Difference between revisions of "User:Becha/InternetPlumbing"

From Technologia Incognita
Jump to: navigation, search
(Overview)
(Domain Name System)
 
(102 intermediate revisions by the same user not shown)
Line 1: Line 1:
[[File:Hacking-feminism-screenshot.png|300px|right]]
+
[[File:Hacking-feminism-screenshot.png|400px|right]]
  
=Lecture at Hacking Feminism=
+
=Lectures at Hacking Feminism=
  
 +
Fist lecture in this series:
 
* 6 April 2016, 8PM
 
* 6 April 2016, 8PM
 +
* At LAG
 
* By '''[[User:Becha|Becha]]'''
 
* By '''[[User:Becha|Becha]]'''
 
* https://wiki.laglab.org/Hacking_Feminism
 
* https://wiki.laglab.org/Hacking_Feminism
 +
 +
GOALS:
 +
* Empower each-other with knowledge
 +
* Learn the basics technical concepts of underlying Internet works
 +
* Discover & emphesise roles of women
 +
* Practice & get our hands dirty
 +
* Work on the alternatives together!
 +
* Personal goals: learn by teaching; develop series of lectures; practice practice practice!
 +
* What's your goals?
  
 
=Internet Plumbing=
 
=Internet Plumbing=
Line 11: Line 22:
 
Internet Plumbing is a word-game with multiple layers of meaning (ha! a recursive pun ;-)  
 
Internet Plumbing is a word-game with multiple layers of meaning (ha! a recursive pun ;-)  
  
[[File:women role models in computing.jpg|right|300px]]
+
[[File:Squirrel eating cable.jpg|200px|right]]
  
===Series of Tubes===
+
===Internet As a Series of Tubes===
  
 
* https://en.wikipedia.org/wiki/Series_of_tubes
 
* https://en.wikipedia.org/wiki/Series_of_tubes
* http://www.salon.com/2012/05/28/tubes_what_the_internet_is_made_of/
+
* Andrew Blum 2012 book " Tubes: A Journey to The Center of The Internet" , starts with the squirrel that ruins his Internet (connection/tube).  
 
* http://knowyourmeme.com/memes/series-of-tubes
 
* http://knowyourmeme.com/memes/series-of-tubes
* http://www.submarinecablemap.com/  
+
* http://www.submarinecablemap.com/
  
 
===Ubiquitous and complicated as plumbing?===
 
===Ubiquitous and complicated as plumbing?===
Line 25: Line 36:
 
* just like "plumbing" (water & sewage), there is underlying "technology" to it, so complex, that no-one seems to grasp how all of it works  
 
* just like "plumbing" (water & sewage), there is underlying "technology" to it, so complex, that no-one seems to grasp how all of it works  
 
* 60% of the population of the planet does NOT have "teh Internets", and 30% does not have plumbing either (http://www.un.org/waterforlifedecade/sanitation.shtml)
 
* 60% of the population of the planet does NOT have "teh Internets", and 30% does not have plumbing either (http://www.un.org/waterforlifedecade/sanitation.shtml)
 +
* Mary Midgley: "Utopias, dolphins, and computers - problems in philosophical plumbing "
 +
https://openlibrary.org/books/OL968959M/Utopias_dolphins_and_computers
 +
 +
[[File:women role models in computing.jpg|right|300px]]
 +
 +
===Women's role===
 +
 +
* [[Ladies_Night/women_in_history_of_STEM | Women in history of computing, engineering, internet]]
 +
* [[Female_experts]]  -- Women who wrote about Internet: history, hacking, ethics, (hack)tivism,  governance, economy, (anti)capitalism , climate change, philosophy
 +
* [[Ladies_Night#Gender_gap_in_tech]]
 +
* [[Ladies_Night#Increasing_the_gender_diversity]]
 +
* [[Ladies_Night#Anti-capitalism]]
 +
* Geek/cyber feminism: [[Ladies_Night#Feminism]]
 +
 +
==Participate, take action, join==
 +
 +
* contribute to this wiki page
 +
* learn more!
 +
* join mailing lists discussions for technical policy development & Internet governance
 +
* learn to code & take part in FLOSS community
 +
* join a hackerspace
 +
* teach your skills to others
 +
 +
* contact me: BECHA @ xs4all dot nl // @Ms_Multicolor
 +
 +
=Basics=
 +
 +
Internet is network of networks
 +
 +
==Step by step==
 +
 +
[[File:Addressing-basics.png|300px|right]]
 +
 +
===Local networks===
 +
 +
* "Small network" -- computers "talking" to each other
 +
** Local Area Network = LAN
 +
** With cables (ethernet), or Wireless (WiFi)
 +
** How do they find each other? using unique numbers: MAC (ethernet) address (layer 2), translated by ARP (MAC to IP address)
 +
 +
[[File:750px-Ipv4 address.svg.png|300px|right ]]
 +
 +
===IP addresses===
 +
 +
* About IP (Internet Protocol) addresses
 +
** binary numbers, written as decimal (IPv4) or hexadecimal (IPv6)
 +
** Can be "public" or "private" (=local) 
 +
** What is the format?
 +
 +
'''Exercise!!''' (ifconfig)
 +
 +
* Typical / mainstream home (or small office) network
 +
** Private IP addresses 
 +
** NAT = Network Address Translation - translated from multiple private to (usually) one public IP address
 +
** Home router is (usually) a gateway, firewall, and NAT box at the same time
 +
** ... and because of IPv4 exhaustion there is also double-NAT aka NAT444
 +
 +
    10.0.0.0        -  10.255.255.255  (10/8 prefix)
 +
    172.16.0.0      -  172.31.255.255  (172.16/12 prefix)
 +
    192.168.0.0    -  192.168.255.255 (192.168/16 prefix)
 +
 +
[[File:TheNAT444Model1.jpg|right|300px]]
 +
 +
[[File:Nat-images.png]]
  
 +
* Video on NAT: https://www.youtube.com/watch?v=QBqPzHEDzvo (not to watch during the lesson...)
 +
* Further reading about IPv6:  [[User:Becha/DeeperIPv6]]
  
