Tag Archives: Dual-Stack

Internet’s Noise

2018-04-09Internet Access, MonitoringAttack, Dual-Stack, Follow TCP Stream, FRITZ!Box, I/O Graph, Internet, Noise, pcap, ProfiShark, Profitap, Telekom, Wireshark, ZMapJohannes Weber

If you are following the daily IT news you have probably seen many articles claiming they have scanned the whole Internet for this or that. Indeed there are tools such as the ZMap Project “that enable researchers to perform large-scale studies of the hosts and services that compose the public Internet”.

This time I was not interested in scanning something, but in the question about “how many scans happen during one day on my home ISP connection?” Or in other words: What is the Internet background noise as seen by almost any customer? For this I sacrificed my Internet connection at home for 24 hours, while a factory-resetted router established a fresh Internet connection (IPv6 & IPv4) without any end devices behind it. No outgoing connections that could confuse or trigger any scans. That is: All incoming connections are really unsolicited and part of some third-party port scans, worm activities, or whatever. Using a network TAP device I captured these 24 hours and analyzed them with Wireshark.

In this blogpost I will present some stats about these incoming port scans. Furthermore I am publishing the pcap file so you can have a look at it by yourself.

Continue reading Internet’s Noise →

Telekom Dual-Stack Verbindungsaufbau

2015-05-19DHCP, Internet Access, IPv6, SpeedportDHCPv6, DHCPv6-PD, Dual-Stack, Dyn Prefix, Hub, IPv6, IPv6 Dynamic Prefix, Knoppix, PPPoE, Prefix Delegation, TelekomJohannes Weber

Bis neulich hatte ich einen normalen DSL-Anschluss von 1&1: Per PPPoE eingewählt und eine IPv4-Adresse bekommen – fertig. Das kann neben der FRITZ!Box natürlich auch jeder vernünftige Router oder Firewall.

Jetzt habe ich endlich einen richtigen Dual-Stack (IPv4 und IPv6) Anschluss der Telekom (Glasfaser “MagentaZuhause M” ohne Fernsehen, siehe hier). Juchu! ;) Bevor ich jedoch den mitgelieferten Speedport durch diverse andere Testgeräte ersetze, wollte ich mal vernünftig mitschneiden, welche Protokolle denn bei einem Verbindungsaufbau genau eingesetzt werden. Vor allem die Prefix Delegation über DHCPv6 interessierte mich…

Continue reading Telekom Dual-Stack Verbindungsaufbau →

Basic IPv6 Messages: Wireshark Capture

2015-05-13IPv6, Linux, Memorandum, SpeedportDHCPv6, Dual-Stack, IPv6, IPv6 Neighbor Discovery, ISP, Knoppix, pcap, Router Advertisement, SLAAC, WiresharkJohannes Weber

When explaining IPv6 I am always showing a few Wireshark screenshots to give a feeling on how IPv6 looks like. Basically, the stateless autoconfiguration feature (SLAAC), DHCPv6, Neighbor Discovery, and a simple ping should be seen/understood by any network administrator before using the new protocol.

Therefore I captured the basic IPv6 autoconfiguration with a Knoppix Linux behind a Telekom Speedport router (German ISP, dual-stack) and publish this capture file here. I am using this capture to explain the basic IPv6 features.

Continue reading Basic IPv6 Messages: Wireshark Capture →

Ping Times/Latency: DSL vs. Glasfaser, IPv4 vs. IPv6

2015-05-05Internet Access, IPv6, WLAN/WiFi1&1, DSL, Dual-Stack, Glasfaser, IPv4, IPv6, LAN, Latency, Ping, Telekom, WLANJohannes Weber

Seit wenigen Tagen bin ich glücklicher Kunde eines Telekom Glasfaseranschlusses. Mit satten 50/10 MBit/s rasen die Daten bei mir ein und aus. Neben der deutlich höheren Geschwindigkeit war ich aber auch an den Latenzen der beiden Anschlüsse interessiert und habe entsprechende Tests gemacht. Hier kommen die Ergebnisse.

Continue reading Ping Times/Latency: DSL vs. Glasfaser, IPv4 vs. IPv6 →

Weberblog.net

IT-Security, Networks, IPv6, VPN, DNSSEC, NTP

Tag Archives: Dual-Stack

Internet’s Noise

Telekom Dual-Stack Verbindungsaufbau

Basic IPv6 Messages: Wireshark Capture

Ping Times/Latency: DSL vs. Glasfaser, IPv4 vs. IPv6