From d58b49d37a4cd2f9a962901bbe4f735159617a23 Mon Sep 17 00:00:00 2001 From: shockrahwow Date: Mon, 30 Sep 2019 19:32:10 -0700 Subject: [PATCH 01/15] fluff --- 412/.gitignore | 2 ++ 1 file changed, 2 insertions(+) diff --git a/412/.gitignore b/412/.gitignore index 01eb391..fc36ee6 100644 --- a/412/.gitignore +++ b/412/.gitignore @@ -1,2 +1,4 @@ *pdf homework/ +todo.md + From ec59aba7546e348990006aa7040850fb86206e6d Mon Sep 17 00:00:00 2001 From: shockrahwow Date: Mon, 30 Sep 2019 19:32:39 -0700 Subject: [PATCH 02/15] basic notes about the mail services lecture --- 412/mail.md | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 412/mail.md diff --git a/412/mail.md b/412/mail.md new file mode 100644 index 0000000..4986b38 --- /dev/null +++ b/412/mail.md @@ -0,0 +1,22 @@ +# Email Service + +> Standards + +Try to keep things with standard protocols + +> Automation + +Have some system that can create emails for you instead of manually creating them + +> Redundancy + +Backup mail servers to insure against partial loss + +> POP/IMAP + +Most servers accept IMAP and not POP anymore + +> Encryption + +For the most part we use SSL on the mail server to retain privacy among the users. + From 7812acef46d1caf7205b6b81b4e5fb480e8f7114 Mon Sep 17 00:00:00 2001 From: shockrahwow Date: Mon, 30 Sep 2019 19:34:36 -0700 Subject: [PATCH 03/15] note about backing up data --- 412/data.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/412/data.md b/412/data.md index 697778b..d7f792f 100644 --- a/412/data.md +++ b/412/data.md @@ -35,6 +35,10 @@ Outsourcing the storage for users to services like Onedrive because it becomes t Ensure that the OS gets its own space/partition on a drive and give the user their own partition to ruin. That way the OS(windows) will just fill its partition into another dimension. -# Print Services +# Backup + +Other people's data is in your hands so make sure that you backup data in some way. +Some external services can be nice if you find that you constantly need to get to your backups. +Tape records are good for archival purposes; keep in mind that they are slow as hell. From 6d262822476cef99863ecf8a407e723e18788e56 Mon Sep 17 00:00:00 2001 From: shockrahwow Date: Mon, 21 Oct 2019 19:08:02 -0700 Subject: [PATCH 04/15] midterm notes for 412 --- 412/midterm.md | 40 ++++++++++++++++++++++++++++++++++++++++ 412/monitoring.md | 12 ++++++++++++ 412/pass.md | 5 +++++ 3 files changed, 57 insertions(+) create mode 100644 412/midterm.md create mode 100644 412/monitoring.md create mode 100644 412/pass.md diff --git a/412/midterm.md b/412/midterm.md new file mode 100644 index 0000000..da1e183 --- /dev/null +++ b/412/midterm.md @@ -0,0 +1,40 @@ +# Midterm Sample Questions + +Difference between NAS and SAN? + +Subnet: + +* What kind of class is the given IP? + +* What is the subnet mask, network address, etc? + +* Subnet addresses? + +`Host & subnet mask(classless)` + +BTW: this is the analog of the network address(classful addressing). When we talk about network addresses we are implying a classful network. + +* Subnet bits + +i.e. 21 => 8+8+5+0 <= `5` is the odd one out so we have _5 subnet bits_ + +* VLSM - Variable Length Subnet Mask + + +Suppose we want to assign addresses to the following networks with x many hosts. +A:600; B:1000; C:200 + +`150.180.0.0/16` +`150.181.0.0/16` + +Start with the largest network B : requires 1000 hosts. + +Hosts part requires 10 bits so we have an IP/22. + +Network address then is (subnet address)150.180.0.0/22 - (broadcast address)150.180.3.231/22. +**NOTE:** we don't go up to to 255 on the end because: + +A. We only need 1000 hosts +B. We effectively "reuse" the 150.180 prefix to fit the next network; basically we