==Acronyms!==
+
[[File:Where do they come from.png|300px]]
 +
 
 +
* Where do the IP addresses come from?
 +
** Hierarchical distribution (see charts)
 +
** Principles: fairness, aggregation, conservation, registration
 +
** Used to be "needs based", now open to "market forces"
 +
** Policies for distribution ("rules") are developed in open, transparent, bottom-up process
 +
** IPv4 is "legacy", has run out - but is still DE FACTO THE ONLY STANDARD in use!
 +
 
 +
[[File:Ipv4-space-distribution.png|300px]]
 +
 
 +
===Inter-connecting and Routing===
 +
 
 +
[[File:Isps.png|right|200px]]
 +
 
 +
* Connecting "to the Internet"
 +
** usually through commercial ISP (Internet Service Provider): dial-up, fibre, ... modem or router.
 +
** "free Wifi"
 +
** over mobile!  
 +
** alternatively: community-mesh-peer-to-peer : [[MeshNet]]
 +
 
 +
* ISPs connecting with each other
 +
** ISPs are "autonomous networks" (autonomous from each other)
 +
** Using BGP and AS numbers https://en.wikipedia.org/wiki/Border_Gateway_Protocol
 +
** routing = finding a "path" between networks
 +
** Advanced concepts: announcing, prefix, route,
 +
 
 +
* Monty Python's "Life of Brian": Funny way to illustrate BGP hijacking:
 +
** https://youtu.be/OMtoGj0dcSo?t=213
 +
** https://youtu.be/CcSOr0HHmbo?t=4338
 +
** http://montypython.50webs.com/scripts/Life_of_Brian/35.htm
 +
 
 +
Judith: Release Brian!
 +
Pilates: I shall... "welease" "Bwian"!
 +
...
 +
Guard: Where is Brian of Nazareth? I have an order for his release.
 +
Brian: ... You stupid bastards!
 +
Joker: Uh, I'm Brian of Nazareth.
 +
Brian: What?
 +
Joker: Yeah, I'm Brian of Nazareth.
 +
Guard: Take him down.
 +
Brian: I'm Brian of Nazareth!
 +
random slave: I'm Brian!
 +
Another random slave: I'm Brian!
 +
Rich merchant: I'm Brian, and so's my wife!
 +
Guard (pointing to Joker): Take him away and release him.
 +
Joker: No, I'm only joking. I'm not really Brian.  I'm only pulling your leg. It's a joke! I'm not him!
 +
Guard (hits him)
 +
Joker: Bloody Romans. Can't take a joke.
 +
 
 +
 
 +
* Later on: [[User:Becha/DeeperBGP]]
 +
 
 +
[[File:Becha-Autonomous-system.png | 400px ]]
 +
 
 +
'''Exercise!!''' (ping)  & '''Video!!!''' (https://www.youtube.com/watch?v=IzLPKuAOe50) (Youtube taken over / hijacked by Pakistan Telekom)
 +
 
 +
[[File:With-ixp.png|300px|right]]
 +
 
 +
* Relationships between "providers"
 +
** direct peering: between more-less same size & same "importance" ISPs
 +
** usually at  IXP (Internet eXchange Point, e.g. Ams-IX, LINX...)
 +
** "buying transit" from a "national Telco", usually
 +
** large providers and carriers create a "backbone"
 +
 
 +
* Further reading: Social scientist explains: Uta Meier-Hahn
 +
** Internet Interconnection: Networking in Uncertain Terrain https://labs.ripe.net/Members/uta_meier_hahn/internet-interconnection-networking-in-uncertain-terrain
 +
** The Regulatory Conditions of IP Interconnection 2016 https://labs.ripe.net/Members/uta_meier_hahn/the-regulatory-conditions-of-ip-interconnection
 +
** October 2016: the death of transit? https://blog.apnic.net/2016/10/28/the-death-of-transit/
 +
 
 +
'''Video!!!''' "Internet Revealed, a movie about IXPs" https://www.youtube.com/watch?v=QuBde4Sn3f0
  
[[File:protocol stack hourglass 1.jpeg|200px|right]] 
+
===Domain Name System===
  
* TCP/IP
+
[[File:500px-An_example_of_theoretical_DNS_recursion-nl.svg.png|right|500px]]
* IPv4, IPv6: Internet Protocol (IP) addresses
 
* NAT: Network Address Translation
 
* DNS: Domain Name System
 
* ASN: Autonomous System Number
 
** used for BGP routing (Border Gateway Protocol)
 
* IXP: Internet eXchange Point
 
* SMTP
 
* HTTP
 
* CDN
 
  
==Basics==
+
* How do '''humans''' find services on the Internet? -> BY NAME!
 +
** numbers (IP addresses) are translated to names by DNS
 +
** web-sites, servers, services have DNS "names"
 +
** hierarchical distribution of names
 +
** Advanced concepts: resolver, cashing, primary & secondary name-servers, master-slave, recursive resolver, labels, zones, A & AAAA records
  
[[File:500px-An_example_of_theoretical_DNS_recursion-nl.svg.png|500px]] [[File:Becha-Autonomous-system.png | 400px ]]
 
  
https://en.wikipedia.org/wiki/Border_Gateway_Protocol
+
* DNS with NAT
  
[[File:More-dolls-fig2.jpg|200px]] [[File:Networking-fig3.jpg|200px]] [[File:Email-tmp3163.jpg|300px]] [[File:Best-tmp314.jpg|300px]]  
+
[[File:Network Address Translation (file2).jpg|right|500px]]
  
Many many more resources: books, videos:
+
'''Exercise!!'''
* [[Internet_Governance_and_hackers#How_does_the_Internet_work]]
 
  
Links:
+
* COMIC BOOK by "Simple" DNS: https://howdns.works/  
* http://en.flossmanuals.net/bypassing-censorship/ch006_chapter-1-how/
 
* https://en.wikipedia.org/wiki/Internet_protocol_suite
 
* http://what-when-how.com/data-communications-and-networking/network-and-transport-layers-data-communications-and-networking/
 
* http://what-when-how.com/data-communications-and-networking/network-models-data-communications-and-networking/
 
* http://www.laneye.com/network/how-network-works/mac-address-and-ip-address-relationship.htm
 
