CS 330: Resources

This page contains links to useful resources.

Development Environment

• Visual Studio Code is a code editor redefined and optimized for building and debugging modern web and cloud applications.
• GCC, the GNU Compiler Collection.
• GDB, the GNU Project Debugger.
• Microsoft Visual Studio is an integrated development environment from Microsoft. It is used to develop computer programs, as well as websites, web apps, web services and mobile apps.
• Apache NetBeans Quickly and easily develop desktop, mobile, and web applications with Java, JavaScript, HTML5, PHP, C/C++ and more.

Passive Capture

• Wireshark is the most popular tool for passive packet capture and analysis.
  • Sample Captures
  • Filter Manual Pages
• Microsoft Message Analyzer is an extensible tool for analyzing network. traffic on Windows. Retired on November 25, 2019.
• TCPDump & libpcap is a powerful command-line packet analyzer; and libpcap, a portable C/C++ library for network traffic capture, and it’s windows implementation WinPcap.
  • Programming with pcap by Tim Carstens.
• netwox is a network toolbox is a network toolbox for network administrators and network hackers.
• netwib is a network library is a network library, for network administrators and network hackers.
  • netwox already contains several tools using the netwib network library.
• netwag is a graphical front end for netwox.
  • netwox & netwag Troubleshooting guide.
• NetworkMiner is an open source Network Forensic Analysis Tool.
• tcptrace is a tool for analysis of TCP dump files.
• tcpflow is a powerful command line based tool for analyzing network traffic.

Active Capture

• The Canape tool as a generic network protocol man-in-the-middle testing, analyzing, and exploitation tool with a usable GUI.
• Canape Core is a stripped-down fork of the original Canape code base, are designed for use from the command line.
• Mallory is an extensible man-in-the-middle tool that acts as a network gateway, which makes the process of capturing, analyzing, and modifying traffic transparent to the application being tested.

Network Connectivity

• The Hping tool is similar to the traditional ping utility, but it supports more than just ICMP echo requests.
• Netcat is a command line tool that connects to an arbitrary TCP or UDP port and allows you to send and receive data.
  • Netcat cheat sheet pocket reference guide.
• If you need to scan the open network interface on a remote system, nothing is better than Nmap.
• netdiscover is a network address discovering tool, install by using sudo apt-get install netdiscover.
• Masscan is the world’s fastest internet port scanner.
• curl is a command line tool and library for transferring data with URLs (since 1998).
• wget is a free software package for retrieving files using HTTP, HTTPS, FTP and FTPS.
• HTTPie—aitch-tee-tee-pie is a user-friendly command-line HTTP client for the API era.

Web Testing (Web Proxies)

• Burp or Burp Suite is the gold standard of commercial web application–testing tools.
• OWASP Zed Attack Proxy ZAP.
• w3af is a Web Application Attack and Audit Framework.
• mitmproxy is an interactive, SSL/TLS-capable intercepting proxy with a console interface for HTTP/1, HTTP/2, and WebSockets.
• Charles is an HTTP proxy, an HTTP. monitor, and a reverse proxy. It enables you to view HTTPS traffic.
• HTTrack website copier.

• Network Spoofing

• Ettercap is a man-in-the-middle tool designed to listen to network traffic between two devices.
• DNSMasq is designed to quickly set up basic network services, such as DNS and DHCP, so you don’t have to hassle with complex service configuration
• arpspoof is a simple ARP spoofer for Windows.

System Utilities

• Sysinternals Suite is a suite of more than 70 freeware utilities used to monitor, manage and troubleshoot the Windows operating system.
• NirSoft is a unique collection of small and useful utilities, including password recovery, networking tools, forensics and more.

API Development

• Postman API development environment.
• Fiddler is free web debugging proxy for any browser, system or platform.
• A RESTful Tutorial.

Supplemental Material

• Interactive Exercises
• High Performance Browser Networking is what every web developer should know about networking and web performance.
• Eloquent JavaScript is a book about JavaScript, programming, and the wonders of the digital.
• Beej’s Guide to Network Programming
• Principles of chaos engineering
• Programmable Web - retired.

Repositories

• BIND 9 source code and issues.

References

• Root Servers Map
• IANA - Internet Assigned Numbers Authority
• Service Name and Transport Protocol Port Number Registry
• CERN 2019 WorldWideWeb Rebuild
• The CERT Division at Carnegie Mellon University
• Assigned Internet Protocol Numbers
• IEEE 802.3 - ETHERNET WORKING GROUP
• Internet Corporation for Assigned Names and Numbers

Technical Documentation

HTTP

• RFC 2617, HTTP Authentication: Basic and Digest Access Authentication
• RFC 7230, HTTP/1.1: Message Syntax and Routing
• RFC 7231, HTTP/1.1: Semantics and Content
• RFC 7232, HTTP/1.1: Conditional Requests
• RFC 7233, HTTP/1.1: Range Requests
• RFC 7234, HTTP/1.1: Caching
• RFC 7235, HTTP/1.1: Authentication
• RFC 7540, HTTP/2
• draft-ietf-quic-http, HTTP/3

