 Cool. All right. It's six o'clock. Let's rock and roll got a seven of our best friends here and So, yeah, hey everyone good to see everyone again. It's a Wednesday March 3rd that we're recording this One of the so I'm gonna first talk about assignment three. So hopefully you all have Forgiving each other from maybe past transgressions Maybe potential scam some enterprising student tried to message me on discord and try to get me to sign their key. It did not work because I did not have a key for them to sign. So I thought that was pretty funny. It was a good try. So yeah, the will be grading assignment three probably in the next week or so we need to wait for all every one of the keys to get in. But yeah, hopefully you got a little bit of a, you know, if you developed a little bit of paranoia about who people are and thought about ways to scam people and to prevent yourselves from getting scammed. And I think a really interesting thing. And usually what we do is will Talk about I'll try to ask some of the people that have that did really well on the assignment. To try to get them to tell us their techniques because it's probably things that you hadn't even thought of I had a couple semesters ago the students Created their own certificate authority. So they had two of them that control the Google doc that had real names of people that they verified and they each would check their IDs. But one person super enterprising person got hacked their way onto the list. I think just like social engineered them basically and pretended to be their adversarial key and they got 20 or 30 adversarial keys signatures from everyone that was on that list. So usually and I don't know it for this class yet, but usually there's a long like Powered like a long tail power distribution of scamming where there's a few really good scammers and the rest of them are really tapers off so And it's usually not that one person gets scams a lot either usually the scans are pretty even but We'll we'll see that. So yeah, anyways, okay, so that's assignment three. That'll be done. I hope that was a little fun change of pace. Now, of course, the second topic that you are Concerned about is the midterm right so the practice CTF site is down right now because we're setting everything up for the midterm so you will not be seeing the practice site is going away. Will be releasing the midterm CTF site sometime time between the end of the class and midnight tonight. Who knows it could take longer if you've ever Dealt with computer stuff, you know that sometimes it can take longer depending on weird problems that show up. So we'll do our best to get that to you. I'm not going to tell you any information about it because you'll know soon enough, like if I tell you anything about it of how many challenges, whatever, whatever that's not going to change in the next three or four hours until it's released or whatever. So, yeah, I'll announce on Piazza. So just be On the lookout for Piazza also have a write up there. The important thing that I'll put in that write up that I'll also mention here is Kind of the fun part about having this CTF style midterm is that you can kind of See everybody's progress and as they're breaking levels and challenges and one of the really cool things is then you can target yourself to try to solve the easier challenges because you can see what challenges have been solved by the most people. So that's pretty cool. And so that helps you target the flip side is of course we have a scoreboard with how everyone's doing and since this is a You know, this it'll be a one to one correlation between your grade and what you're seeing on the CTF. You know, if you don't want people to know that it's you and you want to hide your grade choose a random user ID. All your user IDs went away. So Those are all gone. You'll create new ones. So then when you create your hacker alias if you don't want to be associated with you just do something random if you do whatever do that, but it's up to you. So I'll make that clear. On the post, but I think that's all we're going to say about this now. Cool. All right. And yeah, so we're going to get started and start on network security. So we got a lot to cover here. We're going to And the goal here. So you've gone over a lot of different topics and that's kind of the goal of this class of 365 Is that we're trying to expose you to many different areas of security. You went through Crypto and authentication and authorization and access control and All kinds of cool stuff. So Now we're going to turn to network security. So we are going to go into the details of how networking works. We're not going to go into every detail. So we're not going So deep that like you would do in a networking course because obviously we don't have a whole course to cover this, but we you will understand how packets are moving. Throughout the network from, let's say me to you to other levels. So this will build a good base for you for for that. And it really comes down to and this is the yeah, what's up. Is that question. Okay, cool. So The kind of and the really interesting thing is so what I love about networking is we basically have like So we have this problem where and I'll use a zoom since we have this right so there's me there's zoom right I'm on zoom I And how are the pack. Sorry, I don't think you guys have actually suffered through my handwriting yet. So I apologize right off the bat. But somehow and we can see this is happening right somehow data is coming from me from my machine here is going out on the internet from here to zoom and then going to all of your home so that's That's you know it's something that's kind of crazy to think about so we're going to study how this actually happens and by the end of this you will understand how data moves on that route so And we're going to look at all the things and the really cool thing and what I like about networking is it's there's nothing magical here there's you know should we should dispel you of the notion that there's any kind of magic and computing it's all Everything is all knowable and so So in networking request for comments or RFCs are where you can find all the information and details about these networking components and how they work. So you can literally just read that to see how things work so We're going to start