* https://www.amplicon.com/building/networking-principles.cfm#ip
 
* DNS & CDNs: Internet plumbing: Think globally, route locally, Mar 16th 2011, http://www.economist.com/node/21016766/print
 
  
==Security, Privacy, Avoiding Censorship==
+
* Much later: [[User:Becha/DeeperDNS]]
  
* IPSec
+
* Video / movie: "From .yu to .me" https://vimeo.com/95833310
* DNSSEC
 
* BGP security & plumbing:
 
** https://www.blackhat.com/docs/us-15/materials/us-15-Remes-Internet-Plumbing-For-Security-Professionals-The-State-Of-BGP-Security-wp.pdf
 
** https://www.youtube.com/watch?v=po_9p6XxK2E
 
  
* User Self-help:
+
* https://messwithdns.net/
** https://www.takebackthetech.net
 
** https://gendersec.tacticaltech.org/wiki/index.php/Manuals_with_a_gender_perspective
 
** http://hackingwithcare.in/by/ressources/
 
** https://gendersec.tacticaltech.org/wiki/index.php/Complete_manual
 
** http://en.flossmanuals.net/bypassing-censorship/ch007_chapter-2-censorship/
 
  
==Alternatives==
+
* Funny facts: https://www.netmeister.org/blog/tlds.html
  
MeshNet: "Hackers and philosophers building an utopia together": http://becha.home.xs4all.nl/hackers-philosophers-utopian-network-dec-2012-becha.pdf
+
==Exercises==
  
[[MeshNet#Education]]
+
[[User:Becha/InternetPlumbing/Exercises]]
  
[[File:tier0.png|right|200px]]
+
==Videos==
  
[[P2pbgpsec#Technical_view]]
+
* youtube hijack
 +
* How IXP's work
 +
* Net of Rights
  
November 2014: Nature will have the last word, on Future of Technology, RIPE69
+
==Want to learn more?==
https://wiki.techinc.nl/index.php/File:Nature-speaking-on-future_of_the_internet-RIPE69.pdf
 
  
UnCivilization: critical thinking about Internet & capitalism: https://lists.puscii.nl/wws/info/uncivilization
+
* ISOC on-line course: https://www.internetsociety.org/what-we-do/inforum-learn-online/inforum-course-introduction-network-operations
 +
* RIPE NCC training materials are free to use: https://ripe.net/training
 +
* See also "resources"
  
** [[Hackers_tribes#Internet_and_Capitalism]]
+
* "Lesson 8: The Internet Is for Everyone" https://curriculum.code.org/csp-18/unit1/8/#:~:text=He%20wrote%20a%20memo%20entitled,%2C%20gender%2C%20creed%2C%20location%2C
** [[Hackers_tribes#Internet.2C_Electrical_Energy_Efficiency.2C_Pollution]]
 
** [[Hackers_tribes#Against_Anthropocentrism]]
 
  
Playfull: Internet Simulator: https://github.com/nsec/the-internet
+
* CS Principles 2020-2021 https://curriculum.code.org/csp-20/
  
=Overview=
+
=Networking Principles=
  
[[File:Osi-layers-ti-shirt-download.jpeg]]
+
[[File:protocol stack hourglass 1.jpeg|200px|right]]
  
OSI Model T-shirt enhanced to include an 8th and 9th layer as defined by Evi Nemeth: https://en.wikipedia.org/wiki/Evi_Nemeth
+
==Concepts==
  
https://www.isc.org/product/isc-9-layer-osi-model-cotton-t-shirt/
+
[[File:More-dolls-fig2.jpg|200px|right]]
  
(TODO: add ISC reference to Evi's wikipedia page!!)
+
* packets & packet switching
 +
* encapsulation 
 +
* layered network model
 +
* (open) protocols & (open) standards
 +
* end-to-end principle
 +
* ports
 +
* server/client architecture
 +
* cryptography
  
 +
[[File:Networking-fig3.jpg|200px]] [[File:Email-tmp3163.jpg|400px]]
  
==Description of OSI layers==
+
[[File:Tcpip pat.gif|400px]] 
  
Borrowed from: https://en.wikipedia.org/wiki/OSI_model
+
==Comparing OSI & TCP / IP layers==
  
The recommendation X.200 describes seven layers, labeled 1 to 7. Layer 1 is the lowest layer in this model
+
Original borrowed from: https://en.wikipedia.org/wiki/OSI_model
  
 
{| class="wikitable" style="margin: 1em auto 1em auto;"
 
{| class="wikitable" style="margin: 1em auto 1em auto;"
 
|-
 
|-
! colspan="5" | OSI Model
+
| TCP / IP Model
 +
! colspan="4" | OSI Model
 
|-
 
|-
! colspan="2" | Layer
+
| Layer
 +
| OSI Layer
 
! [[Protocol data unit]] (PDU)
 
! [[Protocol data unit]] (PDU)
! style="width:30em;" | Function<ref>{{Cite web | title = The OSI Model's Seven Layers Defined and Functions Explained | work = Microsoft Support | accessdate = 2014-12-28 | url = https://support.microsoft.com/kb/103884}}</ref>
+
! style="width:30em;" | Function
 
! Examples
 
! Examples
 
|-
 
|-
! rowspan="4" | Host<br />layers
+
! rowspan="2" | Application
 
| style="background:#d8ec9b;" | 7.&nbsp;[[Application layer|Application]]
 
| style="background:#d8ec9b;" | 7.&nbsp;[[Application layer|Application]]
 
| style="background:#d8ec9c;" rowspan="3" | [[Data (computing)|Data]]
 
| style="background:#d8ec9c;" rowspan="3" | [[Data (computing)|Data]]
 
| style="background:#d8ec9c;" | <small>High-level [[API]]s, including resource sharing, remote file access, [[directory service]]s and [[virtual terminal]]s</small>
 
| style="background:#d8ec9c;" | <small>High-level [[API]]s, including resource sharing, remote file access, [[directory service]]s and [[virtual terminal]]s</small>
| [[Transport Layer Security|TLS]], [[FTP]], [[HTTP]], [[HTTPS]], [[SMTP]], [[Secure Shell|SSH]], [[Telnet]]
+
| [[Transport Layer Security|TLS]], [[FTP]], [[HTTP]], [[HTTPS]], [[SMTP]], [[Secure Shell|SSH]], [[Telnet]], BGP!
 
