Network programming in Python: Mastering the layers of protocol stack.
by Bharath (speaking)
Objective
“A typical bay area venture capitalist type would tell you to be a goodie good developer and pick up a Django type workshop. Will you surrender to the technical lullaby, or are you willing to embark on a journey down the rabbit hole that takes you to places where coders meet the real deal of bits, bytes and protocols with no/low abstractions.”*
Enough of the technical anecdotes, let's see what this workshop is going to be.
Description
Background
I planned to propose a workshop solely based on security scripting but then I realized it's seems too contrived to make people dive right into security specifics, rather it would be more natural to make programmers think/code generically in network programming and protocols perspective, then let them progress into specifics. More over many full "stack" developers are clueless about what's behind all those pretty library functions.
What this workshop covers?
This workshop is going to be three hours of hands-on journey thorough the murky corners of internet(protocols).
We will dissect each layer of OSI model and major protocols involved, from a programmer's perspective. This workshop includes both IPV4 and IPV6 discussion.
Most probably there will a simple WLAN setup where the participants could write and test their scripts.
By the end of this workshop you will be able to understand Network protocol stack from a programmer perspective, understand socket abstraction, be able to write simple network applications and go about understanding advanced network programming concepts.
In-case you are going to vote positively, please fill in the survey to make the workshop more productive:
https://www.surveymonkey.com/s/MT3XVTB
A high level overview of what will be covered in the workshop is as follows:
Networking essentials
Sprint through the essential networking concepts to get started with network programming. Includes core internet protocols, Internet addressing, packet headers etc. We will be covering a little more than what is there in "Beej's Guide to Network Programming Using Internet Sockets"
Sockets
We will delve into concept of sockets. We'll be covering low level nuisances like socket functions, name functions, byte order and byte order functions etc.
Protocols
We look at programming using sockets, communicating using various protocols through at different layers. Some protocols that’ll be covered includes HTTP, DNS, SSL/TLS, IMAP, SMTP, SSH, FTP etc.
Network errors/Debugging
Writing clean network programs is non-trivial. There are numerous error cases that might arise varying from protocol errors to physical cable problems and they should be dealt with properly. Debugging is one of the most important aspects of Network programming.
Third part libraries- to make life easier
After looking at all the low levels details it’s time to take a look at ways to not worry about them while coding. We look at some third party libraries that might often come very handy while writing network scripts. They help you write scripts effortlessly, on the fly. Scapy, Impacket to name some.
Raw sockets - To make life harder
A raw socket is an internet socket that allows direct sending and receiving of Internet Protocol packets without any protocol-specific layer formatting. This is the single most powerful technique that we will be covering. We will code bunch of port scanning techniques using raw sockets.
Miscellaneous scripts
We will code & look at some interesting scripts in action. Script that uses shodan to search networked devices, maltego to perform OSINT and some security scipts(yeah, I'm biased).
Moving forward..
A roadmap on where to go next with what participants picked up in the workshop.
Intended Audience
- Programmers who have intent of writing applications that communicates over networks
- Security Engineers would benefit a ton from knowing the material
Requirements
Prerequisites
-
Absolute basic Python or some programming experience in some high level language is a must(C preferred). You need to know what's on "Google's Python classes"
-
Basics of Networking concepts is desired but some essential networking concepts are covered in the talk(depending on the crowd). We'll cover little more than Beej's guide.
-
Survival command line skills on *nix platform desired or just bring a cheat sheet. We will learn necessary commands as we go though.
Resources
-
"Beej's Guide to Network Programming Using Internet Sockets" http://beej.us/guide/bgnet/
-
"Google's Python classes" https://developers.google.com/edu/python/?csw=1
-
TCP/IP packet headers : http://nmap.org/book/tcpip-ref.html
Technical requirements
- Python 2.7
- Linux 2.6.x / 3.0.x or any *nix platform will do(Kali Linux makes life easier.)
(Code will be made as OS agnostic as possible but we all know *NIX is better)
Speaker bio
I am a Network Security, Protocols and Software exploitation enthusiast. Been coding in Python for security tasks & academics from past 4 years. Graduated from Asia Pacific University, Kuala Lumpur in Information Systems Security(ISS). I do security contract works for various Bio-pharma companies.
When not doing security work or lurking on Coursera, I could be found hiking in the eastern ghats :)
Slides
http://www.slideshare.net/hurtl0cker/network-programming-in-python-36678345
Links
- Scripts will be uploaded progressively.
- https://twitter.com/yamakira_
- Libraries/Modules
- Most of the packages could be installed simply using Python Package Index(PIP)
- scapy http://www.secdev.org/projects/scapy/
- dnspython http://www.dnspython.org/
- impacket http://code.google.com/p/impacket/
- ssl https://docs.python.org/dev/library/ssl.html
- backports.ssl_match_hostname https://pypi.python.org/pypi/backports.ssl_match_hostname
- logging https://docs.python.org/2/library/logging.html
- mechanize https://pypi.python.org/pypi/mechanize/
- mem-cached https://pypi.python.org/pypi/python-memcached/1.53
- pymaltego http://code.google.com/p/pymaltego/
- shodan https://github.com/achillean/shodan-python
2
▼
This looks amazing. If possible it would be really wonderful to include a section of 'Automating Config reviews' (Just a suggestion). Really looking forward to this.
Thank You
1
▼
Thanks for suggestions. I have looked into your request but due to time constrain I can't cover the topic but in a couple of months I might upload videos on the topic, I'll link you if I do :)
1
▼
Looks promising, looking forward to attend the workshop..