with and what we're going to be looking at is basically when we think of the internet. So what is the internet. What does an internet mean. Yeah, somebody want to put in the chat. Yeah, so actually internet stands for that's great and interconnected network right so And intranet is like your local so think about your local area network in your house if you have a Wi Fi router that you connected to that's your local area network And you're connected to an ISP so actually we can start filling out this diagram even with things that we know currently so we have my machine here. I have a I'm going to draw like this. This is my Wi Fi router. So I'm connected to my Wi Fi router. There's other stuff here like my phone. I don't know other devices and and all of this is under my ISP right so your internet service provider you're providing some service and then so what are they doing so they if if it was just think about So I have right now have Cox so if I had just if the internet was just everyone who had Cox, which is kind of how actually early days of AOL had where you could access and talk to other users of AOL but accessing the internet was actually really difficult. So the internet comes in where all of the ISPs are connected to each other so I'm going to draw kind of as nebulous clouds here so somehow my dad is going from My machine to my router out on my modem to Cox which then sends it somewhere else and there'll be some other thing that goes in there goes somewhere else bang bang to somewhere else and then finally over to zoom and then maybe back to you. So this is the reality of networking. And so how this all works is the internet protocol suite and if you think about it this is a crazy difficult problem because how many. So how many different operating systems and machines does everyone have let's say talking to the internet right now in your home, like I have a Mac, I have my iPhone, I have my iPad right now. Somebody has a Windows machine, I hope I have a Linux box somewhere in there that I use. I have my watch my Apple watch. What else does anybody. Yeah, I'm thinking of different types of operating systems and all of those machines have to be able to talk to each other and exchange data over yeah good consoles Xbox to switch at ps4. Some people have refrigerators Chromecast and Alexa, all these things are devices that need to be able to talk to each other. And so you have to have this is one of the really interesting things you have to have well defined protocols of how data actually gets sent otherwise you can't have any communication. You would only be able to imagine how horrible it would be if only Apple devices could talk to Apple devices are only Linux devices could talk to Linux devices that would cause massive problems. And so the suite of of protocols are all kind of known as the TCP IP protocol suite and we'll talk about this in a bit and the really nice thing here and one of the things I want you to be thinking about as we study the design here is thinking about these levels of abstraction and encapsulation so these. The IP stack is kind of built on these levels of different levels of abstraction and each level and protocol handles a different thing, but again everything is noble so there's protocols that handle at the link layer so specifically like actually my machine I'm using now is wired connection so it's a wired connection to my router. So how does the data that I'm sending go on the wire from my machine to the router. And then you have the question of how do we then cross packets so that's how it goes maybe one hop how does it go multiple hops out of there. How does data get transported and finally we have applications at the top so all is kind of the classic model when thinking about the TCP IP stacks. So at the bottom we have the physical layer on the top of that we have the link layer. Above that we have the essentially the internet or the internet protocol like the IP layer. Above that we have the transport layer and then finally we have applications on top of this so this is kind of a crazy thing to think about is to even get data from one machine to the other, you need to implement and handle all of these different cases. And then only when you do that can you do things like HTTP and DNS and NFS and SMTP. And one of the important things of this diagram should hammer home one of my. Massive pet peeves and something you can do to make it very clear that you don't know what you're talking about is to call the web the internet or the internet the web. So the web is basically HTTP and hyperlinks and that's just one application that runs on the internet. So, and just like so SMTP does any of you know what SMTP is for. Yeah mail so that's great so it's a simple mail transport protocol so emails don't don't act emails actually predate the web the web didn't come into existence until the early 90s I think like 92 basically, whereas we had SMTP. Before that people were sending emails before they could ever visit a website which is super cool. And now there's actually a lot of complexity in here of how all of these things work. So going back to this diagram. We basically have kind of at the link layer trying to understand how data gets from your machine to anything else on the local network, the IP. As we'll see is about how to get data between from one machine to the other. So basically TCP and UDP are different ways that we can transfer data and we'll talk about that in a second. Yeah, so people are talking about blockchain. I think the, the, the pitch is that, let's say, or the goal what people want is for blockchain to be another layer on top of here, especially if you think about Ethereum and smart contracts and those kinds of things would be another layer that people want to be on top of. I believe, I mean it's got to be using TCP basically to do everything that it needs to do, especially Bitcoin so Bitcoin has got to be at the application layer under TCP. Cool. All right. So, sorry, I'm skimming ahead. You're all already know this stuff right. Okay, cool, cool, cool, cool. All right, that makes sense. That's amazing. Yeah, I was wondering about the order of this but now it makes sense. Okay. Cool. So, the very first thing we need. So, let's think about this, like this diagram. So, I'll simplify it by getting rid of all that crap