Geoff Adams
- Hardware
- Papers
- Essays
- Photography
- Recipes
- Media Library

Networking and Security

Have you noticed the rapid spread of the inappropriate term Intranet (or Intranetworking)? The thought processes behind the use of these words contradicts the entire design -- indeed, the entire meaning -- of the Internet. The concept that the network protocols and applications that run on the LAN are somehow fundamentally different from those that run on The Internet is dangerous.

Now, on to some links to some useful cryptography and security resources:

Cryptography and Security

• Bellcore's s/key via ftp
• A faster des and crypt implementation and a paper on the state of Unix password security
• The Cypherpunks are on top of cryptography issues. Matt Thomlinson has organized a great page discussing a variety of Cypherpunk Topics.
• Phil Zimmerman's Pretty Good Privacy
  • Here's my public key
  • A cool Public Key Server
• A paper which discusses the use of secret salts to combat dictionary attacks against passwords.
• Secure Programming for Linux and Unix HOWTO
• A very accessible description of the Kerberos protocol: Designing an Authentication System: a Dialogue in Four Scenes

Networking Protocols

• The Comp.Protocols.PPP Frequently Wanted Information page.
• The next version of the Internet Protocol, IPv6
• Internet Documentation (RFCs, FYIs, etc.)
• A searchable index of RFCs and drafts, and another one, and one more.
• NTP Version 3 Time Server

Network Application Protocols and Data Formats

• HTML 4.0
• Cascading Style Sheets (CSS), level 1 and level 2
• PNG, the Portable Network Graphics format

Network Performance

OK, so you know all about networking theory and protocols. Now, you want to know what issues affect the performance of your network. Why, for instance, do modems suck so badly?

Normal internet usage depends on many small packets flowing between hosts. TCP connections, for instance, require a three-packet handshake before any payload data can be transmitted through the connection. DNS lookups also involve exchanges of small packets. Obviously, you want these packets to arrive at their destination as quickly as possible.

The primary factor affecting the transmission of these small packets is the latency of the network links. Networking hardware companies have spent years perfecting techniques to forward packets with as little delay as possible. Modern ethernet switches, for instance begin forwarding a packet before it even has the complete packet -- all it needs is enough information to tell where to send it, and it gets that at the very start of the packet.

This brings us to modems. Modems seem to be the one area where optimizing for low latency is a completely lost art. All that engineering effort to shave a few milliseconds from the forwarding time at each step of the way, while very worthwhile, does you little good if your last hop is a modem that adds a tenth to a fifth of a second to the total delay.

Note that none of this is because modems have such limited bandwidth. In fact, modern modems have as much bandwidth as the Big Links between supercomputing centers that formed the early Internet. But that latency will kill ya.

• See It's the Latency, Stupid, an excellent discussion latency versus throughput by Stuart Cheshire

Networking hardware

For useful network specs and connector pinouts, see the Hardware page.