use a "host" as a network. + + diff --git a/412/monitoring.md b/412/monitoring.md new file mode 100644 index 0000000..ded8cff --- /dev/null +++ b/412/monitoring.md @@ -0,0 +1,12 @@ +# Service Monitoring + +Several types of monitoring: + +## Building Monitoring System + +If your monitoring a lot of _stuff_ know that you will could have lots of stuff going across the network(in some cases). +Know that we have to _get data, store data, and ultimately view data_. + +## Historically + +SNMP: Usually you will get back a ton of data diff --git a/412/pass.md b/412/pass.md new file mode 100644 index 0000000..1f4e585 --- /dev/null +++ b/412/pass.md @@ -0,0 +1,5 @@ +# OpenFiler + +> both on the browser and the regular user account +openfiler +openfiler From 35a281ab8e89baea4c153bb066d2deff28d48985 Mon Sep 17 00:00:00 2001 From: shockrahwow Date: Mon, 21 Oct 2019 19:26:18 -0700 Subject: [PATCH 05/15] removed probably incrorect statements from midterm notes --- 412/midterm.md | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/412/midterm.md b/412/midterm.md index da1e183..1100158 100644 --- a/412/midterm.md +++ b/412/midterm.md @@ -31,10 +31,6 @@ Start with the largest network B : requires 1000 hosts. Hosts part requires 10 bits so we have an IP/22. -Network address then is (subnet address)150.180.0.0/22 - (broadcast address)150.180.3.231/22. -**NOTE:** we don't go up to to 255 on the end because: - -A. We only need 1000 hosts -B. We effectively "reuse" the 150.180 prefix to fit the next network; basically we use a "host" as a network. - +Network address then is (subnet address)150.180.0.0/22 - (broadcast address)150.180.3.255/22 +**NOTE:** I included both the subnet(network) address and the broadcast for sake of brevity. From d6ded4c8c390a0bf2726737c39d2877a153333e9 Mon Sep 17 00:00:00 2001 From: shockrahwow Date: Tue, 22 Oct 2019 10:30:19 -0700 Subject: [PATCH 06/15] basic intro hash material --- 312/notes/hash.md | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 312/notes/hash.md diff --git a/312/notes/hash.md b/312/notes/hash.md new file mode 100644 index 0000000..c1dbe23 --- /dev/null +++ b/312/notes/hash.md @@ -0,0 +1,26 @@ +# Cryptographic Hash Functions + +## Random Jargon + +_If you made it this far you know what all of this is but we need these terms because "muh academic vernacular"_ + +* Variable Length Input +* Fixed size output + +```python +a = { + 'first', + 'second', +} +``` +Both `first` & `second` as inputs result in distinct references of the same size. + +* One-way property + +You should **not** be able to use a hash result(i.e. reference) to find an input. + +In English: _Only inputs can find outputs, not the other way around._ + +* Two-way property/ Collision-free Property + +**2** identical data inputs will map to the same output From e00f8f1d1ec2cf4b57eccdff8d0b1d1bad52bcc3 Mon Sep 17 00:00:00 2001 From: shockrahwow Date: Tue, 22 Oct 2019 10:49:01 -0700 Subject: [PATCH 07/15] notes about hash security --- 312/notes/hash.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/312/notes/hash.md b/312/notes/hash.md index c1dbe23..8bc362c 100644 --- a/312/notes/hash.md +++ b/312/notes/hash.md @@ -24,3 +24,15 @@ In English: _Only inputs can find outputs, not the other way around._ * Two-way property/ Collision-free Property **2** identical data inputs will map to the same output + +## What does a hash provide? + +* Integrity checks + +* Message Digest / Authentication + +_Hashes are not secure ffs_. When we say authentication we really mean that we are checking to ensure there has been no changes to the original message. +_NOTE:_ this really doesn't guarantee anything in communications susceptible to man-in-the-middle attacks. + +Let's