that I just added to it. You have me, right, you have me, my machine here, and we have zoom all the way on this other side. So, you're designing some system for machines to talk to each other. What do you need to know first. Yeah, you need some note, you need some notion of where do I send this data, right. So, how do I get, so when I say zoom, right, I just said me and I said zoom, but how do I actually get that data from me to zoom and actually a really good analogy that helps with this is think about has any of you ever sent a letter in your life, like mailed it with stamp and everything. Okay, thank gosh, I was a little bit worried. You have an envelope, right, so you have the envelope and on the front. So what are the things that you put on an envelope. So this will be the front. Yeah, so you need a stamp, you need to pay for it somehow. What else. The address you're trying to send it to and the name of the person. Since we're computer people will send this to foobar, blah, blah, blah, blah, blah, blah, blah, blah, how specific do you have to be on your redress. Has any of you ever tested this. I guess that's by the house of the location right so in the cities the state. Actually there's a fun fact. It used to be when towns were really small and this probably still exists in a small town. You could because the postmaster would know everyone's house so you could say, oh I'm sending this to foobar who's at the, the big red house past the cornfields, and they would. The local postmaster would probably be able to figure it out or ask around about who has who knows how to get to that letter so anyways it's kind of an interesting thing that we lost a little bit along the way. But so we can add this information right we can put a stamp we can put the name we can put the address and here the address would have to have things like in kind of a large hierarchy right what state. What city what zip code and what street, what street number on number on that street and what maybe what apartment number even so going more granular. Now this person so foobar got our letter they want to send us something back. How do they know where to send that response to. Yeah, we're missing a return address right so I'll put myself here and I'll put squiggles for my address, and I put now put my return address and so this this actually has two features right. So it's so that the person we send the letter to knows how to send it back to us what's the second feature. Yeah so who sent it is the first what's another feature. Yeah wrong address right so that the male system can actually give it back to you. So that's actually the second thing if the letter, let's say foobar doesn't exist or that place doesn't exist that letter can come back to you, and they know where to send it because it has your address on it Okay, awesome. We have exactly the same problem here in these computer systems we have two computers. We want to send data from one to the other and we can even think of data in this case as an envelope that we want to send. We want to send data from one machine to the other. What do we need. So, do we need a stamp. Yeah, not really. There have been some proposals for doing like micro transactions on data that you send or whatever but we need. So we don't necessarily pay for it, right. But what do we need. We need to pay for it when we use the internet exactly and actually if you want to think of how expensive. The internet was. I was just doing some research is why I'm full of AOL details but in like 95 an hour of internet from AOL at insanely slow pace that would make you gouge your eyes out, like 56 K modem was 350 an hour which I believe now is like slightly higher than it's like six and a half an hour, an hour for internet for slow internet. It's crazy. So think about that, you know now when you're complaining about your ISP and I definitely do as well so we okay so. So we need so we have our let's say, and let's you know, we can I like this little envelope thing so we have our envelope here. What do we need to do to send this to zoom. I need to some address right I need to say hey I want to do it like this. So I need some way to say hey I want to send this data to zoom and here's how to get to zoom. And I also probably want a return addresses well right I want to say hey here's how to get to m and this. And we'll actually see that this is super cool and all of the pieces that we've kind of been studying will click into place to and allow this to happen. So this gets us back to the address so we need to have and we call it an IP address right this is what people talk about when they say an IP address is exactly what they're talking about so each host. To be accessible each host needs one or more IP addresses on each of its network interfaces. So here when we say network interface and network interface could be an Ethernet port that you plug in Ethernet, or it could be your Wi Fi adapter, could be any number of things. So you've probably seen IPv4 addresses this we're going to focus on we won't touch IPv6 but IPv4 addresses are composed of 32 bits. What does that mean and how many number of IP addresses are there possible. Yeah, two to the 32 right perfect awesome. Yeah, this is kind of classic CS math right so we have 32 bits of information we can store up to from all zeros to all ones. So two to the 32 is the number of different IP addresses. Actually in practice it turns out to be less than that for several different reasons which will briefly touch on. And it's typically this these 32 bits so this is actually if we go back here, what we're doing if we were to zoom in on this letter. Right, so here I have my letter. I'm sending this letter to zoom. I'm not actually putting zoom. Right, I'm putting some IP address right so one zero zero one one zero zero one zero zero one zero zero one. It'd be really cool if I just wrote down 32 bits there. But anyways, so 32 bits here is actually what I'm sending. It's really cool so this is kind of crazy. So you can think about to talk to any machine on the internet all you need to know is a 32 bit integer. But how does that actually look in practice would it be super fun to write out the bits one zero one one zero one zero zero zero one zero one. Is everyone happy to write out binary. And no we don't want to do that. So actually it's like a