DOCSLIB.ORG

NBAR2 Standard Protocol Pack 1.0

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
NBAR2 Standard Protocol Pack 1.0 NBAR2 Standard Protocol Pack 1.0 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 © 2013 Cisco Systems, Inc. All rights reserved. CONTENTS CHAPTER 1 Release Notes for NBAR2 Standard Protocol Pack 1.0 1 CHAPTER 2 BGP 3 BITTORRENT 6 CITRIX 7 DHCP 8 DIRECTCONNECT 9 DNS 10 EDONKEY 11 EGP 12 EIGRP 13 EXCHANGE 14 FASTTRACK 15 FINGER 16 FTP 17 GNUTELLA 18 GOPHER 19 GRE 20 H323 21 HTTP 22 ICMP 23 IMAP 24 IPINIP 25 IPV6-ICMP 26 IRC 27 KAZAA2 28 KERBEROS 29 L2TP 30 NBAR2 Standard Protocol Pack 1.0 iii Contents LDAP 31 MGCP 32 NETBIOS 33 NETSHOW 34 NFS 35 NNTP 36 NOTES 37 NTP 38 OSPF 39 POP3 40 PPTP 41 PRINTER 42 RIP 43 RTCP 44 RTP 45 RTSP 46 SAP 47 SECURE-FTP 48 SECURE-HTTP 49 SECURE-IMAP 50 SECURE-IRC 51 SECURE-LDAP 52 SECURE-NNTP 53 SECURE-POP3 54 SECURE-TELNET 55 SIP 56 SKINNY 57 SKYPE 58 SMTP 59 SNMP 60 SOCKS 61 SQLNET 62 SQLSERVER 63 SSH 64 STREAMWORK 65 NBAR2 Standard Protocol Pack 1.0 iv Contents SUNRPC 66 SYSLOG 67 TELNET 68 TFTP 69 VDOLIVE 70 WINMX 71 NBAR2 Standard Protocol Pack 1.0 v Contents NBAR2 Standard Protocol Pack 1.0 vi CHAPTER 1 Release Notes for NBAR2 Standard Protocol Pack 1.0 NBAR2 Standard Protocol Pack Overview The Network Based Application Recognition (NBAR2) Standard Protocol Pack 1.0 is provided as the base protocol pack with an unlicensed Cisco image on a device. The NBAR2 Standard Protocol Pack has limited features and functionality. Supported Platform The NBAR2 Standard Protocol Pack 1.0 is supported on Cisco ASR 1000 Series Aggregation Services Routers. Additional References Related Topic Document Title Application Visibility and Control Application Visibility and Control Configuration Guide Classifying Network Traffic Using NBAR Classifying Network Traffic Using NBAR module NBAR Protocol Pack NBAR Protocol Pack module QoS: NBAR Configuration Guide QoS: NBAR Configuration Guide NBAR2 Standard Protocol Pack 1.0 1 Release Notes for NBAR2 Standard Protocol Pack 1.0 NBAR2 Standard Protocol Pack 1.0 2 CHAPTER 2 BGP Name/CLI Keyword bgp Full Name Border Gateway Protocol Description Border Gateway Protocol (BGP) is a protocol designed to share network information (for example network reachability) between autonomous systems (AS). According to the information, the BGP routers build/modify their routing tables. The protocol was designed to replace the Exterior Gateway Protocol (EGP). Usually the protocol uses TCP/UDP ports 179 as default. Reference http://tools.ietf.org/html/rfc4274 Global ID L4:179 ID 11 Known Mappings UDP Port 179 TCP Port 179 IP Protocol - IP Version IPv4 Support Yes IPv6 Support Yes Application Group - Category - Sub Category - NBAR2 Standard Protocol Pack 1.0 3 BGP P2P Technology No Encrypted No Tunnel No Underlying Protocols - • BITTORRENT, page 6 • CITRIX, page 7 • DHCP, page 8 • DIRECTCONNECT, page 9 • DNS, page 10 • EDONKEY, page 11 • EGP, page 12 • EIGRP, page 13 • EXCHANGE, page 14 • FASTTRACK, page 15 • FINGER, page 16 • FTP, page 17 • GNUTELLA, page 18 • GOPHER, page 19 • GRE, page 20 • H323, page 21 • HTTP, page 22 • ICMP, page 23 • IMAP, page 24 • IPINIP, page 25 • IPV6-ICMP, page 26 • IRC, page 27 • KAZAA2, page 28 • KERBEROS, page 29 • L2TP, page 30 • LDAP, page 31 • MGCP, page 32 NBAR2 Standard Protocol Pack 1.0 4 BGP • NETBIOS, page 33 • NETSHOW, page 34 • NFS, page 35 • NNTP, page 36 • NOTES, page 37 • NTP, page 38 • OSPF, page 39 • POP3, page 40 • PPTP, page 41 • PRINTER, page 42 • RIP, page 43 • RTCP, page 44 • RTP, page 45 • RTSP, page 46 • SAP, page 47 • SECURE-FTP, page 48 • SECURE-HTTP, page 49 • SECURE-IMAP, page 50 • SECURE-IRC, page 51 • SECURE-LDAP, page 52 • SECURE-NNTP, page 53 • SECURE-POP3, page 54 • SECURE-TELNET, page 55 • SIP, page 56 • SKINNY, page 