|-
 
|-
 
| style="background:#d8ec9b;" | 6.&nbsp;[[Presentation layer|Presentation]]
 
| style="background:#d8ec9b;" | 6.&nbsp;[[Presentation layer|Presentation]]
Line 134: Line 269:
 
| [[CSS]], [[GIF]], [[HTML]], [[XML]], [[JSON]]
 
| [[CSS]], [[GIF]], [[HTML]], [[XML]], [[JSON]]
 
|-
 
|-
 +
! rowspan="2" | Transport
 
| style="background:#d8ec9b;" | 5. [[Session layer|Session]]
 
| style="background:#d8ec9b;" | 5. [[Session layer|Session]]
 
| style="background:#d8ec9b;" | <small>Managing communication [[Session (computer science)|sessions]], i.e. continuous exchange of information in the form of multiple back-and-forth transmissions between two nodes</small>
 
| style="background:#d8ec9b;" | <small>Managing communication [[Session (computer science)|sessions]], i.e. continuous exchange of information in the form of multiple back-and-forth transmissions between two nodes</small>
Line 143: Line 279:
 
| [[NetBIOS Frames protocol|NBF]], [[Transmission Control Protocol|TCP]], [[User Datagram Protocol|UDP]]
 
| [[NetBIOS Frames protocol|NBF]], [[Transmission Control Protocol|TCP]], [[User Datagram Protocol|UDP]]
 
|-
 
|-
! rowspan="3" | Media<br />layers
+
| Network / <br> Internet
 
| style="background:#eddc9c;" | 3. [[Network layer|Network]]
 
| style="background:#eddc9c;" | 3. [[Network layer|Network]]
 
| style="background:#eddc9c;" | [[Network packet|Packet]]
 
| style="background:#eddc9c;" | [[Network packet|Packet]]
Line 149: Line 285:
 
| [[AppleTalk]], [[Internet Control Message Protocol|ICMP]], [[IPsec]], [[IPv4]], [[IPv6]]
 
| [[AppleTalk]], [[Internet Control Message Protocol|ICMP]], [[IPsec]], [[IPv4]], [[IPv6]]
 
|-
 
|-
 +
! rowspan="2" | Link <br> layer
 
| style="background:#e9c189;" | 2. [[Data link layer|Data link]]
 
| style="background:#e9c189;" | 2. [[Data link layer|Data link]]
 
| style="background:#e9c189;" | [[Frame (networking)|Frame]]
 
| style="background:#e9c189;" | [[Frame (networking)|Frame]]
Line 161: Line 298:
 
<!----- {{Clear}} ------->
 
<!----- {{Clear}} ------->
  
{| class="wikitable sortable"
+
Cross-layer functions:
!Layer
+
 
!Example
+
* ARP is used to translate IPv4 addresses (OSI layer 3) into Ethernet MAC addresses (OSI layer 2).
!Practically  
+
* Domain Name Service is an Application Layer service which is used to look up the IP address of a given domain name. Once a reply is received from the DNS server, it is then possible to form a Layer 3 connection to the third-party host.
!Owner
+
* etc
!Developed by
+
 
|Vulnerabilities/Dangers
+
==Resources==
!Securing
+
 
 +
Many many more resources: books, videos:
 +
* [[Internet_Governance_and_hackers#How_does_the_Internet_work]]
 +
 
 +
Links:
 +
* http://en.flossmanuals.net/bypassing-censorship/ch006_chapter-1-how/
 +
* https://en.wikipedia.org/wiki/Internet_protocol_suite
 +
* http://what-when-how.com/data-communications-and-networking/network-and-transport-layers-data-communications-and-networking/
 +
* http://what-when-how.com/data-communications-and-networking/network-models-data-communications-and-networking/
 +
* http://www.laneye.com/network/how-network-works/mac-address-and-ip-address-relationship.htm
 +
* https://www.amplicon.com/building/networking-principles.cfm#ip
 +
* DNS & CDNs: Internet plumbing: Think globally, route locally, Mar 16th 2011, http://www.economist.com/node/21016766/print
 +
 
 +
Wonderful site for teaching Internet concepts to children:
 +
http://networks.land/
 +
 
 +
==Acronyms!==
 +
 
 +
RIPE NCC Glossary: https://www.ripe.net/participate/member-support/new-member/ncc_glossary_print.pdf/at_download/file
 +
 
 +
* TCP/IP
 +
* IPv4, IPv6: Internet Protocol (IP) addresses
 +
* NAT: Network Address Translation
 +
* DNS: Domain Name System
 +
* ASN: Autonomous System Number
 +
** used for BGP routing (Border Gateway Protocol)
 +
* IXP: Internet eXchange Point
 +
* SMTP
 +
* HTTP
 +
* CDN
 +
 
 +
=Advanced topics=
 +
 
 +
 
 +
==Layers as an allegory==
 +
 
 +
[[File:Osi-layers-ti-shirt-download.jpeg|200px]] [[File:Evi nemeth.jpg|300px]] [[File:The art of engineering.png|right|200px]]
 +
 
 +
Left: OSI Model T-shirt enhanced to include an 8th and 9th layer as defined by Evi Nemeth: https://en.wikipedia.org/wiki/Evi_Nemeth //  (old, broken link -> https://www.isc.org/product/isc-9-layer-osi-model-cotton-t-shirt/ )
 +
 
 +
https://shop.isc.org/collections/shirts/products/osi-9-layer-model-t-shirt-1
 +
 
 +
 
 +
(TODO: add ISC reference to Evi's wikipedia page!!)
 +
 
 +
Right: back of the T-shirt from the IETF75 in Stockholm, 2005
 +
 
 +
==ABSTRACTION==
 +
 
 +
[[File:Osi-deployment-layers.png|right|300px]]
 +
 
 +
Explaining complex concepts using layers is a useful abstraction.
 +
 
 +
Goal here is to illustrate layers by practical examples,  and point out '''owners, developers, dangers, mitigations & alternatives.'''
 +
 