weird happen stance. The 32 bits is separated into eight bit octets, and then we represent in decimal notation, each of the different octets so the first eight bits get represented at the start and turn to the decimal so this is the 149.169.175.207. So you've actually, as everyone has anyone, hopefully you've seen an IP address before, maybe, I mean people are putting them in chat so I guess if you're completely ignoring chat you haven't seen it. Yeah so here's a crazy thing. So that actually that IP address doesn't actually mean anything to the computer right the computer has to translate it into an, and an integer. Not just by translating them like you do a very fun fact so people were talking about. There's some special addresses like no wait no that's not the one I wanted. Right, so this is this is actually the entire and we'll talk about this in a second but I think it's a slash eight. It's anything that starts with 127 is your local machine. So this means this current machine that I'm on so this is why if somebody is tricking you and saying like oh yeah hack into me this is my IP address, they're actually hacking into themselves. Now the super funny thing is many web services will block and say if I see an address that's 127.001 I'm going to block it. Unfortunately there's actually a lot of different ways to represent IP addresses. I don't know it off hand, but if you convert this into a decimal number right so 127 is a certain number of bits 12345678 that's definitely not right but whatever 16 zeros and then five zeros and then a one, whatever that number actually represents. It's going to be something big 2372650010 whatever whatever that so translating it between there into an integer will actually in a lot of software will get you to local host so you can bypass filters that are looking for blacklisting 127001, which is pretty cool. Cool, so this is the base of all addresses so and part of the problem is organizations need a range of IP addresses to use so but but but we're going to kind of skip over some of this but anyways. So, I'm going to go with an example for this. Okay. Another 192.1. This is I know a slash 24, I think. I think it's 16. Anyways, okay. So, I'm going to see if I want to do this here do this later. Okay. Yeah, we'll we'll do this at right now. So, okay, what we want to do. So, we're an organization, we want all of our IP addresses to be in a similar range and we want to be able to tell what IP addresses are ours and what IP addresses are other peoples. So, that's like when I said here that 127.0.0.1. Let's say if I had a network where where everything with the exact same first eight bits are all inside my organization and controlled by my organization. I would call that a slash eight. So I'd say the first eight bits of the IP address are the network ID. So it means my network ID and the rest of them identifies the hosts inside my network. So if the first eight bits are fixed, how many hosts can I have in my network? Yeah, so somebody said a couple of people said two to the 24. Why would it be two to the 24? So we want to justify it. Yeah, so eight are unchanged. So eight are fixed out of 32. 32 minus eight is 24. And so all these are bits. So we know it's two to the 24. That's how many hosts we can have. Awesome. Maybe in a different network like my local network, I have the first 16 bits have to be the same. So what I do is I'd call that a slash 16 network. And I would so everything that's part of my network starts with the same first 16 bits. So it has to be 192.168 and everything else is in there. So how many hosts would I have in that network? Good to the 16. Awesome. What is that two to the 16? That should be something that we can calculate and somebody can put in my keyboards too far away. Yeah, 65. Yeah, that makes sense. That'll come up later. Right. And then we can have even smaller networks. We can have 192.168.10.1 and I can call it a slash 24. How many on that network? 256. Yeah, two to the eight, which is equal to 256. And the cool thing is, and it becomes a little bit more. So I chose these, these eight bit boundaries, right, which essentially line up with the decimal here, the decimal here, and the decimal here. Because they're easier to think about, but this could actually the boundary here between the host bits and the network bits and the host bits can be put arbitrarily. So you can have, you can have like a 10 is the other 0.113.0 slash you can have in a slash 11 network or whatever that that it can be. Let's see. No, it can be more than that. Anyways, can be placed at any bit there. These slides are wrong. I should update them. But anyways, the point is, you can put that kind of because this represents a binary address, you can put that anywhere. Let's see, I chose these. Oh, no, no, that's right. The 172.168. I can't remember what that is. Anyways, the reason why I picked these and has anyone seen IP addresses like this, like, let's start with 192.168.something.something usually.0.1 or 10.0 or 172. Yeah, what context have you seen those in? Yeah, and your local, your local network, right? So these are all, no, not local, it's called the private IP ranges. So you can look this up and and all of these are private IP ranges that so this means that what that means is there will be on the whole entire internet. There is no host that responds to 192.168.0.1. It's guaranteed that there should be no host that does that. The same with the 10 range and the same with, I can't remember the 172.168. Someone will have to look up exactly what that host and net ID is. Oh, Jan is calling me while I'm in the middle class. Thanks, Jan. I guess found a super, there we go. Do not disturb. Okay. No, you always send Jan to voicemail. Come on, what's wrong with you people? All right. So anyways, that's kind of an interesting point that this is why these IP addresses are used inside of your network because we know it's not possible to go out of there. Yeah, so how do you create an IP address? That is a super interesting question. You basically have to ask for one. So you have to and this is about a, so this should tell you because I said there's no 192.168.0. whatever on the wide internet. That means you nobody else can actually talk to your local machines, which actually ends up being a good thing, but we'll talk about that later. But