57 • SKYPE, page 58 • SMTP, page 59 • SNMP, page 60 • SOCKS, page 61 • SQLNET, page 62 • SQLSERVER, page 63 • SSH, page 64 • STREAMWORK, page 65 NBAR2 Standard Protocol Pack 1.0 5 BGP BITTORRENT • SUNRPC, page 66 • SYSLOG, page 67 • TELNET, page 68 • TFTP, page 69 • VDOLIVE, page 70 • WINMX, page 71 BITTORRENT Name/CLI Keyword bittorrent Full Name BitTorrent Description BitTorrent is a p2p file sharing protocol used for distributing files over the internet. It identifies content by URL and is designed to integrate seamlessly with the web. The BitTorrent protocol is based on a BitTorrent tracker (server) that initializes the connections between the clients (peers). Reference http://jonas.nitro.dk/bittorrent/bittorrent-rfc.html Global ID L7:69 ID 69 Known Mappings UDP Port - TCP Port - IP Protocol - IP Version IPv4 Support No IPv6 Support No Application Group - Category - Sub Category - P2P Technology No NBAR2 Standard Protocol Pack 1.0 6 BGP CITRIX Encrypted No Tunnel No Underlying Protocols socks CITRIX Name/CLI Keyword citrix Full Name Citrix Description Citrix is an application that mediates users remotely to their corporate applications. ICA: Independed Computing Architecture is a designated protocol for application server system; it is used for transferring data between clients and servers.CGP: CGP is a tunneling protocol, the latest addition to the family of Citrix protocol.As of today it encapsulates ICA protocol but will be extended to other Citrix protocol such as RDP, HTTP/HTTPS.IMA: used for server-server communication. Server-Browser: Used mainly a control connection which has Published Application Name and triggers an ICA connection Reference http://www.citrix.com/site/resources/dynamic/additional/ICA_Acceleration_ 0709a.pdf Global ID L7:56 ID 56 Known Mappings UDP Port 1604 TCP Port 1494,2512,2513,2598 IP Protocol - IP Version IPv4 Support No IPv6 Support No Application Group - Category - Sub Category - NBAR2 Standard Protocol Pack 1.0 7 BGP DHCP P2P Technology No Encrypted No Tunnel No Underlying Protocols - DHCP Name/CLI Keyword dhcp Full Name Dynamic Host Configuration Protocol Description The Dynamic Host Configuration Protocol (DHCP) provides a framework for passing configuration information to hosts on a TCP/IP network. The information given by designated DHCP servers include: IP address, subnet mask and default gateway. A DHCP server usually listens on UDP port 67 and DHCP client usually listens on UDP 68. Reference http://www.ietf.org/rfc/rfc2131.txt Global ID L7:13 ID 13 Known Mappings UDP Port 67,68 TCP Port - IP Protocol - IP Version IPv4 Support No IPv6 Support No Application Group - Category - Sub Category - P2P Technology No NBAR2 Standard Protocol Pack 1.0 8 BGP DIRECTCONNECT Encrypted No Tunnel No Underlying Protocols - DIRECTCONNECT Name/CLI Keyword directconnect Full Name Direct Connect Description Direct connect is a peer-to-peer file sharing protocol. Clients connect to a main hub that mediates them to other clients in order to download files. The hubs hold a database of clients and files and mediate the clients. Once clients are connected in a P2P manner, they can download files and chat with one another. Reference http://www.metroactive.com/papers/metro/07.12.01/work-0128.html Global ID L7:70 ID 70 Known Mappings UDP Port - TCP Port - IP Protocol - IP Version IPv4 Support No IPv6 Support No Application Group - Category - Sub Category - P2P Technology No Encrypted No NBAR2 Standard Protocol Pack 1.0 9 BGP DNS Tunnel No Underlying Protocols - DNS Name/CLI Keyword dns Full Name Domain Name System Description Domain Name Server is a server that translates URLs into IP addresses based on client queries. It is based on client-server architecture. Reference https://www1.ietf.org/rfc/rfc1035.txt Global ID L4:53 ID 72 Known