 +
This is not exactly technically correct, for the detail oriented people!
 +
 
 +
{|class="wikitable sortable"
 +
|-
 +
| Number
 +
| Layer name
 +
| Example
 +
| Practically
 +
| Owner
 +
| Developed by
 +
| Vulnerabilities / Dangers
 +
| Mitigation / Securing  
 
| Alternatives
 
| Alternatives
 +
|
 
|-
 
|-
|Physical
+
|9
|HW - end user equipment
+
| Organisation / Political
|Computer, tablet, phone... 
+
| (Internet) Governance
|User
+
|  
|Commercial companies: Apple, Siemens, Samsung...
+
| technical community, civil society, governments
|Un-ethical manufacturing, security backdoors, pollution caused by e-waste disposal,  
+
| IGF (Internet Governance Forum), UN, ITU, IETF, ICANN,
|Hard:
+
|  
|Open HW movement; fair-phone; DIY, Repair Cafes, fair-trade...
+
| awareness, take part!
 +
| someone will build a new *net, AlterNet :-)
 
|-
 
|-
 +
|8
 +
| Individual / Financial
 +
| Operating System (OS) + choice of software
 +
| Linux, FreeBSD, Minix...; iOS, Android, Windows...
 +
| User!
 +
| programmers & developers: FLOSS community; <br> Apple, Google,Micro$oft 
 +
| backdoors, surveillance, spying on users; lock-in; monopoly;
 +
| community participation; unionization of programmers; see articles here [yy]
 +
| knowledge, self-empowerment, solidarity
 
|
 
|
 +
|-
 +
! rowspan="3" | 7
 +
! rowspan="3" | Application
 +
| 7.3 -> VoIP
 +
| skype
 
|
 
|
 +
|
 +
|
 +
|
 +
|-
 +
|7.2 -> SMTP
 +
| email 
 
|
 
|
 
|
 
|
Line 188: Line 413:
 
|
 
|
 
|-
 
|-
 +
| 7.1  HTTP: web, WWW
 +
| web sites! LoLCats!
 +
| individuals, on their own servers! <br> blogs (blogspot?), mainstream media, hosting companies; CDNs (Akamai, Amazon...); corporations: Google, Facebook, Twitter... YouTube..
 +
| W3c, IETF
 +
| censorship; silos; walled gardens; commercialization, consumerism;
 +
| technically: httpS, SSL, TLS; Tor; <br> politically: activism, digital human rights; associations of users;
 +
| torrent! p2p! alternative social media!
 +
|-
 +
|6
 +
| Presentation
 +
| HTML, CSS, JSON
 +
|
 +
|
 +
|
 
|
 
|
 
|
 
|
 
|
 
|
 
|
 
|
 +
|-
 +
|5
 +
| Session
 +
| BGP (actually layer 7...) 
 +
| routing: exchanging AS reachability info via gossip: based on trust & peering agreements! <br> physical routers by routers: Cisco/Juniper (commercial monopolists ;-)
 +
| Large ISPs; Tier1 / Tier2 ; IXPs!!  RIRs give out AS numbers
 +
| "routing-wg" @ RIPE; *NOGs! (nano, nlnog, grnog; peering forums; Euro-IX); IETF; Open-Source community ; hackers
 +
| "route hijacks", government regulation & takeover (killer switch), hierarchies;
 +
| technically: BGPsec, IRR, RPKI; <br> politically: influencing governance
 +
| p2p protocols, Betman [xx]; MPLS, SDN; Tor?!
 
|
 
|
 +
|-
 +
|4
 +
| Transport
 +
| UDP -> e.g. DNS (see above!)
 +
| www.belastingdiest.nl
 +
| User; Registrar, Registry, ccTLD, gTLD, ICANN, US government!
 +
| DNS OARC, IETF, root-nameserver operators, ICANN, IGF/UN/ITU 
 +
| "balkanisation", US hegemony; internationalization; censorship;
 +
| technically: DNSSEC, DANE ; Tor; <br> politically: participating in governance
 +
| Alternative trees; blockchain (namecoin); etc
 
|
 
|
 +
|-
 +
|3
 +
| Network
 +
| Internet / IP
 +
| ifconfig; IPv4, NAT, 10.10.10.10, IPv6
 +
| no-one: IP addresses are "leased"! <br> (PI,PA,LIR,RIR,IANA,IETF)
 +
| RIR PDP, IANA, IETF
 +
| hierarchy, run-out, incompatibility, market forces; surveillance
 +
| IPSec
 +
| Blockchain? GSM? Radio?
 
|
 
|
 +
|-
 +
|2
 +
| Data-link
 +
|
 +
| MAC addresses, Ethernet device drivers, WiFi drivers
 +
| licensed to users
 +
| Broadcom, Realtech, INTEL..
 +
| patents, closed source, Intellectual Property Laws
 +
| open source SW, open HW
 +
| ?!
 +
|-
 +
! rowspan="2" | 1
 +
! rowspan="2" | Physical
 +
| Network connections
 +
| Ethernet cables, WiFi antennas, fibers, satellites, satellite dishes, base-stations, under-sea cables  ; POTS (old-fashioned phones -> BBS, dialup)
 +
| Individuals <br> communities, ISP, "carriers", corporations, governments, 
 +
| Hackers <br> commercial companies, governments
 +
| "ownership" models; hierarchy of server-client model; pollution & distraction of Earth; surveillance
 +
| commoning; shared infrastructure; development of sustainable technologies (?!), recycling; awareness & activism 
 +
|Community WiFi, Project Loon, Drones
 +
|
 +
|-
 +
|HW - end user equipment
 +
|Computer, tablet, phone... 
 +
|User
 +
|Commercial companies: Apple, Siemens, Samsung...
 +
|Un-ethical manufacturing, security backdoors, pollution caused by e-waste disposal,
 +
|Hard:
 +
|Open HW movement; fair-phone; DIY, Repair Cafes, fair-trade...
 +
|
 +
|-
 
|}
 
|}
  
 +
==Security, Privacy, Avoiding Censorship==
  
==Participate, take action, join==
+
* IPSec
 +
* DNSSEC
 +
* BGP security & plumbing:
 +
** https://www.blackhat.com/docs/us-15/materials/us-15-Remes-Internet-Plumbing-For-Security-Professionals-The-State-Of-BGP-Security-wp.pdf
 +
** https://www.youtube.com/watch?v=po_9p6XxK2E
 +
 
