MAC addresses, Ethernet device drivers, WiFi drivers | ||
+ | | licensed to users | ||
+ | | Broadcom, Realtech, INTEL.. | ||
+ | | patents, closed source, Intellectual Property Laws | ||
+ | | open source SW, open HW | ||
+ | | ?! | ||
+ | |- | ||
+ | ! rowspan="2" | 1 | ||
+ | ! rowspan="2" | Physical | ||
+ | | Network connections | ||
+ | | Ethernet cables, WiFi antennas, fibers, satellites, satellite dishes, base-stations, under-sea cables ; POTS (old-fashioned phones -> BBS, dialup) | ||
+ | | Individuals <br> communities, ISP, "carriers", corporations, governments, | ||
+ | | Hackers <br> commercial companies, governments | ||
+ | | "ownership" models; hierarchy of server-client model; pollution & distraction of Earth; surveillance | ||
+ | | commoning; shared infrastructure; development of sustainable technologies (?!), recycling; awareness & activism | ||
+ | |Community WiFi, Project Loon, Drones | ||
+ | | | ||
+ | |- | ||
+ | |HW - end user equipment | ||
+ | |Computer, tablet, phone... | ||
+ | |User | ||
+ | |Commercial companies: Apple, Siemens, Samsung... | ||
+ | |Un-ethical manufacturing, security backdoors, pollution caused by e-waste disposal, | ||
+ | |Hard: | ||
+ | |Open HW movement; fair-phone; DIY, Repair Cafes, fair-trade... | ||
+ | | | ||
+ | |- | ||
+ | |} | ||
==Security, Privacy, Avoiding Censorship== | ==Security, Privacy, Avoiding Censorship== | ||
Line 80: | Line 522: | ||
[[P2pbgpsec#Technical_view]] | [[P2pbgpsec#Technical_view]] | ||
− | November 2014: Nature will have the last word, on Future of Technology, RIPE69 | + | November 2014: Nature will have the last word, on Future of Technology, RIPE69 , London |
https://wiki.techinc.nl/index.php/File:Nature-speaking-on-future_of_the_internet-RIPE69.pdf | https://wiki.techinc.nl/index.php/File:Nature-speaking-on-future_of_the_internet-RIPE69.pdf | ||
Line 88: | Line 530: | ||
** [[Hackers_tribes#Internet.2C_Electrical_Energy_Efficiency.2C_Pollution]] | ** [[Hackers_tribes#Internet.2C_Electrical_Energy_Efficiency.2C_Pollution]] | ||
** [[Hackers_tribes#Against_Anthropocentrism]] | ** [[Hackers_tribes#Against_Anthropocentrism]] | ||
+ | ** [[Hackers_tribes#Decolonising_Internet]] Decolonising | ||
− | Playfull: Internet Simulator: https://github.com/nsec/the-internet | + | * Playfull: Internet Simulator: https://github.com/nsec/the-internet |
− | + | * Alternative Network Deployments: Taxonomy, characterization, technologies and architectures | |
+ | https://www.ietf.org/id/draft-irtf-gaia-alternative-network-deployments-04.txt | ||
− | + | * The Critical Engineering Manifesto: https://www.criticalengineering.org/ | |
− | + | ||
− | + | * August 2020: The Internet is for the End User (RFC8890) & https://labs.ripe.net/Members/becha/the-internet-is-for-empowerment-of-end-users | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | = | + | =Next topics= |
− | == | + | ===Internet Governance=== |
See this lecture : [[Internet_Governance_Digital_Culture#Internet_Governance]] | See this lecture : [[Internet_Governance_Digital_Culture#Internet_Governance]] | ||
Line 137: | Line 549: | ||
[[Internet_Governance_and_hackers]] | [[Internet_Governance_and_hackers]] | ||
− | = | + | ===Traceroute Much?=== |
+ | |||
+ | [[User:Becha/InternetPlumbing/Traceroute_Much]] | ||