Mappings UDP Port 53 TCP Port 53 IP Protocol - IP Version IPv4 Support No IPv6 Support No Application Group - Category - Sub Category - P2P Technology No Encrypted No Tunnel No Underlying Protocols - NBAR2 Standard Protocol Pack 1.0 10 BGP EDONKEY EDONKEY Name/CLI Keyword edonkey Full Name eDonkey Description eDonkey is a peer-to-peer file sharing addopted to share large files. The network is based on multiple decentralized servers ,each client must be connected to a server to enter the network. edonkey-static and eMule are also required to fully detect or prevent this application traffic. Reference http://web.archive.org/web/20010213200827/www.edonkey2000.com/ overview.html Global ID L7:67 ID 67 Known Mappings UDP Port - TCP Port - IP Protocol - IP Version IPv4 Support No IPv6 Support No Application Group - Category - Sub Category - P2P Technology No Encrypted No Tunnel No Underlying Protocols - NBAR2 Standard Protocol Pack 1.0 11 BGP EGP EGP Name/CLI Keyword egp Full Name Exterior Gateway Protocol Description Exterior Gateway Protocol (EGP) is a protocol used to convey network information between neighboring gateways, or Autonomic systems. This way the gateways acquire neighbors, monitor neighbor reachability and exchange net-reachability information in the form of Update messages. EGP is IP protocol number 8. Reference http://tools.ietf.org/html/rfc904 Global ID L3:8 ID 4 Known Mappings UDP Port - TCP Port - IP Protocol 8 IP Version IPv4 Support Yes IPv6 Support Yes Application Group - Category - Sub Category - P2P Technology No Encrypted No Tunnel No Underlying Protocols - NBAR2 Standard Protocol Pack 1.0 12 BGP EIGRP EIGRP Name/CLI Keyword eigrp Full Name Interior Gateway Routing Protocol Description Enhanced Interior Gateway Routing Protocol (EIGRP) is an interior gateway protocol. It is an advanced distance-vector routing protocol, with optimizations to minimize both the routing instability incurred after topology changes, as well as the use of bandwidth and processing power in the router. The protocol is usually known as IP protocol 88 as default.
Load more

Recommended publications
  • Option 33: Dual Internal NTP Server Setup and Operation Guidelines
    -DISCONTINUED PRODUCT- Option 33: Dual Internal NTP Server Setup and Operation Guidelines Document No. PD0042100D – April 2009 Arbiter Systems, Inc. 1324 Vendels Circle, Suite 121 Paso Robles, CA 93446 U.S.A. (805) 237-3831, (800) 321-3831 http://www.arbiter.com mailto: [email protected] 1 Option 33: Dual Internal NTP Server 1.1 General Description Option 33, Dual Internal Network Time Protocol (NTP) Server, is used in the Arbiter Systems line of 19-inch, rack mount Satellite-Controlled Clocks. This option comes with a six-foot phone cable and RJ-11 to DB-9F adapter for connecting to the RS-232, or NTP Setup, port. 1.1.1 Option 33 Option 33 allows the clock to act as time server over an Ethernet network using the network time protocol operating in server mode - symmetric operation modes are not supported. Time is distributed over the network interface to computers, controllers and other equipment needing the correct time. Option 33 understands NTP Version 1, Version 2, and Version 3 frames, and optionally supports authentication via DES and MD5 cryptographic checksums. If authentication is not used, the controller can typically be used for hundreds of clients without overloading it. Authentication requires typically 40 ms for checking and generating the cryptograms, which is covered and averaged out by the protocol. Option 33 supports full SNTP and all NTP functions required for reliable server operation. Functions not required for server operation are not implemented. 1.1.2 Hardware Configuration. Option 33 consists of two building blocks; two OEM NTP modules and an interface to the GPS clock.