SMTP

• RFC 2920, SMTP: Service Extension for Command Pipelining (STD 60)
• RFC 3030, SMTP: Service Extensions for Transmission of Large and Binary MIME Messages
• RFC 3207, SMTP: Service Extension for Secure SMTP over Transport Layer Security
• RFC 3461, SMTP: Service Extension for Delivery Status Notifications
• RFC 4954, SMTP: Service Extension for Authentication
• RFC 5321, Simple Mail Transfer Protocol
• RFC 6531, SMTP: Extension for Internationalized Email Addresses

IMAP

• RFC 3501, IMAP version 4 revision 1

POP3

• RFC 1939, Post Office Protocol - Version 3

DNS

• RFC 1034, Domain Names - Concepts and Facilities
• RFC 1035, Domain Names - Implementation and Specification
• RFC 1123, Requirements for Internet Hosts—Application and Support
• RFC 1995, Incremental Zone Transfer in DNS
• RFC 2136, DNS UPDATE
• RFC 3225, Indicating Resolver Support of DNSSEC
• RFC 3226, DNSSEC and IPv6 A6 aware server/resolver message size requirements
• RFC 3596, DNS Extensions to Support IP Version 6
• RFC 7858, Specification for DNS over Transport Layer Security (TLS)
• RFC 8310, Usage Profiles for DNS over TLS and DNS over DTLS
• RFC 8484, DNS Queries over HTTPS (DoH)

FTP

• RFC 959, FILE TRANSFER PROTOCOL (FTP)

P2P

• RFC 5694, Peer-to-Peer (P2P) Architecture

TCP

• RFC 793, TCP v4
• STD 7, Transmission Control Protocol, Protocol specification
• RFC 1122, Requirements for Internet Hosts – Communication Layers
• RFC 1948, Defending Against Sequence Number Attacks
• RFC 2018, TCP Selective Acknowledgment Options
• RFC 3168, The Addition of Explicit Congestion Notification (ECN) to IP
• RFC 5681, TCP Congestion Control
• RFC 6298, Computing TCP’s Retransmission Timer
• RFC 6824, TCP Extensions for Multipath Operation with Multiple Addresses
• RFC 7323, TCP Extensions for High Performance
• RFC 7414, A Roadmap for TCP Specification Documents
• RFC 8312, CUBIC for Fast Long-Distance Networks

UDP

• RFC 768, User Datagram Protocol
• RFC 2675, IPv6 Jumbograms
• RFC 4113, Management Information Base for the UDP
• RFC 8085, UDP Usage Guidelines

IP

• RFC 791, INTERNET PROTOCOL
• RFC 950, Internet Standard Subnetting Procedure
• RFC 1349, Type of Service in the Internet Protocol Suite
• RFC 1958, Architectural Principles of the Internet
• RFC 1517, Applicability Statement for the Implementation of Classless Inter-Domain Routing (CIDR)
• RFC 1633, Integrated Services in the Internet Architecture: an Overview
• RFC 2460, Internet Protocol, Version 6 (IPv6) Specification
• RFC 2473, Generic Packet Tunneling in IPv6 Specification
• RFC 2474, Definition of the Differentiated Services Field (DS Field) in the IPv4 and IPv6 Headers
• RFC 2475, An Architecture for Differentiated Services
• RFC 3056, Connection of IPv6 Domains via IPv4 Clouds (6to4)
• RFC 3439, Some Internet Architectural Guidelines and Philosophy
• RFC 4380, Teredo: Tunneling IPv6 over UDP
• FCC-15-24, FCC Releases Open Internet Order

ICMP

• RFC 792, INTERNET CONTROL MESSAGE PROTOCOL
• RFC 1070, Computing the Internet Checksum
• RCF 1122, Requirements for Internet Hosts - Communication Layers

DHCP

• RFC 951, BOOTSTRAP PROTOCOL (BOOTP)
• RFC 2131, Dynamic Host Configuration Protocol
• RFC 2132, DHCP Options and BOOTP Vendor Extensions
• RFC 3046, DHCP Relay Agent Information Option
• RFC 3397, Dynamic Host Configuration Protocol (DHCP) Domain Search Option
• RFC 3942, Reclassifying Dynamic Host Configuration Protocol Version Four (DHCPv4) Options
• RFC 4242, Information Refresh Time Option for Dynamic Host Configuration Protocol for IPv6
• RFC 4361, Node-specific Client Identifiers for Dynamic Host Configuration Protocol Version Four (DHCPv4)
• RFC 4436, Detecting Network Attachment in IPv4 (DNAv4)

BGP

• RFC 1771, A Border Gateway Protocol 4 (BGP-4)
• RFC 1965, Autonomous System Confederations for BGP
• RFC 1997, BGP Communities Attribute
• RFC 2547, BGP/MPLS VPNs
• RFC 2796, BGP Route Reflection - An Alternative to Full Mesh IBGP
• RFC 2842, Capabilities Advertisement with BGP-4
• RFC 2858, Multiprotocol Extensions for BGP-4
• RFC 2918, Route Refresh Capability for BGP-4
• RFC 3107, Carrying Label Information in BGP-4

OSPF

• RFC2328, OSPF Version 2
• RFC5340, OSPF for IPv6

ARP

• RFC826, An Ethernet Address Resolution Protocol
• RFC5494, IANA Allocation Guidelines for the Address Resolution Protocol (ARP)

Ethernet

• RFC894, A Standard for the Transmission of IP Datagrams over Ethernet Networks
• RFC1042, A Standard for the Transmission of IP Datagrams over IEEE 802 Networks