yeah, you get a so for instance back up to the diagram. I have a public IP here from Cox. If you go to something like actually like IP chicken, but whatever you want, there's websites where you can see it. Don't post your IP address in the chat. It's, I don't know, it's better to avoid that but Cox gives you an IP address when you connect. And similarly zoom has an IP address and actually we'll see I need to and I'll get this into in a second. We'll dig in a little bit more, but it's not exactly zoom.com but let's say it is zoom.com. So through the protocol and I was going to say magic but I stopped myself of DNS DNS is a protocol that translates a name like zoom.com into an IP address. So this is why we don't have to remember IP addresses, think about how annoying it would be to remember the IP address of Google or Apple or Facebook or whatever right that would be incredibly annoying. So you DNS exists such that we don't actually have to worry about that. Cool. Okay, so we have that how to get addresses. Cool, let's pop back over here. So we're going to start with the IP protocol and look at how packets get on to the network from one thing to the other. So we're going to kind of do it in a little weird way we're going to start in the middle of the diagram and then we're going to pop down to look at the details there and then kind of pop back up. But since we talked about IP addresses so IP addresses are important to understand that there's addresses everywhere on the internet, and the IP protocol really represents kind of the glue. So it provides and I'm quoting here I believe from the RFC. It provides a connectionless unreliable best effort datagram delivery service. So what this means is best F so datagram is just packet is what that means so we call it a packet in networking. It really is just an envelope of data you can actually think of it like that it's just some data that you're sending from your machine to the next machine. Okay, what does connectionless mean. Sorry, not connected. Yeah there is no physical connection, but yeah this means. It means I don't have to have a pre established communication and connection with the other host that I'm trying to send data to I don't have to establish a connection so if you can all my analogies a lot of my analogies are phone based. I'm trying to actually remember does your cell phone have a dial tone when you like when you just know just a dial something right. I guess that doesn't work. Yeah. Anyways, the point is, you don't have to establish a connection to the remote system, you can just send a packet of information you don't have to actually establish a connection, which is kind of interesting. It's unreliable. What does that mean. Yeah, it just means exactly what it is it's kind of like the mail actually right like the mail does best effort it tries to deliver your letter, but they're not going to keep delivering it forever they're not going to hold it around until it finally can be delivered, your letters can be lost so this is what the internet protocol provides is it or I said shouldn't say it provides unreliable service, but it does not guarantee reliability what's the difference between that between guaranteeing reliability and being possibly unreliable. Yeah, the just kind of sends it without putting any protections. You have to do that yourself. Yeah, so it just it's. And we'll talk about this in a second but yeah it does it best effort right if it was completely unreliable who would ever actually use this right it's kind of. It's silly we wouldn't, you know, think about how much of our life uses the internet and if any of you I'm sure, especially during coven times if you've had an internet outage, when you're trying to attend classes that can be insanely frustrating, or even worse is when you have unreliable internet where packets get lost, like, I don't know I had it where it's happening 10 to 30% of the time of packets were lost, but intermittently it wouldn't happen constantly so I call the cable company to complain and they would say we did some stuff on our end did that fix it and we would say yeah it looks like it fixed it and then of course an hour later the same problem happened so that was crazy. Actually, yeah somebody has a question about a power outage or not a question but a comment about a power outage during a final. Do you guys know fish, probably not because he taught this class last semester. The power went out in his apartment complex and then he sent us a screenshot of his phone and the Wi Fi around him, and his was the only Wi Fi network that was on because he has his own backup power ups system. So he was still able to work and get internet during a bracket blackout so yeah that was pretty funny and it also made us realize that like, oh, the cable company actually must have a different power service right and then the building itself so. Yeah, that was super interesting if you ever want to learn about fish okay so unreliable best effort. But now think about this okay so it's the glue of the internet let's go back what does glue mean. I wish I could go to these slides faster. So let's go here. So IP is in the middle right it's actually how the packets get from one place to the other. It seems kind of crazy so you think about it so if I were to tell you, hey, I'm going to give you a couple. Let's say billion dollars now you're going to design for me a protocol that's going to be used by literally billions of not just devices but people so multiple billions of devices with multiple people who are accessing this protocol. What's your core going to be. Well, I'm going to build you a connectionless unreliable best effort datagram delivery service, where I'm not going to guarantee delivery integrity order. So this means so this means is I'm not even going to guarantee that your that letter that you sent ever gets to the target. I'm not going to guarantee that what you sent gets to the target right integrity what we talked about there's no guarantee that the packet that you send actually arrives in exactly the right way, or exactly how you intended it ordering. I am not going to guarantee if I send one letter and then the second letter, it could be that the recipient gets the second one first and then the first one. I won't even guarantee that I won't just make up accidentally