    [Show full text]
  • Maximum Internet Security: a Hackers Guide - Networking - Intrusion Detection
    - Maximum Internet Security: A Hackers Guide - Networking - Intrusion Detection Exact Phrase All Words Search Tips Maximum Internet Security: A Hackers Guide Author: Publishing Sams Web Price: $49.99 US Publisher: Sams Featured Author ISBN: 1575212684 Benoît Marchal Publication Date: 6/25/97 Pages: 928 Benoît Marchal Table of Contents runs Pineapplesoft, a Save to MyInformIT consulting company that specializes in Internet applications — Now more than ever, it is imperative that users be able to protect their system particularly e-commerce, from hackers trashing their Web sites or stealing information. Written by a XML, and Java. In 1997, reformed hacker, this comprehensive resource identifies security holes in Ben co-founded the common computer and network systems, allowing system administrators to XML/EDI Group, a think discover faults inherent within their network- and work toward a solution to tank that promotes the use those problems. of XML in e-commerce applications. Table of Contents I Setting the Stage 1 -Why Did I Write This Book? 2 -How This Book Will Help You Featured Book 3 -Hackers and Crackers Sams Teach 4 -Just Who Can Be Hacked, Anyway? Yourself Shell II Understanding the Terrain Programming in 5 -Is Security a Futile Endeavor? 24 Hours 6 -A Brief Primer on TCP/IP 7 -Birth of a Network: The Internet Take control of your 8 -Internet Warfare systems by harnessing the power of the shell. III Tools 9 -Scanners 10 -Password Crackers 11 -Trojans 12 -Sniffers 13 -Techniques to Hide One's Identity 14 -Destructive Devices IV Platforms
    [Show full text]
  • Avaya Session Border Controller for Enterprise Overview and Specification
    Avaya Session Border Controller for Enterprise Overview and Specification Release 7.2.2.2 Issue 8 April 2019 © 2017-2019, Avaya Inc. YOU DO NOT WISH TO ACCEPT THESE TERMS OF USE, YOU All Rights Reserved. MUST NOT ACCESS OR USE THE HOSTED SERVICE OR AUTHORIZE ANYONE TO ACCESS OR USE THE HOSTED Notice SERVICE. While reasonable efforts have been made to ensure that the Licenses information in this document is complete and accurate at the time of printing, Avaya assumes no liability for any errors. Avaya reserves THE SOFTWARE LICENSE TERMS AVAILABLE ON THE AVAYA the right to make changes and corrections to the information in this WEBSITE, HTTPS://SUPPORT.AVAYA.COM/LICENSEINFO, document without the obligation to notify any person or organization UNDER THE LINK “AVAYA SOFTWARE LICENSE TERMS (Avaya of such changes. Products)” OR SUCH SUCCESSOR SITE AS DESIGNATED BY AVAYA, ARE APPLICABLE TO ANYONE WHO DOWNLOADS, Documentation disclaimer USES AND/OR INSTALLS AVAYA SOFTWARE, PURCHASED “Documentation” means information published in varying mediums FROM AVAYA INC., ANY AVAYA AFFILIATE, OR AN AVAYA which may include product information, operating instructions and CHANNEL PARTNER (AS APPLICABLE) UNDER A COMMERCIAL performance specifications that are generally made available to users AGREEMENT WITH AVAYA OR AN AVAYA CHANNEL PARTNER. of products. Documentation does not include marketing materials. UNLESS OTHERWISE AGREED TO BY AVAYA IN WRITING, Avaya shall not be responsible for any modifications, additions, or AVAYA DOES NOT EXTEND THIS LICENSE IF THE SOFTWARE deletions to the original published version of Documentation unless WAS OBTAINED FROM ANYONE OTHER THAN AVAYA, AN AVAYA such modifications, additions, or deletions were performed by or on AFFILIATE OR AN AVAYA CHANNEL PARTNER; AVAYA the express behalf of Avaya.