 +
* User Self-help:
 +
** https://www.takebackthetech.net
 +
** https://gendersec.tacticaltech.org/wiki/index.php/Manuals_with_a_gender_perspective
 +
** http://hackingwithcare.in/by/ressources/
 +
** https://gendersec.tacticaltech.org/wiki/index.php/Complete_manual
 +
** http://en.flossmanuals.net/bypassing-censorship/ch007_chapter-2-censorship/
 +
 
 +
==Alternatives==
 +
 
 +
MeshNet: "Hackers and philosophers building an utopia together": http://becha.home.xs4all.nl/hackers-philosophers-utopian-network-dec-2012-becha.pdf
 +
 
 +
[[MeshNet#Education]]
 +
 
 +
[[File:tier0.png|right|200px]]
 +
 
 +
[[P2pbgpsec#Technical_view]]
 +
 
 +
November 2014: Nature will have the last word, on Future of Technology, RIPE69 , London
 +
https://wiki.techinc.nl/index.php/File:Nature-speaking-on-future_of_the_internet-RIPE69.pdf
 +
 
 +
UnCivilization: critical thinking about Internet & capitalism: https://lists.puscii.nl/wws/info/uncivilization
 +
 
 +
** [[Hackers_tribes#Internet_and_Capitalism]]
 +
** [[Hackers_tribes#Internet.2C_Electrical_Energy_Efficiency.2C_Pollution]]
 +
** [[Hackers_tribes#Against_Anthropocentrism]]
 +
** [[Hackers_tribes#Decolonising_Internet]] Decolonising
 +
 
 +
* Playfull: Internet Simulator: https://github.com/nsec/the-internet
 +
 
 +
* Alternative Network Deployments: Taxonomy, characterization, technologies and architectures
 +
https://www.ietf.org/id/draft-irtf-gaia-alternative-network-deployments-04.txt
 +
 
 +
* The Critical Engineering Manifesto: https://www.criticalengineering.org/
 +
 
 +
* August 2020: The Internet is for the End User (RFC8890) & https://labs.ripe.net/Members/becha/the-internet-is-for-empowerment-of-end-users
 +
 
 +
=Next topics=
  
==Next: Internet Governance==
+
===Internet Governance===
  
 
See this lecture : [[Internet_Governance_Digital_Culture#Internet_Governance]]  
 
See this lecture : [[Internet_Governance_Digital_Culture#Internet_Governance]]  
Line 206: Line 549:
 
[[Internet_Governance_and_hackers]]
 
[[Internet_Governance_and_hackers]]
  
=More LINKS =
+
===Traceroute Much?===
 +
 
 +
[[User:Becha/InternetPlumbing/Traceroute_Much]]
 +
 
 +
===Linux Install Fest!===
 +
 
 +
https://wiki.techinc.nl/index.php/User:Becha/unixoid_xkcd
 +
 
 +
===Lectures to be made in the future===
 +
 
 +
[[User:Becha/DeeperIPv6]]
 +
 
 +
[[User:Becha/DeeperBGP]]
 +
 
 +
[[User:Becha/DeeperDNS]]
 +
 
 +
===Misc===
 +
 
 +
* Measurements & [[RIPE_Atlas_probes_at_hackerspaces]]
 +
 
 +
* Alternative networks: [[MeshNet]]
 +
 
 +
* It shouldn't be hard: http://www.explainxkcd.com/wiki/index.php/1349:_Shouldn%27t_Be_Hard // http://www.xkcd.com/1349/
 +
 
 +
====Other resources for learning====
 +
 
 +
* ‘STEM-in-a-handbag kit’ https://atlasofthefuture.org/project/waaw-foundation/
 +
** http://waawfoundation.org/stem-in-a-handbag-kits/
 +
 
 +
* "Internet in a Bottle"
 +
 
 +
* "Pocket Internet"  https://github.com/inognet/pocketinternet
 +
 
 +
* https://wiki.techinc.nl/index.php/MeshNet#Education
 +
 
 +
* Command-Line: CLI
 +
** https://criticalengineering.org/courses/cli/
 +
** http://www.selenasmall.com/command-line-mac-os-x/
 +
 
 +
* Learn to code / coding / programming : https://wiki.techinc.nl/Ladies_Night#Learn_to_code
 +
 
 +
=5G=
 +
 
 +
 
 +
[[/5G]] = https://wiki.techinc.nl/User:Becha/InternetPlumbing/5G

Latest revision as of 14:07, 18 June 2024

Hacking-feminism-screenshot.png

Lectures at Hacking Feminism

Fist lecture in this series:

GOALS:

  • Empower each-other with knowledge
  • Learn the basics technical concepts of underlying Internet works
  • Discover & emphesise roles of women
  • Practice & get our hands dirty
  • Work on the alternatives together!
  • Personal goals: learn by teaching; develop series of lectures; practice practice practice!
  • What's your goals?

Internet Plumbing

Internet Plumbing is a word-game with multiple layers of meaning (ha! a recursive pun ;-)

Squirrel eating cable.jpg

Internet As a Series of Tubes

Ubiquitous and complicated as plumbing?

  • Internet as a utility
  • just like "plumbing" (water & sewage), there is underlying "technology" to it, so complex, that no-one seems to grasp how all of it works
  • 60% of the population of the planet does NOT have "teh Internets", and 30% does not have plumbing either (http://www.un.org/waterforlifedecade/sanitation.shtml)
  • Mary Midgley: "Utopias, dolphins, and computers - problems in philosophical plumbing "

https://openlibrary.org/books/OL968959M/Utopias_dolphins_and_computers

Women role models in computing.jpg

Women's role

Participate, take action, join

  • contribute to this wiki page
  • learn more!
  • join mailing lists discussions for technical policy development & Internet governance
  • learn to code & take part in FLOSS community
  • join a hackerspace
  • teach your skills to others
  • contact me: BECHA @ xs4all dot nl // @Ms_Multicolor

Basics

Internet is network of networks 

Step by step

Addressing-basics.png

Local networks

  • "Small network" -- computers "talking" to each other
    • Local Area Network = LAN
    • With cables (ethernet), or Wireless (WiFi)
    • How do they find each other? using unique numbers: MAC (ethernet) address (layer 2), translated by ARP (MAC to IP address)
750px-Ipv4 address.svg.png

IP addresses

  • About IP (Internet Protocol) addresses
    • binary numbers, written as decimal (IPv4) or hexadecimal (IPv6)
    • Can be "public" or "private" (=local)
    • What is the format?