multiple letters that instead the other side you send one letter but the other side gets 10 letters and bandwidth I'm also not going to guarantee bandwidth. So, if you're now put yourself in the funder shoes. Would you be, you know, happy giving a billion dollars over to somebody to build a what kind of sounds like a crappy system. So it's kind of. It seems silly what I mean propose this way and it's kind of intentionally so that's why I did that. But, but the question is, and we should think about it. What applications am I running on top of that. Right, so I have my internet protocol. What types of things do I have on top of that. Okay, so I have, let's think about these properties would you want, let's say you're browsing your banks website. Do you want something that's unreliable and best effort. Yeah, no, that would be very bad you wouldn't want to click. Yes, I'd like to buy GameStop stock 10 shares of GameStop stock, and actually 1000 of those requests actually arrive on the other side. And now you're on the hook for whatever 1000 for a bunch of stock that you didn't actually want right that seems crazy that seems like a bad idea of what you want. Now, now, but think about other protocols let's think about actually this call we're on right now with zoom. Right, so on this zoom call. So think about what's actually happening right now frames of my video are going out from me to zoom and then back and each let's say each frame currently is a packet right these packets come out. What happens to our communication right now if a packet is lost. Yeah, why nothing. Would you even notice. Yeah, there's so many packets right they're going one after the other and my audio is going as well so maybe if a video call frame is dropped. You wouldn't even be able to tell, maybe if my audio drops you could actually pick up based on my mouth what I'm trying to say right. So, and would you want a video service that guaranteed that every frame got there, even if it meant. So when there was a network problem and a packet and a packet got lost, then all my other video waited and waited until you finally got that one frame and then the other frames came up. Right, no you wouldn't want that that would actually be a really terrible video service so this is actually one of these things that's actually brilliant about this Internet protocol it actually doesn't provide a lot of these services and what that allows. And I'm going to go back to these slides. What it allows is because this IP layer doesn't guarantee anything. It means that other applications on the top so I can build a video chat application on the top and not require that every packet always arrive. Think about the other thing games right so the other thing is games right how do games essentially work. There's a central server that's keeping track of the entire state of the game. There's all these clients that are sending their status of what they're doing to the server and then the server sending them updates on where all the status is. Right. And so if, if I have to wait because somebody else dropped their packet and I'm not getting any other status updates by the time that packet gets there it may already be too late maybe the users already done something different. So it seems like at first glance a kind of a crazy thing of why would you want the core of your networking layer to not provide these really good things. I'd say the one thing it probably they definitely overlooked that they shouldn't have was integrity that's something that we would want. They gave us the flexibility to build other types of protocols and we can actually pick and choose what we need do we need reliability do we not need reliability it's actually it's super cool so it's something that looks silly when on the face of it but actually is very cool. Yeah, and so the whole idea is at the IP level if I have a an IP address that means I can send a packet to you. So any two nodes as long as they have an IP address and implement this protocol correctly and all the other protocols on the stack as we'll see, they can talk to each other. And that's the magic of the internet. Okay. Cool. And so now I'm going to show you this is so I mentioned the RFC is the request for comments. This is a diagram directly from RFC RFC 791. And this is what an IP datagram looks like. And so this is in 32 bits from the 0th bit to the 32nd bit. And we're going to look at this and try to understand and this is really what when we looked at this diagram. This is what gets put here in the in the address column so to be able to send it we need to send a bunch of information. So the very first thing we send is the version of IP that we're sending so it's the first four bits. And this is why is the version the first thing wouldn't you think that the thing I care about is the destination where is this this envelope going. So that should be the first thing is what's the address. Yeah, so there's some good stuff in the chat exactly so yeah, and this is a really good example of really good engineering of protocols. Okay, you need to read those first four bits in order to even understand the rest of the packet and this allows us in place upgrades so we can upgrade to a different version like IPv6, which completely changes how I parse the rest of the packet but as long as I parse those first four bits. Now I know how to parse the rest of it. It's super cool. Okay, so there's a bunch of stuff in here. I'm not going to get into everything you can actually read the RFC and learn exactly what everything's for. We have the total length and bytes of the of the message. We have an identifier which I'm not sure how deep we'll get into but we'll see that in a bit. Possibly, we have some flags that can get set. Okay, so the identifier and the fragment. What happens is, when you have that beautiful layers, you the, the marketing. Hello. Okay, so the marketing here is aha. At that level, you only need to care about IP. So an IP packet can be as big as I think it's 65,000 bytes. So it was 16 bits right so to the 16th was 65,000. So it can be 65,000 bytes. Now, the question is, can, can your actual layers that transport that information can Wi Fi packets and frames be up to 65,000 bytes. Maybe it's not bites maybe it's bits but whatever. It doesn't matter for the point here. It seems like it's too big