    [Show full text]
  • Security Management Fundamentals Release: 6.0 Document Revision: 03.08
    Nortel Communication Server 1000 Security Management Fundamentals Release: 6.0 Document Revision: 03.08 www.nortel.com .NN43001-604 Nortel Communication Server 1000 Release: 6.0 Publication: NN43001-604 Document release date: 14 April 2010 Copyright © 2008-2010 Nortel Networks. All Rights Reserved. While the information in this document is believed to be accurate and reliable, except as otherwise expressly agreed to in writing NORTEL PROVIDES THIS DOCUMENT "AS IS" WITHOUT WARRANTY OR CONDITION OF ANY KIND, EITHER EXPRESS OR IMPLIED. The information and/or products described in this document are subject to change without notice. Nortel, Nortel Networks, the Nortel logo, and the Globemark are trademarks of Nortel Networks. All other trademarks are the property of their respective owners. 3 . Contents New in this release 11 Other changes 11 Revision history 11 How to get help 15 Getting help from the Nortel Web site 15 Getting help over the telephone from a Nortel Solutions Center 15 Getting help from a specialist by using an Express Routing Code 16 Getting help through a Nortel distributor or reseller 16 Introduction 17 Purpose 17 Navigation 18 Other security information 18 About this document 19 Subject 19 Intended audience 20 Terminology conventions 20 Fundamentals of system security management 21 System security overview 23 General signaling security overview 23 Key management concepts 23 Public-key certificate concepts 25 Platform security overview 28 Unified Communications Management security services 28 Unified Communications Management security server roles 29 Security Domain Manager concepts 30 Linux security hardening 31 Internal communications security overview 36 ISSS/IPsec 36 Secure File Transfer Protocol concepts 38 Port access restrictions concepts 40 Linux Master Firewall Control 41 Media and signaling security overview 42 Nortel Communication Server 1000 Security Management Fundamentals NN43001-604 03.08 14 April 2010 Copyright © 2008-2010 Nortel Networks.
    [Show full text]
  • Secure Shell Encrypt and Authenticate Remote Connections to Secure Applications and Data Across Open Networks
    Product overview OpenText Secure Shell Encrypt and authenticate remote connections to secure applications and data across open networks Comprehensive Data security is an ongoing concern for organizations. Sensitive, security across proprietary information must always be protected—at rest and networks in motion. The challenge for organizations that provide access to applications and data on host systems is keeping the data Support for Secure Shell (SSH) secure while enabling access from remote computers and devices, whether in a local or wide-area network. ™ Strong SSL/TLS OpenText Secure Shell is a comprehensive security solution that safeguards network ® encryption traffic, including internet communication, between host systems (mainframes, UNIX ™ servers and X Window System applications) and remote PCs and web browsers. When ™ ™ ™ ™ Powerful Kerberos included with OpenText Exceed or OpenText HostExplorer , it provides Secure Shell 2 (SSH-2), Secure Sockets Layer (SSL), LIPKEY and Kerberos security mechanisms to ensure authentication security for communication types, such as X11, NFS, terminal emulation (Telnet), FTP support and any TCP/IP protocol. Secure Shell encrypts data to meet the toughest standards and requirements, such as FIPS 140-2. ™ Secure Shell is an add-on product in the OpenText Connectivity suite, which encrypts application traffic across networks. It helps organizations achieve security compliance by providing Secure Shell (SSH) capabilities. Moreover, seamless integration with other products in the Connectivity suite means zero disruption to the users who remotely access data and applications from web browsers and desktop computers. Secure Shell provides support for the following standards-based security protocols: Secure Shell (SSH)—A transport protocol that allows users to log on to other computers over a network, execute commands on remote machines and securely move files from one machine to another.