get real for minute: Think of it this way a message is like a car and the key is our hash. If the key doesn't fit in the slot then its not our car, **but** if we sent our car + key oversees whoever steals the car + key has full control and we lose security effectively. Using SSL is _kinda_ like putting that car + key combo in a box that nobody except the recipient can open. + From 5e934bca1dacc7a32e01c3b84795f31990fa1393 Mon Sep 17 00:00:00 2001 From: shockrahwow Date: Tue, 22 Oct 2019 11:04:44 -0700 Subject: [PATCH 08/15] reflecting the actual directory structure now --- readme.md | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/readme.md b/readme.md index b4ecc28..26194f6 100644 --- a/readme.md +++ b/readme.md @@ -1,9 +1,27 @@ -# CSUMB NOTES +# Prelim to Students + +Some of these courses are very bs'd or missing information. +This is (mostly) intentional: some courses cover lower division material that I couldn't be bothered to write down in this repository. + +Also I'm basing lower division material on the curriculum of [Irvine Valley College](http://ivc.edu/Pages/default.aspx). + +# Directory Guide ## 311/ - Introduction to Networking and internet Programming +## 312/ - Network Security + +## 334/ - Operating Systems + ## 337/ - Introduction to Computer Architecture +## 338/ - Software Design + +**Oh boy**: I'm gonna level with you I took nearly no notes so instead I'm providing a decent source for learning design in software: + + ## 363/ - Introduction to Database systems +## 370/ - Algorithms +## 412/ - Network Administration From 0c606cf9857955bea4d49d9cb0adbe65cd9d32c1 Mon Sep 17 00:00:00 2001 From: shockrahwow Date: Tue, 22 Oct 2019 11:06:40 -0700 Subject: [PATCH 09/15] note about hashing guarantees in 312 hashing notes --- 312/notes/hash.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/312/notes/hash.md b/312/notes/hash.md index 8bc362c..46eb9d1 100644 --- a/312/notes/hash.md +++ b/312/notes/hash.md @@ -34,5 +34,5 @@ In English: _Only inputs can find outputs, not the other way around._ _Hashes are not secure ffs_. When we say authentication we really mean that we are checking to ensure there has been no changes to the original message. _NOTE:_ this really doesn't guarantee anything in communications susceptible to man-in-the-middle attacks. -Let's get real for minute: Think of it this way a message is like a car and the key is our hash. If the key doesn't fit in the slot then its not our car, **but** if we sent our car + key oversees whoever steals the car + key has full control and we lose security effectively. Using SSL is _kinda_ like putting that car + key combo in a box that nobody except the recipient can open. +**Let's get real for minute:** Think of it this way a message is like a car and the key is our hash. If the key doesn't fit in the slot then its not our car, **but** if we sent our car + key oversees whoever steals the car + key has full control and we lose security effectively. Using SSL is _kinda_ like putting that car + key combo in a box that nobody except the recipient can open. From 4fa43b710a963b9dc1122d1d8bf62fd27c43331d Mon Sep 17 00:00:00 2001 From: shockrahwow Date: Tue, 22 Oct 2019 11:34:41 -0700 Subject: [PATCH 10/15] last meta note regarding material in this repo --- readme.