April 29, 2012

The so-called Skype SDK IP leaks

For the last few days, there has been a buzzing news in the community, following the recent discovery of a so-called information leak in the skype SDK. [email protected], published a python code sample “exploiting this vulnerability” https://github.com/zhovner/Skype-iplookup/ using a de-obfuscated SDK and published a demo site @http://skype-ip-finder.tk/. More related information on the skype-open-source project can be found @ http://skype-open-source.blogspot.de/ So to sump-up, the “so-called leak” takes place by: 1. having “debug logging enabled” in the hi-jacked SDK 2. ... Read more

September 3, 2011

Padhye et. al. Equation and TCP performance

If you are not familiar with the Mathis Equation, I recommend you quickly go over my post article Mathis Equation and TCP Performance. This is necessary since the Padhye et. al. Equation is an extension to the Mathis Equation for accuracy of TCP throughput calculation over multiple scenario of packet loss. As simply put, the Padhye et. al. Equation Equation is exactly the same concept as the Mathis Equation but taking in consideration the Maximum TCP Window size affected by received/lost/duplicate ACK, the initial retransmit timer and the effect of the TCP timeout mechanism on the total throughput. ... Read more

August 24, 2010

RPS and RFS - Kernel Network Stack

If you have been following the latest improvement in the release of the 2.6.35 kernel, you have probably noted 2 major network stack improvement which have create some buzz in the geek community. Ok not really! since the RPS and RFS project has been going on since a while now by the crowd @Google Inc. Since those 2 amaizing features have been fully implemented in the kernel and are now supported, I though it is a good opportunity to finally get down to the beast and try to shed some light on RPS and RFS. ... Read more

January 20, 2010

QinQ Vlan tagging and S-Vlans

Pre-requiste: Understanding of the 802.1Q Protocol The purpose of this post is to shed a light on how QinQ Vlan takes place in a bridged network environment. Before continuing, it is important to keep in mind that 802.1QinQ or 802.1ad isn’t a defined protocol in itself but a mere amendment of the already existing 802.1Q protocol. Having said that, in a nutshell where a single frame can hold a maximum of 4096 tags, QinQ extends the number of maximum tags to 16777216 tags, thus allowing switches to freely manipulate the tags of a single packet. ... Read more

October 29, 2009

The Nagle's algorithm and TCP throughput

Who talks about about TCP throughput unfortunately can’t step away from the congestion problem that often occurs in TCP session connections. There are many TCP Congestion Algorithms, from Window Sliding to Fast Recovery; In this post I will only focus on the Nagle’s algorithm and how applications can be tweaked to either make use of the TCP delay induced by the Nagle’s algorithm or minimize latency for the sake of real time application. ... Read more

September 23, 2009

Ethernet flow control and IGMP snooping

It is important to note that** TCP flow control mechanism** as well as Ethernet flow control mechanism are completely 2 different mechanism, which strive to achieve the same unique goal but when in used, are completely unaware of each other. As a matter of fact, Ethernet flow control can fully alienate your network if not planned and used carefully :)… So What is TCP flow control? Flow control is a mechanism implemented in the TCP stack which enables a receiver endpoint to notify a sender that it can no longer receive data in its buffer. ... Read more

September 16, 2009

Mathis Equation and TCP performance

As simple as possible laid off, the Mathis equation goes as follow Rate <= (MSS/RTT)*(1 / p) MSS This is the Maximum Segment Size, which is the MTU excluding the TCP/IP headers. MSS = MTU - TCP/IP headers - for example 1460 with an MTU of 1500 (20b IP and 20b TCP headers) RTT RTT is the Round Trip Time as measured by TCP. The round trip is the time it would take a packet to travel from endpoint A to B and from endpoint B to A. ... Read more

October 30, 2008

How to reverse engineer a subnet

Alright.. Alright! everbody have their own method to reverse engineer a subnet… Here is a technic and way that works for me and might work for you. Let’s take a random private ip. IP: 192.168.1.95⁄27 And let’s try to figure out its network range. In such case, we will take the lowest subnet octect, which here is 224 (remember that a subnet bit of 27 is 255.255.255.224)… let’s therefore convert it into binary. ... Read more