Exercise!! (ifconfig)

  • Typical / mainstream home (or small office) network
    • Private IP addresses
    • NAT = Network Address Translation - translated from multiple private to (usually) one public IP address
    • Home router is (usually) a gateway, firewall, and NAT box at the same time
    • ... and because of IPv4 exhaustion there is also double-NAT aka NAT444
    10.0.0.0        -   10.255.255.255  (10/8 prefix) 
    172.16.0.0      -   172.31.255.255  (172.16/12 prefix)
    192.168.0.0     -   192.168.255.255 (192.168/16 prefix)
TheNAT444Model1.jpg

Nat-images.png

Where do they come from.png

  • Where do the IP addresses come from?
    • Hierarchical distribution (see charts)
    • Principles: fairness, aggregation, conservation, registration
    • Used to be "needs based", now open to "market forces"
    • Policies for distribution ("rules") are developed in open, transparent, bottom-up process
    • IPv4 is "legacy", has run out - but is still DE FACTO THE ONLY STANDARD in use!

Ipv4-space-distribution.png

Inter-connecting and Routing

Isps.png
  • Connecting "to the Internet"
    • usually through commercial ISP (Internet Service Provider): dial-up, fibre, ... modem or router.
    • "free Wifi"
    • over mobile!
    • alternatively: community-mesh-peer-to-peer : MeshNet
Judith: Release Brian!
Pilates: I shall... "welease" "Bwian"!
...
Guard: Where is Brian of Nazareth? I have an order for his release.
Brian: ... You stupid bastards!
Joker: Uh, I'm Brian of Nazareth.
Brian: What?
Joker: Yeah, I'm Brian of Nazareth.
Guard: Take him down.
Brian: I'm Brian of Nazareth!
random slave: I'm Brian!
Another random slave: I'm Brian!
Rich merchant: I'm Brian, and so's my wife!
Guard (pointing to Joker): Take him away and release him.
Joker: No, I'm only joking. I'm not really Brian.  I'm only pulling your leg. It's a joke! I'm not him!
Guard (hits him) 
Joker: Bloody Romans. Can't take a joke.


Becha-Autonomous-system.png

Exercise!! (ping) & Video!!! (https://www.youtube.com/watch?v=IzLPKuAOe50) (Youtube taken over / hijacked by Pakistan Telekom)

With-ixp.png
  • Relationships between "providers"
    • direct peering: between more-less same size & same "importance" ISPs
    • usually at IXP (Internet eXchange Point, e.g. Ams-IX, LINX...)
    • "buying transit" from a "national Telco", usually
    • large providers and carriers create a "backbone"

Video!!! "Internet Revealed, a movie about IXPs" https://www.youtube.com/watch?v=QuBde4Sn3f0

Domain Name System

500px-An example of theoretical DNS recursion-nl.svg.png
  • How do humans find services on the Internet? -> BY NAME!
    • numbers (IP addresses) are translated to names by DNS
    • web-sites, servers, services have DNS "names"
    • hierarchical distribution of names
    • Advanced concepts: resolver, cashing, primary & secondary name-servers, master-slave, recursive resolver, labels, zones, A & AAAA records


  • DNS with NAT
Network Address Translation (file2).jpg

Exercise!!

Exercises

User:Becha/InternetPlumbing/Exercises

Videos

  • youtube hijack
  • How IXP's work
  • Net of Rights

Want to learn more?

Networking Principles

Protocol stack hourglass 1.jpeg

Concepts

More-dolls-fig2.jpg
  • packets & packet switching
  • encapsulation
  • layered network model
  • (open) protocols & (open) standards
  • end-to-end principle
  • ports
  • server/client architecture
  • cryptography

Networking-fig3.jpg Email-tmp3163.jpg

Tcpip pat.gif

Comparing OSI & TCP / IP layers

Original borrowed from: https://en.wikipedia.org/wiki/OSI_model

TCP / IP Model OSI Model
Layer OSI Layer Protocol data unit (PDU) Function Examples
Application 7. Application Data High-level APIs, including resource sharing, remote file access, directory services and virtual terminals TLS, FTP, HTTP, HTTPS, SMTP, SSH, Telnet, BGP!
6. Presentation Translation of data between a networking service and an application; including character encoding, data compression and encryption/decryption CSS, GIF, HTML, XML, JSON
Transport 5. Session Managing communication sessions, i.e. continuous exchange of information in the form of multiple back-and-forth transmissions between two nodes RPC, SCP, NFS, PAP,
4. Transport Segment (TCP) / Datagram (UDP) Reliable transmission of data segments between points on a network, including segmentation, acknowledgement and multiplexing NBF, TCP, UDP
Network /
Internet
3. Network Packet Structuring and managing a multi-node network, including addressing, routing and traffic control AppleTalk, ICMP, IPsec, IPv4, IPv6
Link
layer
2. Data link Frame Reliable transmission of data frames between two nodes connected by a physical layer IEEE 802.2, L2TP, LLDP, MAC, PPP, ATM, MPLS
1. Physical Bit Transmission and reception of raw bit streams over a physical medium DOCSIS, DSL, Ethernet physical layer, ISDN, USB

Cross-layer functions:

  • ARP is used to translate IPv4 addresses (OSI layer 3) into Ethernet MAC addresses (OSI layer 2).
  • Domain Name Service is an Application Layer service which is used to look up the IP address of a given domain name. Once a reply is received from the DNS server, it is then possible to form a Layer 3 connection to the third-party host.
  • etc

Resources

Many many more resources: books, videos:

Links:

Wonderful site for teaching Internet concepts to children: 
http://networks.land/

Acronyms!

