Trip to Moscow

I went to Moscow to buy wool socks and hunt some bears lately. I didn’t buy the socks and was unlucky to kill any bear – they all ran away. It disappointed me and I went to take CCNA security exam. I have passed it.

As a bonus, I went to polytechnic museum (nice exposition), saw Resident Evil 4 movie (awesome action) and took a walk with fiskus (appeared to be a nice guy).

Frame, packet and segment sizes or TCP/IP without fragmentation

It appeared to be really complicated to find relative information about sizes of transmission units in different levels of TCP/IP stack and completely impossible to find a united chart with their comparison. So, here it is.

Layer Protocol Header Size Recommended size with header included without protocol extensions, ensuring no segmentation on all underlying layers Maximum size of transmission unit with protocol extensions
Transport TCP 20-60B 1480 Bit 1 GB
UDP 8 B 1480 Bit 65535 B
Network IPv4 20 B – 60 B 1500 Bit* 65535 B
IPv6 40 B – infinite 1500 Bit 4 GB
Data link 10/100 Ethernet 18 B 1542 bit 1542 bit
1/10 GB Ethernet 18 B 1542 bit 9000 bit**
10/100 GB Ethernet 18 B 1542 bit 64000 bit***
802.11 (WIFI) 34 B 2312 bit 2312 bit

* Fragmentation is widely used in IP protocols

** Jumbo frames are used on high-rate data link protocols, like Gigabit Ethernet or higher

*** is called Super jumbo frame. Not practically used and may not be profitable on a links lower than 10Gbit Ethernet

IPv4 intermediate zeros omitting

Eventually, intermediate zeros can be omitted in IPv4 also.

[slava@tiamat ~]$ ping
PING ( 56(84) bytes of data.
64 bytes from icmp_seq=1 ttl=64 time=0.068 ms
— ping statistics —
2 packets transmitted, 2 received, 0% packet loss, time 1398ms
rtt min/avg/max/mdev = 0.040/0.054/0.068/0.014 ms
[slava@tiamat ~]$ ping 127.1
PING 127.1 ( 56(84) bytes of data.
64 bytes from icmp_seq=1 ttl=64 time=0.060 ms
— 127.1 ping statistics —
2 packets transmitted, 2 received, 0% packet loss, time 1314ms
rtt min/avg/max/mdev = 0.060/0.065/0.070/0.005 ms

Apparently, it inserts maximum possible amount (1 or 2) of intermediate zeros before last octet:

[slava@tiamat ~]$ ping 127.255
PING 127.255 ( 56(84) bytes of data.
64 bytes from icmp_seq=1 ttl=64 time=0.064 ms
— 127.255 ping statistics —
3 packets transmitted, 3 received, 0% packet loss, time 2786ms
rtt min/avg/max/mdev = 0.063/0.065/0.068/0.002 ms

[slava@tiamat ~]$ ping 198.41.4
PING 198.41.4 ( 56(84) bytes of data.
64 bytes from icmp_seq=1 ttl=56 time=155 ms

— 198.41.4 ping statistics —
2 packets transmitted, 2 received, 0% packet loss, time 1514ms
rtt min/avg/max/mdev = 155.323/155.361/155.400/0.396 ms

Dynamips, Dynagen and GNS3 as a Best Free Tools for Cisco IOS Learning

Boson NetSim and Packet Tracer are two examples of good Cisco networks emulators. They provide you with an opportunity to build networks of switches and routers, interconnect them and deploy several features of IOS. Good enough for beginners, but they have a huge drawback – their IOS simulation is limited. It does not implement a real set of functions real IOS has on board.

Several years before, the only opportunity to play with IOS was interconnection of real Cisco switches/routers. I still consider it was and still is a best way to learn Cisco. Unfortunately, not many people have access to networking hardware and even if they have it, the hardware is usually quite old or outdated. It means that you can run old versions of IOS there.

There is another approach of getting access to operational IOS – running it on a virtual machine. Emulating router’s hardware is not a straightforward task – Cisco uses different architectures in their devices. However, the task was accomplished in Dynamips/Dynagen project. It emulates Cisco hardware in a way so you can real IOS images on top of it. It is suitable to support 3600, 3700 and 2600 series hardware. Both pieces of software are closely interrelated and running together, providing users with a robust CLI interface.

Do not be frightened – CLI is not the only way of controlling your Cisco virtual machines. The tools have a graphical interface – GNS3. GNS3 runs on the top of Dynamips/Dynagen packages and provides GUI for controlling every virtual machine, machines interconnection, their modules and graphical network topology representation. It simply does everything that other graphical simulators can do.

Read More »

Cracking a WEP on HP Pavillion dv6k, Powered by Fedora 10


I was interested in wireless security since I have read some articles in “Xakep” magazine several years ago. They were saying “Most wireless networks are vulnerable and can be cracked within a day”. It was quite embarrassing that such a security threat can exist and really wanted to check whether it was true or not. Those years I did not not have any piece of needed experience. The task to crash test WEP stayed in my mind for years. Recently I have tried it.


All material is presented for educational purposes only. Do not apply this material’s guidelines in real life on real networks. Especially the ones, which do not belong to you.

This in not a how-to. This is a description of my experience. I do not guarantee, that process and steps, described here, will be applicable in your case and that it will work for you as well as it worked for me. I am not in charge of your failures.

System used.

I have used HP laptop with Intel 3945 wifi card installed, powered by fedora 10.
Read More »