+ | |||
+ | ===Linux Install Fest!=== | ||
+ | |||
+ | https://wiki.techinc.nl/index.php/User:Becha/unixoid_xkcd | ||
+ | |||
+ | ===Lectures to be made in the future=== | ||
+ | |||
+ | [[User:Becha/DeeperIPv6]] | ||
+ | |||
+ | [[User:Becha/DeeperBGP]] | ||
+ | |||
+ | [[User:Becha/DeeperDNS]] | ||
+ | |||
+ | ===Misc=== | ||
+ | |||
+ | * Measurements & [[RIPE_Atlas_probes_at_hackerspaces]] | ||
+ | |||
+ | * Alternative networks: [[MeshNet]] | ||
+ | |||
+ | * It shouldn't be hard: http://www.explainxkcd.com/wiki/index.php/1349:_Shouldn%27t_Be_Hard // http://www.xkcd.com/1349/ | ||
+ | |||
+ | ====Other resources for learning==== | ||
+ | |||
+ | * ‘STEM-in-a-handbag kit’ https://atlasofthefuture.org/project/waaw-foundation/ | ||
+ | ** http://waawfoundation.org/stem-in-a-handbag-kits/ | ||
+ | |||
+ | * "Internet in a Bottle" | ||
+ | |||
+ | * "Pocket Internet" https://github.com/inognet/pocketinternet | ||
+ | |||
+ | * https://wiki.techinc.nl/index.php/MeshNet#Education | ||
+ | |||
+ | * Command-Line: CLI | ||
+ | ** https://criticalengineering.org/courses/cli/ | ||
+ | ** http://www.selenasmall.com/command-line-mac-os-x/ | ||
+ | |||
+ | * Learn to code / coding / programming : https://wiki.techinc.nl/Ladies_Night#Learn_to_code | ||
+ | |||
+ | =5G= | ||
+ | |||
+ | |||
+ | [[/5G]] = https://wiki.techinc.nl/User:Becha/InternetPlumbing/5G |
Latest revision as of 14:07, 18 June 2024
Contents
Lectures at Hacking Feminism
Fist lecture in this series:
- 6 April 2016, 8PM
- At LAG
- By Becha
- https://wiki.laglab.org/Hacking_Feminism
GOALS:
- Empower each-other with knowledge
- Learn the basics technical concepts of underlying Internet works
- Discover & emphesise roles of women
- Practice & get our hands dirty
- Work on the alternatives together!
- Personal goals: learn by teaching; develop series of lectures; practice practice practice!
- What's your goals?
Internet Plumbing
Internet Plumbing is a word-game with multiple layers of meaning (ha! a recursive pun ;-)
Internet As a Series of Tubes
- https://en.wikipedia.org/wiki/Series_of_tubes
- Andrew Blum 2012 book " Tubes: A Journey to The Center of The Internet" , starts with the squirrel that ruins his Internet (connection/tube).
- http://knowyourmeme.com/memes/series-of-tubes
- http://www.submarinecablemap.com/
Ubiquitous and complicated as plumbing?
- Internet as a utility
- just like "plumbing" (water & sewage), there is underlying "technology" to it, so complex, that no-one seems to grasp how all of it works
- 60% of the population of the planet does NOT have "teh Internets", and 30% does not have plumbing either (http://www.un.org/waterforlifedecade/sanitation.shtml)
- Mary Midgley: "Utopias, dolphins, and computers - problems in philosophical plumbing "
https://openlibrary.org/books/OL968959M/Utopias_dolphins_and_computers
Women's role
- Women in history of computing, engineering, internet
- Female_experts -- Women who wrote about Internet: history, hacking, ethics, (hack)tivism, governance, economy, (anti)capitalism , climate change, philosophy
- Ladies_Night#Gender_gap_in_tech
- Ladies_Night#Increasing_the_gender_diversity
- Ladies_Night#Anti-capitalism
- Geek/cyber feminism: Ladies_Night#Feminism
Participate, take action, join
- contribute to this wiki page
- learn more!