right and actually Ethernet so you think Ethernet. I don't know about you but as soon as we like the pandemic started I basically switched everything over to Ethernet. I should have like massive cords running throughout my house. Since I'm on zoom constantly all day I don't want to deal with any jitter from Wi Fi or anything. So, but IP Ethernet frames are capped at 1500 bytes total. What actually happens is the IP layer tries to send a packet, and then the link layer says hey I can't send or the physical layer even will say I can't send this this is way too big. So IP itself has to have a mechanism to deal with it so that is where we get the. That's where we get the identifier in the fragment so there's actually a way that the operating system can say oh this packet's too big I'm going to split it up into a number of different so it's like taking a huge envelope that you're trying to send and cutting it up and now you need to put on that envelope okay which one was the first one and they're all from the same envelope so I'm going to put the identifier here that identifies that each of these fragments are part of the same envelope. And then I need to know the offset so the one at the start will be the zero with offset, the one 10 bytes or 1500 bytes after there will be the 1500 bytes and anyway so that those information can all go out and then the other side can get it and receive all of them. We have another field which sounds really cool and that kind of is the time to live. So, you know we talked about that the mail doesn't just like hang on to letters forever I guess why doesn't the mail system hang on to letters and just keep trying to deliver them. Yeah get full right so now think about I'm sending packets into the internet and it's just like floating around or what actually yeah can happen is an infinite loop where packets actually go back to the same place and they get stuck in this loop. And you know technically they could just like stay there forever but eventually they'll overflow things and packets will drop. So to prevent that there's a field called the time to live field that's actually used for network reconnaissance which we'll talk about later. But the idea is this is the number of hops so specifically like here a hop would be from from my machine to the router and then the router to Cox and then Cox somewhere else and over here. All of these and will you know you'll you know you understand networking when you really in your bones understand exactly what happens in each of these hops and we will go over that in this class of what's going on here so. At every hop that time to live value is decremented so it starts high and then at a high level and then gets decremented down, and then when it hits zero. The router that has it like drops that packet and says okay I'm not going to deal with this packet anymore because it's time to live value is too low. So we have something that says the protocol and we have a check some of this header so. We'll talk about that in a second, and then we have the source IP address and the destination IP address these are just like the letters that were used to talking about in the mail. We have a 32 but in this case it's a 32 bit number with source IP and a destination IP. We have some options and padding and then finally the data of the header. So you can see we actually have a decent amount of overhead on this packet of information that has to be there so the header thing has to be there. I claimed that there was no integrity on at the IP level, yet I see there's a header checksum so what's the difference between a checksum and like an integrity check. So checksum is so checksum is some kind of algorithm that let's say XORs all the bits of the packet and make sure that at the end it's one that would be one type of header checksum. So the way this works is it XORs everything together and make sure that it equals what's ever in the header checksum, but basically what it means and checksums are good at detecting if one bit is flipped and actually anybody do any work or deal with credit cards Yeah, so credit card numbers themselves have a I think it's a loon check LUHN or something like that. Somebody can link it in the chat. The loon check is a way that you can actually verify if a credit card is a valid looking credit cards but that way people can detect when a, if somebody has accidentally input the wrong credit card. The other algorithm is basically a checksum. So checksums are good for a specific, you know, testing if a bit is flipped but part of the problem with a lot of them if one bit flips one way and the other bit flips the other way it's, it doesn't detect that and fundamentally, an attacker can overwrite the header checksum or do anything they want to do to this packet. Cool. Okay. So we have this. Okay, cool. And so this is all that information that goes onto your packet. Wait for me to skip. I got to figure out this iPad better. Anyways, okay. So the way this basically works is your IP packet will then get incorporated into the lower levels and we'll actually look at what those look like in a second. So we have your so your IP header and your IP data go into the, the link layer so they become the frame data and your frame data adds another frame header. So what actually arrives has all of these headers on it with the actual data as part of it. Okay, now we're going to look at the case of. So now we know, roughly, we have a rough idea and understanding of, okay, this looks pretty easy, right. I know if I have. If I know my IP address, and I know zooms IP address, I could make a packet using all that information I just said, and send it out and get a packet to them. Right. We're not quite there, but we have our goals in mind, right, we want to be able to send a packet there. But what we need to take care of first. So, as the packet goes from us to zoom, it has to first go from us to our router, or ours, or a switch and and that is called direct delivery. So, and this gets back into. It actually gets back into these IP address ranges so when a machine so you're a machine your machine boots up, we won't get into it but there's a. So DHCP is just a protocol where your machine when it boots up can say your computer says hey, I need an IP address I don't have an IP address, and then your router will actually