    [Show full text]
  • Qos: NBAR Protocol Library, Cisco IOS XE Release 3.8S
    QoS: NBAR Protocol Library, Cisco IOS XE Release 3.8S Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 C O N T E N T S 3COM-AMP3 through AYIYA-IPV6-TUNNELED 34 3COM-AMP3 35 3COM-TSMUX 36 3PC 37 9PFS 38 914C G 39 ACAP 40 ACAS 40 ACCESSBUILDER 41 ACCESSNETWORK 42 ACP 43 ACR-NEMA 44 ACTIVE-DIRECTORY 45 ACTIVESYNC 45 ADOBE-CONNECT 46 AED-512 47 AFPOVERTCP 48 AGENTX 49 ALPES 50 AMINET 50 AN 51 ANET 52 ANSANOTIFY 53 ANSATRADER 54 ANY-HOST-INTERNAL 54 AODV 55 AOL-MESSENGER 56 AOL-MESSENGER-AUDIO 57 AOL-MESSENGER-FT 58 QoS: NBAR Protocol Library, Cisco IOS XE Release 3.8S ii Contents AOL-MESSENGER-VIDEO 58 AOL-PROTOCOL 59 APC-POWERCHUTE 60 APERTUS-LDP 61 APPLEJUICE 62 APPLEQTC 63 APPLEQTCSRVR 63 APPLIX 64 ARCISDMS 65 ARGUS 66 ARIEL1 67 ARIEL2 67 ARIEL3 68 ARIS 69 ARNS 70 ARUBA-PAPI 71 ASA 71 ASA-APPL-PROTO 72 ASIPREGISTRY 73 ASIP-WEBADMIN 74 AS-SERVERMAP 75 AT-3 76 AT-5 76 AT-7 77 AT-8 78 AT-ECHO 79 AT-NBP 80 AT-RTMP 80 AT-ZIS 81 AUDIO-OVER-HTTP 82 AUDIT 83 AUDITD 84 AURORA-CMGR 85 AURP 85 AUTH 86 QoS: NBAR Protocol Library, Cisco IOS XE Release 3.8S iii Contents AVIAN 87 AVOCENT 88 AX25 89 AYIYA-IPV6-TUNNELED 89 BABELGUM through BR-SAT-MON 92 BABELGUM 93 BACNET 93 BAIDU-MOVIE 94 BANYAN-RPC 95 BANYAN-VIP 96 BB 97 BBNRCCMON 98 BDP 98 BFTP 99 BGMP 100 BGP 101 BGS-NSI 102 BHEVENT 103 BHFHS 103 BHMDS 104 BINARY-OVER-HTTP 105 BITTORRENT 106 BL-IDM 107 BLIZWOW 107 BLOGGER 108 BMPP 109 BNA 110 BNET 111 BORLAND-DSJ 112 BR-SAT-MON 112
    [Show full text]
  • Telnet Client 5.11 Ssh Support
    TELNET CLIENT 5.11 SSH SUPPORT This document provides This document describes how to install and configure SSH support in Wavelink Telnet Client 5.11. information on the SSH support available in Telnet Client 5.11 OVERVIEW OF SSH SUPPORT Secure Shell (SSH) is a protocol developed for transmitting private information over the Internet. SSH OVERVIEW encrypts data that is transferred over the Telnet session. • Overview of SSH The Telnet Client supports SSH version 1 and 2 and will automatically select the most secure protocol Support that the SSH server supports. • Installing Windows SSH Support This document describes the following: • Configuring the host • Installing Windows SSH support utility profile for SSH • Configuring the host profile for SSH support support • Deploying Windows • Deploying Windows SSH support to the device through Avalanche or ActiveSync SSH Support • Revision History INSTALLING WINDOWS SSH SUPPORT Installing SSH support is a two-step process. First, install SSH support on the PC from which you will deploy Telnet. Once you install SSH support on the PC, use Avalanche or ActiveSync to deploy the utility to the device. To install SSH support on your PC: 1. Obtain the installation executable for SSH support. NOTE: To obtain the Wavelink SSH support utility install, go to http://www.wavelink.com/downloads/ files/sshagreement.aspx. 2. Install SSH support on the PC from which you will deploy the Telnet Client. CONFIGURING THE HOST PROFILE FOR SSH SUPPORT SSH support is configured from the Host Profiles window of the configuration utility. NOTE: SSH is only an active option if SSH support has been installed on the PC running the Telnet Client configuration utility.
