Presentation is loading. Please wait.

Presentation is loading. Please wait.

41 slides Fun with FCC part 15 Home speaker system on 107.3 (and that’s not easy in the NYC/PHL area)

Published byBertina Hardy Modified over 8 years ago

Similar presentations

Presentation on theme: "41 slides Fun with FCC part 15 Home speaker system on 107.3 (and that’s not easy in the NYC/PHL area)"— Presentation transcript:

1 41 slides Fun with FCC part 15 Home speaker system on 107.3 (and that’s not easy in the NYC/PHL area)

2 41 slides Emulating large intranets with honeyd Bill Cheswick ches@lumeta.com

3 41 slides This talk was going to be boring…

4 41 slides Another Reason Why I Like the Window Seat Bill Cheswick

5 41 slides Mapping the Internet and Intranets Steve Branigan, Hal Burch, Bill Cheswick ches@lumeta.com

6 Mapping the Internet and intranets slide 6 of 41

7 41 slides How To Take the Internet Down for a week Bill Cheswick ches@bell-labs.com ches@cheswick.com

8 41 slides Our digital house By Kestrel, Terence, Lorette, and Bill Cheswick

9 41 slides Emulating large intranets with honeyd Bill Cheswick ches@lumeta.com

10 Mapping the Internet and intranets slide 10 of 41

11 Mapping the Internet and intranets slide 11 of 41

12 Mapping the Internet and intranets slide 12 of 41 Free at last! Nagata Varley Etc.

13 41 slides Anything large enough to be called an “intranet” is out of control

14 Mapping the Internet and intranets slide 14 of 41 Lumeta Spun off from Bell Labs in Sept. 2000 B round funding last June Building a hang glider…

15 41 slides Inside the Kimono…

16 Mapping the Internet and intranets slide 16 of 41

17 Mapping the Internet and intranets slide 17 of 41

18 Mapping the Internet and intranets slide 18 of 41

19 Mapping the Internet and intranets slide 19 of 41

20 Mapping the Internet and intranets slide 20 of 41

21 Mapping the Internet and intranets slide 21 of 41

22 Mapping the Internet and intranets slide 22 of 41

23 Mapping the Internet and intranets slide 23 of 41

24 Mapping the Internet and intranets slide 24 of 41

25 Mapping the Internet and intranets slide 25 of 41

26 Mapping the Internet and intranets slide 26 of 41 Some intranet statistics from Lumeta clients

27 Mapping the Internet and intranets slide 27 of 41 But how do we debug our software? We used to use Lucent’s network back when I was working at Bell Labs We have a very light touch on our clients’ networks, and they like it that way The Bank of Zork (NASDAQ: BOZO) doesn’t want us practicing on their network

28 Mapping the Internet and intranets slide 28 of 41 Simulation vs emulation Simulators run packet flows over imaginary networks Often run to test routing and queuing algorithms Emulator wants to appear to be the network

29 Mapping the Internet and intranets slide 29 of 41 What does a chief scientist do? Primarily a prima donna Certainly not in development – Travel too much to keep deadline promises – Never was good at all-nighters Find a project that would be nice, but nobody is waiting for QA was a fine place to look

30 Mapping the Internet and intranets slide 30 of 41 Honeyd Written by Niels Provos at citi.umich.edu Name unrelated to, and vexes, Peter Honeyman, also of citi.umich.edu Designed to emulate one or more computers in a single host to lure and confuse hackers Responds using nmap and other host fingerprinting databases User scripts available to emulate specific web and other network server software

31 Mapping the Internet and intranets slide 31 of 41 Honeyd Designed to emulate one or more computers in a single host to lure and confuse hackers User scripts available to emulate specific web and other network server software – Microsoft IIS web server – A number of text-based services are emulated in available scripts

32 Mapping the Internet and intranets slide 32 of 41 Honeyd Host fingerprint identification based on probe databases – Nmap – xprobe

33 Mapping the Internet and intranets slide 33 of 41 My Honeyd project Make honeyd configuration scripts that build our clients’ networks from the data we obtain Add UDP servers for – DNS (name service) – SNMP (Simple Network Management Protocol)

34 Mapping the Internet and intranets slide 34 of 41 Uses Perfect test network for QA – Unchanging….diff the pages – Build pathological network configurations Training Sales demos Could this be a product?

35 Mapping the Internet and intranets slide 35 of 41 My honeyd scripts Generates entire network description for honeyd based on our client data You want a 50,000 node network based on real data? No problem. 300,000 nodes? OK DNS emulates name server lookups Routers respond with SNMP data

36 Mapping the Internet and intranets slide 36 of 41 How good is the emulation? Handles pings and traceroutes with no problem Handles “stealth hosts”, routers that don’t issue TTL exceeded messages Even does a fair job of simulating latencies Emulator for SNMP and DNS queries This is good enough for us: we don’t collect other data at present Real networks change as you test them.

