Loading...

Daniel Borkmann - Linux' packet mmap(), BPF, and the netsniff-ng toolkit

3,549 views

Loading...

Loading...

Loading...

Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on Mar 8, 2013

Slides: http://www.devconf.cz/slides/devconf-...
This talk will cover internals of the PF_PACKET socket in the Linux kernel, in particular the packet mmap() mechanism ("zero-copy") that is used to improve packet capturing and transmission performance from user space. In addition to that, the Berkeley Packet Filter will be partially covered with its built-in kernel space "virtual machine" and just-in-time compiler. As an application on top of that, the netsniff-ng toolkit will be presented (http://netsniff-ng.org/), which can be used to facilitate a network developer's daily kernel plumbing, but also the daily work of system administrators or security consultants.

Loading...

When autoplay is enabled, a suggested video will automatically play next.

Up next


to add this to Watch Later

Add to

Loading playlists...