networking

What Is SSH? SSH — Secure Shell — is a cryptographic network protocol that lets you securely connect to remote machines, transfer files, tunnel traffic, and automate infrastructure operations over any network, including the open internet. It was created in 1995 by Tatu Ylönen as a direct response to a password-sniffing attack at his university. In the thirty years since, it has become the foundat…

Every new system or network engineer in the industry often starts by segmenting the existing network into slices, all in the name of "securing" it. In my 20 years of field experience, I've seen dozens of colleagues define 15 different VLANs even in 50-user offices, only to be crushed under the weight of their own rules. The answer to the question, Why is VLAN Segmentation Overhyped in Small Netwo…

A lot of network engineers learn their best lessons in home labs, especially the lessons that do not fit neatly into certification tracks or production change windows. They are also where things can get messy quickly. One folder has topology notes. Another has Ansible experiments. A diagram lives somewhere else. Remote access was configured once and then forgotten. Screenshots include details tha…

I built a detailed visual diagrams for the Transmission Control Protocol (TCP) — one of the core protocols powering the internet, that operates at the Transport Layer (Layer 4) of the OSI model. I broke down: 🔹 TCP Segment Structure: - Source & destination ports Sequence number Acknowledgment number Flags (SYN, ACK, FIN, RST, PSH, URG) Window size Checksum Options & payload Here the full animated…

Your router acts as a local network’s traffic manager. It is responsible for sending data coming from the internet to the correct device in your home. Let's break down exactly how that happens. 1. The Request When you search for youtube.com , your device sends a request out to the internet. Because the internet communicates via IP addresses rather than domain names, this request is first resolved…

A single hijacked prefix can route a chunk of payment traffic into a stranger's network for half an hour before anyone notices. For a payment provider, that is not a routing incident. It is a regulatory event, an exposed-traffic incident, and an auditor knocking on Monday morning. This post walks through the BGP edge hygiene we ran in production at a national fintech: what we filtered, how we aut…

Internet Architecture describes how data is organized, transmitted, and managed across networks. Different architectural models serve different needs, some offer a straightforward client-server setup (like a website), while others rely on a more distributed approach (like file-sharing platforms). Peer-to-Peer (P2P) Architecture This is when computers and devices are linked directly to each other …

A Wireshark dissector for DVRIP/Sofia protocol found on Xiongmai based IP cameras. Full working dissector code is available at a DVRIP analysis repository . Full writeup of a sample IP camera on which this dissector was tested is available at Besder 6024PB-XMA501 IP camera security investigation repository. Table of Contents Usage Linux Windows Test Device DVRIP/Sofia Headers DVRIP/Sofia Message …

As we have talked about before, the Internet relies on numerical addresses, IP addresses to route data from one device to another. IPv4 offers around 4.3 billion addresses, we have discussed that that is not enough. While there is IPv6, another solution to this issue is through Network Address Translation (NAT) NAT allows multiple devices on a private network to share a single public IP address. …

The server is on a Gbit link. ethtool confirms 1000 Mbps on the interface. And yet every SFTP transfer caps out somewhere around 800 KB/s. Not 80 MB/s — 800 kilobytes per second. Less than 1% of the theoretical capacity. The problem isn't bandwidth. It's a stack of bad defaults: a congestion control algorithm designed for year-2000 networks, microscopically small NIC ring buffers, and application…

Published: April 25, 2026 When the past answer becomes the present problem, we call it Path Dependency. TCP was designed in 1981. It solved the right problems for its time. By the time HTTP was carrying the modern web, that 40-year-old foundation was starting to show its age. Keep-Alive solved the contract problem. One connection, many requests. Cheaper by design. But the queue was still single-f…

Setting up a WireGuard server in 2026 is trivial. AI writes the wg0.conf , docker compose up and wg-easy is running in a minute, generating peers takes one click. The hard part hasn't been setup for years. The hard part is what happens after the second server. The moment you have two, the friction shifts. It's no longer about commands or configs. The questions change. Who has access to what? When…

iSCSI is a protocol from the era when “the network” meant a rack-scale fibre channel replacement. Initiators and targets trusted each other, CHAP was optional theatre, and a packet from an initiator carried the implicit assumption “we’re on the same L2 segment.” scsipub serves iSCSI targets to arbitrary clients on the public internet. That’s a different set of assumptions. This post is the decisi…

10Gb/s Ethernet: what I actually did to get it working in my home Having learned enough about 10Gb/s Ethernet to be comfortable about setting it up in my house, it was time to bite the bullet: order it from the ISP, buy some kit, and get started. I already had 2.5Gb/s working. The apartment has structured cabling -- each room has one or more RJ45 sockets in the wall, and there's a patch panel dow…

Ethernet delivers stable, speedy, secure wired connections to the internet and between devices.

Today we are looking at the TP-Link TL-SG108, an 8 port Gigabit Ethernet plug-and-play desktop switch. It is a little less capable and cheaper than the usual fare here, but it does hide some interesting surprises! Removing the two small screws on the bottom allows us to remove the top cover and see that the switch is based on the Realtek RTL8370N. The RTL8370N is a low-cost Gigabit Ethernet switc…

How VeilShift™ Works — The Protocol That Bypasses DPI Blocking If you've ever tried using a VPN in Turkey, UAE, or Indonesia and found it suddenly stopped working, you've run into Deep Packet Inspection. This article explains what DPI is, why it defeats most commercial VPNs, and how VeilShift™ approaches the problem differently. What is Deep Packet Inspection? Deep Packet Inspection (DPI) is a me…

Here are a couple of communication protocols I learned today on a system at work. SNMP SNMP stands for Simple Network Management Protocol. It runs over UDP (User Datagram Protocol: a lightweight method of sending data that doesn’t require a back-and-forth connection handshake) on ports 161 and 162 (specific numbered channels that network services listen on) and is used to discover and monitor dev…

The General Assembly is the nucleus around which EGU’s community gathers and connects, providing a week of opportunity to meet new people and reaffirm old bonds. Progress within science and its impact on society rises from the confluence of ideas and a diversity of voices; to facilitate meeting and discussion at the Assembly, #EGU26 offers a number of paths for building your network. Networking e…

2017-08-10 » The world in which IPv6 was a good design Last November I went to an IETF meeting for the first time. The IETF is an interesting place; it seems to be about 1/3 maintenance grunt work, 1/3 extending existing stuff, and 1/3 blue sky insanity. I attended mostly because I wanted to see how people would react to TCP BBR, which was being presented there for the first time. (Answer: mostly…