    [Show full text]
  • Netflix and Twitch Traffic Characterization
    University of Calgary PRISM: University of Calgary's Digital Repository Graduate Studies The Vault: Electronic Theses and Dissertations 2015-09-30 NetFlix and Twitch Traffic Characterization Laterman, Michel Laterman, M. (2015). NetFlix and Twitch Traffic Characterization (Unpublished master's thesis). University of Calgary, Calgary, AB. doi:10.11575/PRISM/27074 http://hdl.handle.net/11023/2562 master thesis University of Calgary graduate students retain copyright ownership and moral rights for their thesis. You may use this material in any way that is permitted by the Copyright Act or through licensing that has been assigned to the document. For uses that are not allowable under copyright legislation or licensing, you are required to seek permission. Downloaded from PRISM: https://prism.ucalgary.ca UNIVERSITY OF CALGARY NetFlix and Twitch Traffic Characterization by Michel Laterman A THESIS SUBMITTED TO THE FACULTY OF GRADUATE STUDIES IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR THE DEGREE OF MASTER OF SCIENCE GRADUATE PROGRAM IN COMPUTER SCIENCE CALGARY, ALBERTA SEPTEMBER, 2015 c Michel Laterman 2015 Abstract Streaming video content is the largest contributor to inbound network traffic at the University of Calgary. Over five months, from December 2014 { April 2015, over 2.7 petabytes of traffic on 49 billion connections was observed. This thesis presents traffic characterizations for two large video streaming services, namely NetFlix and Twitch. These two services contribute a significant portion of inbound bytes. NetFlix provides TV series and movies on demand. Twitch offers live streaming of video game play. These services share many characteristics, including asymmetric connections, content delivery mechanisms, and content popularity patterns.
    [Show full text]
  • Simulacijski Alati I Njihova Ograničenja Pri Analizi I Unapređenju Rada Mreža Istovrsnih Entiteta
    SVEUČILIŠTE U ZAGREBU FAKULTET ORGANIZACIJE I INFORMATIKE VARAŽDIN Tedo Vrbanec SIMULACIJSKI ALATI I NJIHOVA OGRANIČENJA PRI ANALIZI I UNAPREĐENJU RADA MREŽA ISTOVRSNIH ENTITETA MAGISTARSKI RAD Varaždin, 2010. PODACI O MAGISTARSKOM RADU I. AUTOR Ime i prezime Tedo Vrbanec Datum i mjesto rođenja 7. travanj 1969., Čakovec Naziv fakulteta i datum diplomiranja Fakultet organizacije i informatike, 10. listopad 2001. Sadašnje zaposlenje Učiteljski fakultet Zagreb – Odsjek u Čakovcu II. MAGISTARSKI RAD Simulacijski alati i njihova ograničenja pri analizi i Naslov unapređenju rada mreža istovrsnih entiteta Broj stranica, slika, tablica, priloga, XIV + 181 + XXXVIII stranica, 53 slike, 18 tablica, 3 bibliografskih podataka priloga, 288 bibliografskih podataka Znanstveno područje, smjer i disciplina iz koje Područje: Informacijske znanosti je postignut akademski stupanj Smjer: Informacijski sustavi Mentor Prof. dr. sc. Željko Hutinski Sumentor Prof. dr. sc. Vesna Dušak Fakultet na kojem je rad obranjen Fakultet organizacije i informatike Varaždin Oznaka i redni broj rada III. OCJENA I OBRANA Datum prihvaćanja teme od Znanstveno- 17. lipanj 2008. nastavnog vijeća Datum predaje rada 9. travanj 2010. Datum sjednice ZNV-a na kojoj je prihvaćena 18. svibanj 2010. pozitivna ocjena rada Prof. dr. sc. Neven Vrček, predsjednik Sastav Povjerenstva koje je rad ocijenilo Prof. dr. sc. Željko Hutinski, mentor Prof. dr. sc. Vesna Dušak, sumentor Datum obrane rada 1. lipanj 2010. Prof. dr. sc. Neven Vrček, predsjednik Sastav Povjerenstva pred kojim je rad obranjen Prof. dr. sc. Željko Hutinski, mentor Prof. dr. sc. Vesna Dušak, sumentor Datum promocije SVEUČILIŠTE U ZAGREBU FAKULTET ORGANIZACIJE I INFORMATIKE VARAŽDIN POSLIJEDIPLOMSKI ZNANSTVENI STUDIJ INFORMACIJSKIH ZNANOSTI SMJER STUDIJA: INFORMACIJSKI SUSTAVI Tedo Vrbanec Broj indeksa: P-802/2001 SIMULACIJSKI ALATI I NJIHOVA OGRANIČENJA PRI ANALIZI I UNAPREĐENJU RADA MREŽA ISTOVRSNIH ENTITETA MAGISTARSKI RAD Mentor: Prof.