- join mailing lists discussions for technical policy development & Internet governance
- learn to code & take part in FLOSS community
- join a hackerspace
- teach your skills to others
- contact me: BECHA @ xs4all dot nl // @Ms_Multicolor
Basics
Internet is network of networks
Step by step
Local networks
- "Small network" -- computers "talking" to each other
- Local Area Network = LAN
- With cables (ethernet), or Wireless (WiFi)
- How do they find each other? using unique numbers: MAC (ethernet) address (layer 2), translated by ARP (MAC to IP address)
IP addresses
- About IP (Internet Protocol) addresses
- binary numbers, written as decimal (IPv4) or hexadecimal (IPv6)
- Can be "public" or "private" (=local)
- What is the format?
Exercise!! (ifconfig)
- Typical / mainstream home (or small office) network
- Private IP addresses
- NAT = Network Address Translation - translated from multiple private to (usually) one public IP address
- Home router is (usually) a gateway, firewall, and NAT box at the same time
- ... and because of IPv4 exhaustion there is also double-NAT aka NAT444
10.0.0.0 - 10.255.255.255 (10/8 prefix) 172.16.0.0 - 172.31.255.255 (172.16/12 prefix) 192.168.0.0 - 192.168.255.255 (192.168/16 prefix)
- Video on NAT: https://www.youtube.com/watch?v=QBqPzHEDzvo (not to watch during the lesson...)
- Further reading about IPv6: User:Becha/DeeperIPv6
- Where do the IP addresses come from?
- Hierarchical distribution (see charts)
- Principles: fairness, aggregation, conservation, registration
- Used to be "needs based", now open to "market forces"
- Policies for distribution ("rules") are developed in open, transparent, bottom-up process
- IPv4 is "legacy", has run out - but is still DE FACTO THE ONLY STANDARD in use!
Inter-connecting and Routing
- Connecting "to the Internet"
- usually through commercial ISP (Internet Service Provider): dial-up, fibre, ... modem or router.
- "free Wifi"
- over mobile!
- alternatively: community-mesh-peer-to-peer : MeshNet
- ISPs connecting with each other
- ISPs are "autonomous networks" (autonomous from each other)
- Using BGP and AS numbers https://en.wikipedia.org/wiki/Border_Gateway_Protocol
- routing = finding a "path" between networks
- Advanced concepts: announcing, prefix, route,
- Monty Python's "Life of Brian": Funny way to illustrate BGP hijacking:
Judith: Release Brian! Pilates: I shall... "welease" "Bwian"! ... Guard: Where is Brian of Nazareth? I have an order for his release. Brian: ... You stupid bastards! Joker: Uh, I'm Brian of Nazareth. Brian: What? Joker: Yeah, I'm Brian of Nazareth. Guard: Take him down. Brian: I'm Brian of Nazareth! random slave: I'm Brian! Another random slave: I'm Brian! Rich merchant: I'm Brian, and so's my wife! Guard (pointing to Joker): Take him away and release him. Joker: No, I'm only joking. I'm not really Brian. I'm only pulling your leg. It's a joke! I'm not him! Guard (hits him) Joker: Bloody Romans. Can't take a joke.
- Later on: User:Becha/DeeperBGP
Exercise!! (ping) & Video!!! (https://www.youtube.com/watch?v=IzLPKuAOe50) (Youtube taken over / hijacked by Pakistan Telekom)
- Relationships between "providers"
- direct peering: between more-less same size & same "importance" ISPs
- usually at IXP (Internet eXchange Point, e.g. Ams-IX, LINX...)
- "buying transit" from a "national Telco", usually
- large providers and carriers create a "backbone"
- Further reading: Social scientist explains: Uta Meier-Hahn
- Internet Interconnection: Networking in Uncertain Terrain https://labs.ripe.net/Members/uta_meier_hahn/internet-interconnection-networking-in-uncertain-terrain
- The Regulatory Conditions of IP Interconnection 2016 https://labs.ripe.net/Members/uta_meier_hahn/the-regulatory-conditions-of-ip-interconnection
- October 2016: the death of transit? https://blog.apnic.net/2016/10/28/the-death-of-transit/
Video!!! "Internet Revealed, a movie about IXPs" https://www.youtube.com/watch?v=QuBde4Sn3f0
Domain Name System
- How do humans find services on the Internet? -> BY NAME!