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/readme.md b/readme.md index 26194f6..47636cd 100644 --- a/readme.md +++ b/readme.md @@ -1,3 +1,8 @@ +# Everyone else + +To some degree these notes are personal so there are a few mistakes that I just can't be bothered dealing with. +Some mistakes however are just because I wrote those notes during class, likely rushed but meh just take it with a grain of salt sometimes. + # Prelim to Students Some of these courses are very bs'd or missing information. From 79e0d59cacbe1e89f534e0d49f1716311d6a37ab Mon Sep 17 00:00:00 2001 From: shockrahwow Date: Wed, 23 Oct 2019 18:30:15 -0700 Subject: [PATCH 11/15] vlsm example problem --- 412/vlsm.md | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 412/vlsm.md diff --git a/412/vlsm.md b/412/vlsm.md new file mode 100644 index 0000000..bcc9b23 --- /dev/null +++ b/412/vlsm.md @@ -0,0 +1,18 @@ +# VLSM Examples + +Say we have the IP: 210.19.14.0/24 + +We want to create to networks which support this many hosts + +* A: 1000 hosts +* B: 500 hosts + +Doing A first(because it's bigger): + +Third octet in our IP has the bit pattern of `0000 11100` + +If we want to support 1000 hosts we need to borrow the last two bits of that pattern: + +> __problem__: one of those is 1 which means we can't borrow it as its part of our given network address. + +Thus this problem then can't be done given this information. From 51e45aeffbd7a0716cfdea6c5b49327739577d33 Mon Sep 17 00:00:00 2001 From: shockrahwow Date: Wed, 23 Oct 2019 18:42:23 -0700 Subject: [PATCH 12/15] vlsm example complete and correct --- 412/vlsm.md | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/412/vlsm.md b/412/vlsm.md index bcc9b23..e0b61ee 100644 --- a/412/vlsm.md +++ b/412/vlsm.md @@ -1,9 +1,10 @@ # VLSM Examples -Say we have the IP: 210.19.14.0/24 +Say we have the IPs: 210.19.[14 -> 19].0/24 We want to create to networks which support this many hosts +## Part A * A: 1000 hosts * B: 500 hosts @@ -16,3 +17,17 @@ If we want to support 1000 hosts we need to borrow the last two bits of that pat > __problem__: one of those is 1 which means we can't borrow it as its part of our given network address. Thus this problem then can't be done given this information. + +If we had been given x.x..12.0 we could do it because 12's bit pattern is `0000 1100`, which leaves the last two bits as 0's that we can use for the hosts. + +## Part B + +This time we need to support 500 hosts so we need 9 bits for the hosts. This time we can use `x.x.14.0` as our network address + +Our mask is /23 `255.255.154.0`. This leaves our network address as `210.19.14.0`. + +* The first host is x.x.14.1 + +* The last host is x.x.15.254 + +* Broadcast is x.x.15.255 From 98465329950c1d80ef82fc4865bd729783929219 Mon Sep 17 00:00:00 2001 From: shockrahwow Date: Thu, 24 Oct 2019 10:06:18 -0700 Subject: [PATCH 13/15] restructuring 312 notes layout --- 312/{notes => }/1.md | 0 312/{notes => }/ciphers.md | 0 312/{notes => }/crypt1.md | 0 312/{notes => }/hash.md | 0 312/{notes => }/math.bc | 0 312/{notes => }/public-private.md | 0 312/{notes => }/readme.md | 0 312/{notes => }/rsa.md | 0 312/{notes => }/topics.md | 0 9 files changed, 0 insertions(+), 0 deletions(-) rename 312/{notes => }/1.md (100%) rename 312/{notes => }/ciphers.md (100%) rename 312/{notes => }/crypt1.md (100%) rename 312/{notes => }/hash.md (100%) rename 312/{notes => }/math.bc (100%) rename 312/{notes => }/public-private.md (100%) rename 312/{notes => }/readme.md (100%) rename 312/{notes => }/rsa.md (100%) rename 312/{notes => }/topics.md (100%) diff --git a/312/notes/1.md b/312/1.md similarity index 100% rename from 312/notes/1.md rename to 312/1.md diff --git a/312/notes/ciphers.md b/312/ciphers.md similarity index 100% rename from 312/notes/ciphers.md rename to 312/ciphers.md diff --git a/312/notes/crypt1.md b/312/crypt1.md similarity index 100% rename from 312/notes/crypt1.md rename to 312/crypt1.md diff --git a/312/notes/hash.md b/312/hash.md similarity index 100% rename from 312/notes/hash.md rename to 312/hash.md diff --git a/312/notes/math.bc b/312/math.bc similarity index 100% rename