RIPE NCC Glossary: https://www.ripe.net/participate/member-support/new-member/ncc_glossary_print.pdf/at_download/file

  • TCP/IP
  • IPv4, IPv6: Internet Protocol (IP) addresses
  • NAT: Network Address Translation
  • DNS: Domain Name System
  • ASN: Autonomous System Number
    • used for BGP routing (Border Gateway Protocol)
  • IXP: Internet eXchange Point
  • SMTP
  • HTTP
  • CDN

Advanced topics

Layers as an allegory

Osi-layers-ti-shirt-download.jpeg Evi nemeth.jpg
The art of engineering.png

Left: OSI Model T-shirt enhanced to include an 8th and 9th layer as defined by Evi Nemeth: https://en.wikipedia.org/wiki/Evi_Nemeth // (old, broken link -> https://www.isc.org/product/isc-9-layer-osi-model-cotton-t-shirt/ )

https://shop.isc.org/collections/shirts/products/osi-9-layer-model-t-shirt-1


(TODO: add ISC reference to Evi's wikipedia page!!)

Right: back of the T-shirt from the IETF75 in Stockholm, 2005

ABSTRACTION

Osi-deployment-layers.png

Explaining complex concepts using layers is a useful abstraction.

Goal here is to illustrate layers by practical examples, and point out owners, developers, dangers, mitigations & alternatives.

This is not exactly technically correct, for the detail oriented people! 
Number Layer name Example Practically Owner Developed by Vulnerabilities / Dangers Mitigation / Securing Alternatives
9 Organisation / Political (Internet) Governance technical community, civil society, governments IGF (Internet Governance Forum), UN, ITU, IETF, ICANN, awareness, take part! someone will build a new *net, AlterNet :-)
8 Individual / Financial Operating System (OS) + choice of software Linux, FreeBSD, Minix...; iOS, Android, Windows... User! programmers & developers: FLOSS community;
Apple, Google,Micro$oft
backdoors, surveillance, spying on users; lock-in; monopoly; community participation; unionization of programmers; see articles here [yy] knowledge, self-empowerment, solidarity
7 Application 7.3 -> VoIP skype
7.2 -> SMTP email
7.1 HTTP: web, WWW web sites! LoLCats! individuals, on their own servers!
blogs (blogspot?), mainstream media, hosting companies; CDNs (Akamai, Amazon...); corporations: Google, Facebook, Twitter... YouTube..
W3c, IETF censorship; silos; walled gardens; commercialization, consumerism; technically: httpS, SSL, TLS; Tor;
politically: activism, digital human rights; associations of users;
torrent! p2p! alternative social media!
6 Presentation HTML, CSS, JSON
5 Session BGP (actually layer 7...) routing: exchanging AS reachability info via gossip: based on trust & peering agreements!
physical routers by routers: Cisco/Juniper (commercial monopolists ;-)
Large ISPs; Tier1 / Tier2 ; IXPs!! RIRs give out AS numbers "routing-wg" @ RIPE; *NOGs! (nano, nlnog, grnog; peering forums; Euro-IX); IETF; Open-Source community ; hackers "route hijacks", government regulation & takeover (killer switch), hierarchies; technically: BGPsec, IRR, RPKI;
politically: influencing governance
p2p protocols, Betman [xx]; MPLS, SDN; Tor?!
4 Transport UDP -> e.g. DNS (see above!) www.belastingdiest.nl User; Registrar, Registry, ccTLD, gTLD, ICANN, US government! DNS OARC, IETF, root-nameserver operators, ICANN, IGF/UN/ITU "balkanisation", US hegemony; internationalization; censorship; technically: DNSSEC, DANE ; Tor;
politically: participating in governance
Alternative trees; blockchain (namecoin); etc
3 Network Internet / IP ifconfig; IPv4, NAT, 10.10.10.10, IPv6 no-one: IP addresses are "leased"!
(PI,PA,LIR,RIR,IANA,IETF)
RIR PDP, IANA, IETF hierarchy, run-out, incompatibility, market forces; surveillance IPSec Blockchain? GSM? Radio?
2 Data-link MAC addresses, Ethernet device drivers, WiFi drivers licensed to users Broadcom, Realtech, INTEL.. patents, closed source, Intellectual Property Laws open source SW, open HW  ?!
1 Physical Network connections Ethernet cables, WiFi antennas, fibers, satellites, satellite dishes, base-stations, under-sea cables  ; POTS (old-fashioned phones -> BBS, dialup) Individuals
communities, ISP, "carriers", corporations, governments,
Hackers
commercial companies, governments
"ownership" models; hierarchy of server-client model; pollution & distraction of Earth; surveillance commoning; shared infrastructure; development of sustainable technologies (?!), recycling; awareness & activism Community WiFi, Project Loon, Drones
HW - end user equipment Computer, tablet, phone... User Commercial companies: Apple, Siemens, Samsung... Un-ethical manufacturing, security backdoors, pollution caused by e-waste disposal, Hard: Open HW movement; fair-phone; DIY, Repair Cafes, fair-trade...

Security, Privacy, Avoiding Censorship

Alternatives

MeshNet: "Hackers and philosophers building an utopia together": http://becha.home.xs4all.nl/hackers-philosophers-utopian-network-dec-2012-becha.pdf

MeshNet#Education

Tier0.png

P2pbgpsec#Technical_view

November 2014: Nature will have the last word, on Future of Technology, RIPE69 , London https://wiki.techinc.nl/index.php/File:Nature-speaking-on-future_of_the_internet-RIPE69.pdf

UnCivilization: critical thinking about Internet & capitalism: https://lists.puscii.nl/wws/info/uncivilization

  • Alternative Network Deployments: Taxonomy, characterization, technologies and architectures

https://www.ietf.org/id/draft-irtf-gaia-alternative-network-deployments-04.txt

Next topics

Internet Governance

See this lecture : Internet_Governance_Digital_Culture#Internet_Governance

Internet_Governance_and_hackers

Traceroute Much?

User:Becha/InternetPlumbing/Traceroute_Much

Linux Install Fest!

https://wiki.techinc.nl/index.php/User:Becha/unixoid_xkcd

Lectures to be made in the future

User:Becha/DeeperIPv6

User:Becha/DeeperBGP

User:Becha/DeeperDNS

Misc

Other resources for learning

  • "Internet in a Bottle"

5G

/5G = https://wiki.techinc.nl/User:Becha/InternetPlumbing/5G