- numbers (IP addresses) are translated to names by DNS
- web-sites, servers, services have DNS "names"
- hierarchical distribution of names
- Advanced concepts: resolver, cashing, primary & secondary name-servers, master-slave, recursive resolver, labels, zones, A & AAAA records
- DNS with NAT
Exercise!!
- COMIC BOOK by "Simple" DNS: https://howdns.works/
- Much later: User:Becha/DeeperDNS
- Video / movie: "From .yu to .me" https://vimeo.com/95833310
- Funny facts: https://www.netmeister.org/blog/tlds.html
Exercises
User:Becha/InternetPlumbing/Exercises
Videos
- youtube hijack
- How IXP's work
- Net of Rights
Want to learn more?
- ISOC on-line course: https://www.internetsociety.org/what-we-do/inforum-learn-online/inforum-course-introduction-network-operations
- RIPE NCC training materials are free to use: https://ripe.net/training
- See also "resources"
- "Lesson 8: The Internet Is for Everyone" https://curriculum.code.org/csp-18/unit1/8/#:~:text=He%20wrote%20a%20memo%20entitled,%2C%20gender%2C%20creed%2C%20location%2C
- CS Principles 2020-2021 https://curriculum.code.org/csp-20/
Networking Principles
Concepts
- packets & packet switching
- encapsulation
- layered network model
- (open) protocols & (open) standards
- end-to-end principle
- ports
- server/client architecture
- cryptography
Comparing OSI & TCP / IP layers
Original borrowed from: https://en.wikipedia.org/wiki/OSI_model
TCP / IP Model | OSI Model | |||
---|---|---|---|---|
Layer | OSI Layer | Protocol data unit (PDU) | Function | Examples |
Application | 7. Application | Data | High-level APIs, including resource sharing, remote file access, directory services and virtual terminals | TLS, FTP, HTTP, HTTPS, SMTP, SSH, Telnet, BGP! |
6. Presentation | Translation of data between a networking service and an application; including character encoding, data compression and encryption/decryption | CSS, GIF, HTML, XML, JSON | ||
Transport | 5. Session | Managing communication sessions, i.e. continuous exchange of information in the form of multiple back-and-forth transmissions between two nodes | RPC, SCP, NFS, PAP, | |
4. Transport | Segment (TCP) / Datagram (UDP) | Reliable transmission of data segments between points on a network, including segmentation, acknowledgement and multiplexing | NBF, TCP, UDP | |
Network / Internet |
3. Network | Packet | Structuring and managing a multi-node network, including addressing, routing and traffic control | AppleTalk, ICMP, IPsec, IPv4, IPv6 |
Link layer |
2. Data link | Frame | Reliable transmission of data frames between two nodes connected by a physical layer | IEEE 802.2, L2TP, LLDP, MAC, PPP, ATM, MPLS |
1. Physical | Bit | Transmission and reception of raw bit streams over a physical medium | DOCSIS, DSL, Ethernet physical layer, ISDN, USB |
Cross-layer functions:
- ARP is used to translate IPv4 addresses (OSI layer 3) into Ethernet MAC addresses (OSI layer 2).
- Domain Name Service is an Application Layer service which is used to look up the IP address of a given domain name. Once a reply is received from the DNS server, it is then possible to form a Layer 3 connection to the third-party host.