listen for that and respond and say okay. Hey, new machine your IP address is this, and it will give you an IP address, or you can configure your computer with a static IP address so you can say in your settings. My IP address is one nine two one six eight and we'll talk about all the information you need. Can you hear me now. I was like us be lost on what happened, maybe I accidentally unplugged my mic. Okay. Alright, so for our. So, for us to exist on the network we must have an IP address. So, I have my machine boots up. I use DHCP and I say hey I need an IP address I don't know what my IP address is and it the somebody responds one nine two dot one six eight zero dot 10 will go with 10. That's one piece of information I need. What is my IP address. Now, going back to this diagram. So, I have my IP address great, but I need to know when I'm sending data. Am I sending it. Am I sending it to my, my, let's say my Xbox on my local network, am I sending it to my switch or my sorry my router. Who am I sending it to or am I sending it to zoom. And the difference as we'll see, basically the difference is, who's on my local network where I can to send packets to directly versus who do I have to send it so that it hops to some other network. So, what we also need is a way to tell who's on my local network versus who's not on my local network. And that's with the this exact thing that we just talked about of these IP addresses so your computer, your, sorry, the DHCP address or if you're setting up static networking will say this is your IP address so it'll tell you the IP address, and it'll tell you the network now. I'll go the slash 24 for now. So, this has a couple different names which can be very confusing. It could be if you're looking at it net mask, or sider is one term that you, we, you'll see. But it's basically a way we'll always do it in this format because it's very easy the net mask version actually shows you all the bits that are one. It could be all eight ones is 255 so be 255 dot 255 dot to almost got it 255 dot zero. And what this net mask means is, if you take that integer, and you and it with an address that tells you if it's if with your address that tells you what your network is. So the first 24 bits are all one, but the most common way of seeing it is in this kind of slash 24. Let me look at my computer real quick and see how it shows it. You may have to go into like advanced TCP IP. Yeah, so mine has my IPv4 address and my subnet mask which shows me 255 255 255 dot zero which exactly what I thought it would be. So now with this information. So now if I know, okay, this is my IP address, and this is my net mask slash 24. Now I can, my computer has all the information it needs to be able to answer the question like, and it's so now anytime my computer wants to send a packet. So it says, Okay, hey, I have a letter here for you. So the destination IP here is 192 dot 132 dot zero dot 100. And so now my computer has to ask local. So is this IP address on my local network. If no or if yes why stick to your guns. So it starts with 192. 24 means where's the network boundary right here on this octet so this means this is the network local network. And this is the host. So this means the first four bit 24 bits have to be exactly right. Yeah, great. So we'd look here we'd say is this the same one and two one six eight zero one and two one three two zero no. So it's a not local. And then we'd figure out what to do there we'll talk about it in its in the second. Okay, great. What about like up there. What about I want to send a packet now to 192.168.1.10. Is it local. No. 192.168.0.1 10. Yes. Okay, cool. And you can see that by changing you know I could change. Now if I change this to a slash eight. Would this be a local address. Sorry, you can't see where I'm posting. Now we'll ask these questions again. So is if it now it's a slash eight is 192.132.0.100 local. Yes, what about 192.168.1.10. Yep. And 192.168.0.1.10. Yep, all three are. And I'm going to do this one more time just to drive this home. Or actually I'll just leave this here and you can figure it out so now if it's a slash 16 which of these are in and which ones are out. Okay, cool. So you're understanding the first step of look of networking so I want to send a packet I know the address I want to send an IP packet. I need to know is it a local address or not. And this is how we can tell, because if it's local, then we do direct delivery. So yeah here's an example. So the network says another way a third way of representing the net mass this is saying the sub network is 111.10.20 this means. In our parlance we'd say this is a slash 24 because everything that begins with 111.10.20 is in the same net. Okay, so we have a we'll get into the MAC addresses in a bit. Actually, just in a second. So I'm machine 111.10.20.121. I want to talk to 111.10.20.14. And so I'm going to make that IP packet just like we talked about I'm going to say great, you're I know you're on my local network that means I can send this packet directly to you. So anyone on my local network I should be able to send a packet to and they should be able to receive it. But I need to know how to actually send that to them. I actually so those other numbers underneath is. So the subnet mask needs to be the same for every machine on our net. Otherwise we won't be able to talk to each other. So the subnet mask is for all the machines so they all are in a slash 24 so they know from their IP address they can derive their sub the subnet work. I need to actually send it at the link layer because we've only been talking about IP so we're going to get into these other we actually have another type of addresses that address address your your essentially your network card at the link layer. So that has to get out so now we need to go dig into the link layer to figure out how to do that. I usually never do this but I will send you got a midterm coming out today I will let you out early. Feels weird. I feel like I don't like it. Now everyone come back in we'll keep going. I'm just kidding. All right, so we'll stop here at ethernet frame and we'll. Now we got a lot to dig in here I don't think it makes sense to power through. We'll come back here and I'll see y'all on here on Monday and I'll see the people who are watching this on Thursday on Tuesday.