Teaching routing and network security — Daily log
Today I have been mostly teaching or preparing upcoming courses. I also had a nice lunch discussion with colleagues on DNS and the role of transaction IDs, but that story will have to wait until tomorrow!
I gave another networking course for first year's students today. This was the first practical session where they actually had to plug some cables around: you can imagine the excitement but also the mess! To make things even easier, the course was in a new networking lab I had never been before, so I had to improvise with the hardware lying around.
The students learnt how to configure network interfaces (
netstat on FreeBSD), and they had to use their prior knowledge
of packet capture and
ping to troubleshoot when things didn't work as
expected. They had to form a simple "chain" topology (shown below) with
two subnets, and the computer in the middle needed to be configured as a
router. They needed to figure out that static routes were required on
both edge computers, so that they knew how to reach the remote subnet
through the router. Finally, they looked in details at the behaviour of
ARP and the scope of MAC addresses.
Network security course
I then prepared an upcoming practical session on network security with a
colleague working for Quarkslab. I already
have a good part of the course ready from last year on firewalling and
advanced uses of
iptables (including compiling custom BPF programs!).
My colleague wants to add a part where students will practice ARP
spoofing, so we looked at how to integrate that with the existing content.
Interestingly, he showed me how to automate virtual machine generation using Packer. This should be really helpful for future teachers in this course: they will be able to easily customize and rebuild the virtual machine images used by the students! Last year, I installed and configured the virtual machine manually, which makes it hard to update it or apply the same modifications to a new VM image.