- etc
Resources
Many many more resources: books, videos:
Links:
- http://en.flossmanuals.net/bypassing-censorship/ch006_chapter-1-how/
- https://en.wikipedia.org/wiki/Internet_protocol_suite
- http://what-when-how.com/data-communications-and-networking/network-and-transport-layers-data-communications-and-networking/
- http://what-when-how.com/data-communications-and-networking/network-models-data-communications-and-networking/
- http://www.laneye.com/network/how-network-works/mac-address-and-ip-address-relationship.htm
- https://www.amplicon.com/building/networking-principles.cfm#ip
- DNS & CDNs: Internet plumbing: Think globally, route locally, Mar 16th 2011, http://www.economist.com/node/21016766/print
Wonderful site for teaching Internet concepts to children: http://networks.land/
Acronyms!
RIPE NCC Glossary: https://www.ripe.net/participate/member-support/new-member/ncc_glossary_print.pdf/at_download/file
- TCP/IP
- IPv4, IPv6: Internet Protocol (IP) addresses
- NAT: Network Address Translation
- DNS: Domain Name System
- ASN: Autonomous System Number
- used for BGP routing (Border Gateway Protocol)
- IXP: Internet eXchange Point
- SMTP
- HTTP
- CDN
Advanced topics
Layers as an allegory
Left: OSI Model T-shirt enhanced to include an 8th and 9th layer as defined by Evi Nemeth: https://en.wikipedia.org/wiki/Evi_Nemeth // (old, broken link -> https://www.isc.org/product/isc-9-layer-osi-model-cotton-t-shirt/ )
https://shop.isc.org/collections/shirts/products/osi-9-layer-model-t-shirt-1
(TODO: add ISC reference to Evi's wikipedia page!!)
Right: back of the T-shirt from the IETF75 in Stockholm, 2005
ABSTRACTION
Explaining complex concepts using layers is a useful abstraction.
Goal here is to illustrate layers by practical examples, and point out owners, developers, dangers, mitigations & alternatives.
This is not exactly technically correct, for the detail oriented people!
Number | Layer name | Example | Practically | Owner | Developed by | Vulnerabilities / Dangers | Mitigation / Securing | Alternatives | |
9 | Organisation / Political | (Internet) Governance | technical community, civil society, governments | IGF (Internet Governance Forum), UN, ITU, IETF, ICANN, | awareness, take part! | someone will build a new *net, AlterNet :-) | |||
8 | Individual / Financial | Operating System (OS) + choice of software | Linux, FreeBSD, Minix...; iOS, Android, Windows... | User! | programmers & developers: FLOSS community; Apple, Google,Micro$oft |
backdoors, surveillance, spying on users; lock-in; monopoly; | community participation; unionization of programmers; see articles here [yy] | knowledge, self-empowerment, solidarity | |
7 | Application | 7.3 -> VoIP | skype | ||||||
---|---|---|---|---|---|---|---|---|---|
7.2 -> SMTP | |||||||||
7.1 HTTP: web, WWW | web sites! LoLCats! | individuals, on their own servers! blogs (blogspot?), mainstream media, hosting companies; CDNs (Akamai, Amazon...); corporations: Google, Facebook, Twitter... YouTube.. |
W3c, IETF | censorship; silos; walled gardens; commercialization, consumerism; | technically: httpS, SSL, TLS; Tor; politically: activism, digital human rights; associations of users; |
torrent! p2p! alternative social media! | |||
6 | Presentation | HTML, CSS, JSON | |||||||
5 | Session | BGP (actually layer 7...) | routing: exchanging AS reachability info via gossip: based on trust & peering agreements! physical routers by routers: Cisco/Juniper (commercial monopolists ;-) |
Large ISPs; Tier1 / Tier2 ; IXPs!! RIRs give out AS numbers | "routing-wg" @ RIPE; *NOGs! (nano, nlnog, grnog; peering forums; Euro-IX); IETF; Open-Source community ; hackers | "route hijacks", government regulation & takeover (killer switch), hierarchies; | technically: BGPsec, IRR, RPKI; politically: influencing governance |