    [Show full text]
  • BALG: Bypassing Application Layer Gateways Using Multi-Staged Encrypted Shellcodes
    Sebastian Roschke, Feng Cheng, Christoph Meinel: "BALG: Bypassing Application Layer Gateways Using Multi-Staged Encrypted Shellcodes" in Proceedings of the 12th IFIP/IEEE International Symposium on Integrated Network Management (IM 2011), IEEE Press, Dublin, Ireland, pp. 399-406, 5, 2011. ISBN: 978-1-4244-9219-0. BALG: Bypassing Application Layer Gateways Using Multi-Staged Encrypted Shellcodes Sebastian Roschke Feng Cheng Christoph Meinel Hasso Plattner Institute (HPI) Hasso Plattner Institute (HPI) Hasso Plattner Institute (HPI) University of Potsdam University of Potsdam University of Potsdam 14482, Potsdam, Germany 14482, Potsdam, Germany 14482, Potsdam, Germany Email: [email protected] Email: [email protected] Email: [email protected] Abstract—Modern attacks are using sophisticated and inno- easily penetrated by simple tunneling. IDS needs to handle vative techniques. The utilization of cryptography, self-modified efficient evasion techniques. ALGs provide more restrictions code, and integrated attack frameworks provide more possibili- for network access by combining filtering on the application ties to circumvent most existing perimeter security approaches, such as firewalls and IDS. Even Application Layer Gateways layer and IDS techniques, such as deep packet inspection. (ALG) which enforce the most restrictive network access can be Most of ALG implementations provide filtering due to ap- exploited by using advanced attack techniques. In this paper, plication layer protocol compliance and even allow to block we propose a new attack for circumventing ALGs. By using certain commands within a specific protocol. Although ALGs polymorphic and encrypted shellcode, multiple shellcode stages, enforce a very restrictive access policy, it is still possible to protocol compliant and encrypted shell tunneling, and reverse channel discovery techniques, we are able to effectively bypass circumvent such devices by using modern attack techniques.
    [Show full text]
  • User Interface Commands
    CHAPTER 2 User Interface Commands This chapter describes the commands used to access user and privileged EXEC command modes. It provides a description of the help command and features, lists the command editing keys and functions, and details the command history feature. This chapter also includes the EXEC commands that can be used to set various terminal parameters on a temporary basis (for the duration of a session). It includes the Telnet commands you can use to make a connection from a terminal to a remote router in order to configure the router. The commands to actually configure these parameters on a more permanent basis are provided in the “Terminal Line and Modem Support Commands” chapter in the Router Products Command Reference publication. You need enter only enough characters of a command to uniquely identify the command, thereby abbreviating the command syntax you type. For user interface task information and examples, refer to the “Understanding the User Interface” chapter of the Router Products Configuration Guide. User Interface Commands 2-1 clear line clear line Use the clear line EXEC command to return a terminal line to idle state. clear line line-number Syntax Description line-number Absolute line number Default None Command Mode EXEC Usage Guidelines Use this command to log out of a specific session running on another line. If the line uses a modem, the modem will be disconnected. Example In the following example, line 3 is reset: clear line 3 2-2 Router Products Command Reference connect connect To make a Telnet connection, enter the connect EXEC command at the system prompt.
    [Show full text]
  • VPN 3000 Series Concentrator Reference Volume II: Administration and Monitoring Release 3.6 August 2002
    VPN 3000 Series Concentrator Reference Volume II: Administration and Monitoring Release 3.6 August 2002 Corporate Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 526-4100 Customer Order Number: DOC-7814742= Text Part Number: 78-14742-01 THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS. THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY. The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California. NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
    [Show full text]