我的收藏周刊071

发布时间 2023-08-08 12:58:13作者: LionelGeng

文章分享

  1. Wireshark with SAP Dissectors for Ubuntu and macOS
    可以学习一下如何支持不同系统不同版本wireshark插件的方法。

  2. Linux Kernel Neighboring Subsystem Overview by Rami Rosen
    wiki.linuxfoundation.org上一篇介绍linux邻居子系统的文章。

  3. Building Display Filter Expressions
    Wireshark的filter可以有什么格式,比如网段IP可以表示为ip.addr == 129.111.0.0/16

  4. DMCA Takedown Policy
    GitHub's Guide to the Digital Millennium Copyright Act, commonly known as the "DMCA."

  5. Windows 下通过 docker + frrouting 构建bgp路由拓扑
    Windows 下通过 docker + frrouting 构建bgp路由拓扑,写的很详细,其中搭建开发环境这部分很有用。

  6. BGP协议的几个CVE漏洞简述
    BGP协议相关的CVE漏洞描述,还可以参考这里

站点分享

  1. USTC LUG
    中国科学技术大学 Linux 用户协会是由中国科学技术大学在校的 GNU/Linux 爱好者发起并组成的团体,旨在联合科大的 GNU/Linux 使用者,搭建信息交流共享的平台,宣传自由软件的价值,提高自由软件社区文化氛围,推广自由软件的应用。

  2. 校园联合镜像站
    可以通过packet名字查找高校镜像站中提供的mirror资源。

  3. Gitee 极速下载
    Github上不去的时候,有些project可以在这里找到镜像。

  4. Alcatel-Lucent 7705 SERVICE AGGREGATION ROUTER OS | RELEASE 6.1.R4
    Nokia 7705S Manual Page。以前看Cisco, Juniper, Arista的用户手册,Nokia的用户手册看起来也很详细。

  5. quagga doc
    Quagga online documentation.

博客分享

  1. Alrisha
    Alrisha.cn, FAWC的blog.

  2. spwpun
    Spwpun's Blog,现在发现即使github.com上不去,github.io也可以上去。

书籍分享

  1. Understanding Linux Network Internals
    这里是oreilly上的目录,没有完整内容,不过有些时候可以参考。

工具分享

  1. arp-scan
    这里是源码实现。使用arp扫描局域网,相对于ping来说arp更准确,因为最新的Windows管理了默认响应ping的功能,而arp是网络的基础,如果支持ip协议则必须响应arp。这里是一个python版本。

  2. Ninja
    Ninja is a small build system with a focus on speed. It differs from other build systems in two major respects: it is designed to have its input files generated by a higher-level build system, and it is designed to run builds as fast as possible.

  3. scapy
    Scapy is a powerful Python-based interactive packet manipulation program and library.
    It is able to forge or decode packets of a wide number of protocols, send them on the wire, capture them, store or read them using pcap files, match requests and replies, and much more. It is designed to allow fast packet prototyping by using default values that work.
    pypi上的介绍还提到了可以替代Wireshark:It can easily handle most classical tasks like scanning, tracerouting, probing, unit tests, attacks or network discovery (it can replace hping, 85% of nmap, arpspoof, arp-sk, arping, tcpdump, wireshark, p0f, etc.).
    这里介绍了scapy设计的一些思想,有点意思。

  4. tcptrace
    tcptrace is a tool written by Shawn Ostermann at Ohio University, for analysis of TCP dump files. It can take as input the files produced by several popular packet-capture programs, including tcpdump, snoop, etherpeek, HP Net Metrix, and WinDump. tcptrace can produce several different types of output containing information on each connection seen, such as elapsed time, bytes and segments sent and received, retransmissions, round trip times, window advertisements, throughput, and more. It can also produce a number of graphs for further analysis.

RFC分享

  1. MPLS Penultimate Hop Popping
    以前一直以为PHP是只有LDP使用,通过这篇MPLS RFC文档描述,PHP是所有label distribution protocol都需要支持的,即包括LDP, RSVP-TE。对于SR-TE来说,是否封装倒数最后一跳的LSP,取决于ingress node或者控制器,实际来看是不封装的,也就是实现效果还是PHP,只不过不是倒数第二条弹出的,而是路径里面根本就没有。为了利用路径LSP,中国移动才提出了SR-TP的概念,在IETF中被称作path segment。path-segment不仅支持mpls,其实还支持srv6

好文回顾

  1. 50年前的登月程序和程序员有多硬核
    看看什么叫做硬核程序,顺便可以在搜索旅行者一号的源码(如果找的到的话)。