p2p protocols, Betman [xx]; MPLS, SDN; Tor?! | |
4 | Transport | UDP -> e.g. DNS (see above!) | www.belastingdiest.nl | User; Registrar, Registry, ccTLD, gTLD, ICANN, US government! | DNS OARC, IETF, root-nameserver operators, ICANN, IGF/UN/ITU | "balkanisation", US hegemony; internationalization; censorship; | technically: DNSSEC, DANE ; Tor; politically: participating in governance |
Alternative trees; blockchain (namecoin); etc | |
3 | Network | Internet / IP | ifconfig; IPv4, NAT, 10.10.10.10, IPv6 | no-one: IP addresses are "leased"! (PI,PA,LIR,RIR,IANA,IETF) |
RIR PDP, IANA, IETF | hierarchy, run-out, incompatibility, market forces; surveillance | IPSec | Blockchain? GSM? Radio? | |
2 | Data-link | MAC addresses, Ethernet device drivers, WiFi drivers | licensed to users | Broadcom, Realtech, INTEL.. | patents, closed source, Intellectual Property Laws | open source SW, open HW | ?! | ||
1 | Physical | Network connections | Ethernet cables, WiFi antennas, fibers, satellites, satellite dishes, base-stations, under-sea cables ; POTS (old-fashioned phones -> BBS, dialup) | Individuals communities, ISP, "carriers", corporations, governments, |
Hackers commercial companies, governments |
"ownership" models; hierarchy of server-client model; pollution & distraction of Earth; surveillance | commoning; shared infrastructure; development of sustainable technologies (?!), recycling; awareness & activism | Community WiFi, Project Loon, Drones | |
HW - end user equipment | Computer, tablet, phone... | User | Commercial companies: Apple, Siemens, Samsung... | Un-ethical manufacturing, security backdoors, pollution caused by e-waste disposal, | Hard: | Open HW movement; fair-phone; DIY, Repair Cafes, fair-trade... |
Security, Privacy, Avoiding Censorship
- IPSec
- DNSSEC
- BGP security & plumbing:
- User Self-help:
Alternatives
MeshNet: "Hackers and philosophers building an utopia together": http://becha.home.xs4all.nl/hackers-philosophers-utopian-network-dec-2012-becha.pdf
November 2014: Nature will have the last word, on Future of Technology, RIPE69 , London https://wiki.techinc.nl/index.php/File:Nature-speaking-on-future_of_the_internet-RIPE69.pdf
UnCivilization: critical thinking about Internet & capitalism: https://lists.puscii.nl/wws/info/uncivilization
- Playfull: Internet Simulator: https://github.com/nsec/the-internet
- Alternative Network Deployments: Taxonomy, characterization, technologies and architectures
https://www.ietf.org/id/draft-irtf-gaia-alternative-network-deployments-04.txt
- The Critical Engineering Manifesto: https://www.criticalengineering.org/
- August 2020: The Internet is for the End User (RFC8890) & https://labs.ripe.net/Members/becha/the-internet-is-for-empowerment-of-end-users
Next topics
Internet Governance
See this lecture : Internet_Governance_Digital_Culture#Internet_Governance
Internet_Governance_and_hackers
Traceroute Much?
User:Becha/InternetPlumbing/Traceroute_Much
Linux Install Fest!
https://wiki.techinc.nl/index.php/User:Becha/unixoid_xkcd
Lectures to be made in the future
Misc
- Measurements & RIPE_Atlas_probes_at_hackerspaces
- Alternative networks: MeshNet
- It shouldn't be hard: http://www.explainxkcd.com/wiki/index.php/1349:_Shouldn%27t_Be_Hard // http://www.xkcd.com/1349/
Other resources for learning
- ‘STEM-in-a-handbag kit’ https://atlasofthefuture.org/project/waaw-foundation/
- "Internet in a Bottle"
- "Pocket Internet" https://github.com/inognet/pocketinternet
- Command-Line: CLI
- Learn to code / coding / programming : https://wiki.techinc.nl/Ladies_Night#Learn_to_code
5G
/5G = https://wiki.techinc.nl/User:Becha/InternetPlumbing/5G