37 Mapping the Internet and intranets slide 37 of 41 Real

38 Mapping the Internet and intranets slide 38 of 41 Simulated

39 Mapping the Internet and intranets slide 39 of 41 Certainly not perfect There isn’t nearly as much state in our network emulation as there is in a real network CPU time becomes an issue, and the emulator is not efficient at the moment – Moore’s law is a big help here Host fingerprinting could make the network much more convincing – We are working on it – Could just fake it

40 Mapping the Internet and intranets slide 40 of 41 Future work Many incremental improvements to network simulations Honeyd performance improvements Might release a large cleansed network configuration for research purposes

41 41 slides Emulating large intranets with honeyd Bill Cheswick ches@lumeta.com

Download ppt "41 slides Fun with FCC part 15 Home speaker system on 107.3 (and that’s not easy in the NYC/PHL area)"

Similar presentations

Renumbering Networks: RFC 4192 Fred Baker. How RFC 4192 came to be I heard one too many times on operational lists it is impossible to renumber a network.

Renumbering Networks: RFC 4192 Fred Baker. How RFC 4192 came to be I heard one too many times on operational lists it is impossible to renumber a network.
1 of 75Mapping the Internet and Intranets. 75 slides Mapping the Internet and Intranets Bill Cheswick

1 of 75Mapping the Internet and Intranets. 75 slides Mapping the Internet and Intranets Bill Cheswick
21.1 Chapter 21 Network Layer: Address Mapping, Error Reporting, and Multicasting Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.

21.1 Chapter 21 Network Layer: Address Mapping, Error Reporting, and Multicasting Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.
System Security Scanning and Discovery Chapter 14.

System Security Scanning and Discovery Chapter 14.
Introduction to the Internet September 7, 2005 Lecture 1.

Introduction to the Internet September 7, 2005 Lecture 1.
Internet Control Message Protocol (ICMP)

Internet Control Message Protocol (ICMP)
1 A survey of Internet Topology Discovery. 2 Outline Motivations Internet topology IP Interface Level Router Level AS Level PoP Level.

1 A survey of Internet Topology Discovery. 2 Outline Motivations Internet topology IP Interface Level Router Level AS Level PoP Level.
W7D2. Internet (topology) (recap) Local Area Networks (Ethernet) packet switched networks LAN-s patched together Internet addresses (Internet Protocol.

W7D2. Internet (topology) (recap) Local Area Networks (Ethernet) packet switched networks LAN-s patched together Internet addresses (Internet Protocol.
User-level Internet Path Diagnosis R. Mahajan, N. Spring, D. Wetherall and T. Anderson.

User-level Internet Path Diagnosis R. Mahajan, N. Spring, D. Wetherall and T. Anderson.
CSC458/2209 PA1 Simple Router Based on slides by: Antonin Seyed Amir Hejazi 19/09/2014 CSC458/2209 - Computer Networks, University of Toronto.

CSC458/2209 PA1 Simple Router Based on slides by: Antonin Seyed Amir Hejazi 19/09/2014 CSC458/ Computer Networks, University of Toronto.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 5 Introduction to DNS in Windows Server 2008.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 5 Introduction to DNS in Windows Server 2008.
Chapter 23: ARP, ICMP, DHCP IS333 Spring 2015.

Chapter 23: ARP, ICMP, DHCP IS333 Spring 2015.
Network Measurement Bandwidth Analysis. Why measure bandwidth? Network congestion has increased tremendously. Network congestion has increased tremendously.

Network Measurement Bandwidth Analysis. Why measure bandwidth? Network congestion has increased tremendously. Network congestion has increased tremendously.
Ch 20 Q and A IS333, Spring 2015 Victor Norman. Universal Service Means every computer can talk “directly” with every other one. A message is not addressed.

Ch 20 Q and A IS333, Spring 2015 Victor Norman. Universal Service Means every computer can talk “directly” with every other one. A message is not addressed.
Copyright 2010-2013 Kenneth M. Chipps Ph.D. www.chipps.com How to Use SNMP to Collect Network Data Last Update 2013.04.18 1.1.0 1.

Copyright Kenneth M. Chipps Ph.D. How to Use SNMP to Collect Network Data Last Update
Virtual Private Network (VPN) © N. Ganesan, Ph.D..

Virtual Private Network (VPN) © N. Ganesan, Ph.D..
CISCO NETWORKING ACADEMY Chabot College ELEC 99.08 ping & traceroute.

CISCO NETWORKING ACADEMY Chabot College ELEC ping & traceroute.
TCP/IP Tools Lesson 5. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Using basic TCP/IP commands Understanding TCP/IP3.6.

TCP/IP Tools Lesson 5. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Using basic TCP/IP commands Understanding TCP/IP3.6.
Click to edit Master subtitle style Chapter 17: Troubleshooting Tools Instructor:

Click to edit Master subtitle style Chapter 17: Troubleshooting Tools Instructor:
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

Similar presentations

Ads by Google