Archives: Networking

Kubernetes Quick Start No ratings yet.

Learning curve for Kubernetes (K8s) could be steep. For most users who are already familiar with basic networking, OS/Linux,  docker container technologies etc, the difficulties , I personally think,  is most likely due to its unique concepts, sometime confusing terms. Based on my learning experience, I wrote a book: Kerbernetes Quick start, hopefully can help • Read More »

Janus Video Room plugin (how webrtc sfu works) 5/5 (1)

Repo: code: video sfu code at: plugins/janus_videoroom.c How sub/pub works: in its plugin implementation: plugins/janus_videoroom.c , there is: struct janus_videoroom_publisher { GSList subscribers; / Subscriptions to this publisher (who’s watching this publisher) */ GSList subscriptions; / Subscriptions this publisher has created (who this publisher is watching) */ } for every incoming  rtp from a publisher: • Read More »

srtp and h.235.6 secure rtp No ratings yet.

SRTP RFCs and h.235 is Not an easy read. Here is my very high level beriefing: AES Encryption (1) AES is the foundation for both srtp and h.235.6 secured rtp AES is symmetric encryption,  it takes those two as input key + IV:  128/192/256-bits length key , ( + optional Initialized vector or counter) src input:    • Read More »

What is bro and how to install bro on debian 8 No ratings yet.

Bro, or sometimes referred to as Bro-IDS is a bit different than Snort and Suricata. In a way Bro is both a signature and anomaly-based IDS. Its analysis engine will convert traffic captured into a series of events. An event could be a user logon to FTP, a connection to a website or practically anything. • Read More »

DTLS, DTLS-SRTP No ratings yet.

DTLS:  Basically DTLS is to construct TLS over datagram (UDP, DCCP, etc.) DTLS is similar to TLS intentionally except that DTLS has to solve two problems: packet lost and reordering. DTLS-SRTP DTLS-SRTP can be viewed in two equivalent ways: as a new key management method for SRTP, and a new RTP-specific data format for DTLS. • Read More »

OpenPGP vs S/MIME No ratings yet.

S/MIME and OpenPGP similarity: both depends on public/private keys to encrypt/authenticate msg ( emails), difference:  how to distribute the public keys. S/MIME is similar to TLS, need to depends on X.509 certificate OpenPGP depends on web of trust to distribute the public key.   references: Please rate this rating

What is the difference between srtp and zrtp No ratings yet.

SRTP sdp msg: v=0 o=jdoe 2890844526 2890842807 IN IP4 s=SDP Seminar i=A Seminar on the session description protocol u= (Jane Doe) c=IN IP4 t=2873397496 2873404696 m=video 51372 RTP/SAVP 31 a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:d0RmdmcmVCspeEc3QGZiNWpVLFJhQX1cfHAwJSoj|2^20 m=audio 49170 RTP/SAVP 0 a=crypto:1 AES_CM_128_HMAC_SHA1_32 inline:NzB4d1BINUAvLEw6UzF3WSJ+PSdFcGdUJShpX1Zj|2^20 m=application 32416 udp wb a=orient:portrait The crypto line includes the master key and • Read More »

SSH protocol No ratings yet.

How SSH2 works: (1) When a TCP connection is made by a client, the server responds with the protocol versions it supports. If the client can match one of the acceptable protocol versions, the connection continues. The server also provides its public host key, which the client can use to check whether this was the • Read More »

TLS/SSL handshake No ratings yet.

  The combination of Diffie-Hellman and the use of ephemeral session keys are what enables “Forward Secrecy”: even if an attacker gains access to the server’s private key they are not able to passively listen in on the active session, nor can they decrypt previously recorded sessions. Diffie-Hellman Key Exchange Both A, B create the • Read More »