Schedule‎ > ‎

03 - Layer 3 Services (2)

Revisit SMTP.  Examine some subtle features of protocols on-the-wire like streaming over HTTP and how encryption has been adapted into different protocols.  Discuss encryption and the DigiNotar CA compromise.  Begin a discussion of network inventory and an introduction to flow.  


Collect Homework #2.
Assign Homework #3, due 9/20.
Assign Project #1, due 9/27.


In addition to the homework I'd like you to take a look at some of the articles below that talk about Comodohacker and the DigiNotar certificate compromise.  We'll be using this as an example of encryption, it's a really interesting compromise that we've seen happen a few times already...and will likely happen more often.  Be sure to note the source as you work through the documents, that should have a significant impact on how you interpret what's actually written down.

As mentioned last week, if you want to study protocols in a bit more detail, check out these references:

TCP/IP Illustrated: The Implementation
By W. Richard Stevens, Gary R. Wright
Contributor Gary R. Wright
Published by Addison-Wesley, 1994
ISBN 0201633469, 9780201633467
600 pages
This is my personal favorite for getting started with network protocols.  It's an old text that hasn't been updated lately--which means you won't get confused with all the crazy workarounds that have been implemented over the years.  Start out with the fundamentals, then you can study RFCs that added the just features you're most interested in.

Headers, Tables, Tools and Notes
Written and compiled by James Summers
SANS Institute
2 pages

SANS Institute
2 pages
Showing 22 items
TitleSizeLast Updated
TitleSizeLast Updated
^ Documents Folder   
2012.95-855.class03.notes.Services(2).docx 33kb September 13, 2012 
Comodo - blog on the compromise.pdf 214kb August 25, 2012 
Comodo - CA compromise stmt.pdf 83kb August 25, 2012 
Comodo - Hacker releases Mozilla certificate _ Netcraft.pdf 1mb August 25, 2012 
Comodo - Iranian hacker takes credit.pdf 1mb August 25, 2012 
DigiNotar - Gmail Help.pdf 79kb August 25, 2012 
DigiNotar - Google Statement.pdf 31kb August 25, 2012 
DigiNotar - Internet Storm Center.pdf 101kb August 25, 2012 
DigiNotar - Mozilla Security Blog.pdf 152kb August 25, 2012 
DigiNotar - statement.pdf 124kb August 25, 2012 
http-pandora2.pcap 1mb August 25, 2012 
https-googlelogin3x.pcap 29kb August 25, 2012 
http-youtube.pcap 1mb August 25, 2012 
live365-32k.pcap 8mb August 25, 2012 
live365-32k.txt kb August 25, 2012 
live365-64k.pcap 3mb August 25, 2012 
live365-64k.txt kb August 25, 2012 
Network Profiling.ppt 509kb August 25, 2012 
Pandora-on-Chrome.pcap 8mb August 25, 2012 
Pandora-on-Chrome.txt kb August 25, 2012 
Pandora-on-IE.pcap 9mb August 25, 2012 
Showing 22 items