from 312/notes/math.bc rename to 312/math.bc diff --git a/312/notes/public-private.md b/312/public-private.md similarity index 100% rename from 312/notes/public-private.md rename to 312/public-private.md diff --git a/312/notes/readme.md b/312/readme.md similarity index 100% rename from 312/notes/readme.md rename to 312/readme.md diff --git a/312/notes/rsa.md b/312/rsa.md similarity index 100% rename from 312/notes/rsa.md rename to 312/rsa.md diff --git a/312/notes/topics.md b/312/topics.md similarity index 100% rename from 312/notes/topics.md rename to 312/topics.md From a441ac65e109a6e1b6900c887d516e2219d53638 Mon Sep 17 00:00:00 2001 From: shockrahwow Date: Thu, 21 Nov 2019 11:24:48 -0800 Subject: [PATCH 14/15] wirelses abstract notes --- 312/wireless-sec.md | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 312/wireless-sec.md diff --git a/312/wireless-sec.md b/312/wireless-sec.md new file mode 100644 index 0000000..23d6b6e --- /dev/null +++ b/312/wireless-sec.md @@ -0,0 +1,15 @@ +# Wireless Security + +Let's go over the biggest most issue with wireless networks/communications + +> Wireless signals must be broadcast + +This means if _anything_ wants to communicate wirelessly then, everything/everyone will be able to hear those messages. +This also means that wireless receivers have to filter through a ton of noise/signals that aren't meant for it. + +Taking the more innocent approach for a minute: it's kinda like walking around a crowded place, while talking to someone, you _can_ hear other people but mentally you are discarding other conversations as you're paying attention to the person you are talking to. + +> DOS - Denial of Service + +Furthering the crowded room example if you and a friend were talking and someone else started screaming talking to them would become much harder/impossible at some point. + From c746dd5ef9c9cabe681ebe2d591829c507b0446d Mon Sep 17 00:00:00 2001 From: shockrahwow Date: Mon, 25 Nov 2019 17:51:07 -0800 Subject: [PATCH 15/15] random subjects for 312 --- 312/kerberos.md | 8 ++++++++ 312/key-dist.md | 35 +++++++++++++++++++++++++++++++++++ 2 files changed, 43 insertions(+) create mode 100644 312/kerberos.md create mode 100644 312/key-dist.md diff --git a/312/kerberos.md b/312/kerberos.md new file mode 100644 index 0000000..a7b5454 --- /dev/null +++ b/312/kerberos.md @@ -0,0 +1,8 @@ +# Kerberos + +Method of distributing keys where we deal with clusters made of two parts: + +* Authentication server +* Ticket-granting server + + diff --git a/312/key-dist.md b/312/key-dist.md new file mode 100644 index 0000000..6f1aec6 --- /dev/null +++ b/312/key-dist.md @@ -0,0 +1,35 @@ +# Key Distribution + +A wants to talk to B but securely(duh). +A trusted third party steps in to provide keys + + +## Needham-Schoeder + +> _used to authenticate users_ + +Say we have A & B that want to talk. + +``` +A sends (IDA, IDB) to KDC +KDC sends Enc(SessionKeyA, IDB, Nonce1, Enc(SessionKeyB, SharedKeyA, IDA)) to A +A sends Enc(SessionKeyB, SharedKeyB, IDA) // this bit came in the package from last round +... +... +``` + +## Denning + +Fixes step 3 with timestamps. We also shorten the overall process. +Problem: both parties need to be time synchronized. + +NOTE: the Sessionkey below is shared between A and B. THe SharedKeyX is shared between the Key Distribution Center and the user. + +1. A sends {IDA, NonceA} B +2. B sends {NonceB, Enc(SharedKeyB, [IDA, NonceA, TimeB])} to KDC +3. KDC sends {Enc(SharedKeyA, [IDB,, NonceA, SessionKey, TimeB), E(SharedKeyB, [IDA, SessionKey, TimeB]), NonceB} to A +4. A sends {E(SharedKey, [IDA, SessionKey, TimeB]), E(SessionKey, NonceB} to B + +## Kerberos + +The model itself can be thought of similar to