Commit e78fa1b

bryfry <bryon@fryer.io>
2016-11-01 16:38:30
networking questions
master
1 parent 8c54ce4
Changed files (3)
corpus
ethernet.csv
packet_capture.csv
unix_networking.csv
corpus/ethernet.csv
@@ -0,0 +1,29 @@
+#ethernet
+the hexadecimal EtherType for IPv4 is 0x????,0800,ethernet
+the hexadecimal EtherType for IPv6 is 0x????,86DD,ethernet
+the hexadecimal EtherType for ARP is 0x????,0806,ethernet
+the hexadecimal EtherType for VLAN is 0x????,8100,ethernet
+how many btyes is the EtherType in an ethernet frame?,2,ethernet
+how many bytes is the destination MAC address in an ethernet frame?,6,ethernet
+how many bytes is the source MAC address in an ethernet frame?,6,ethernet
+how many bytes is the CRC in an ethernet frame?,4,ethernet
+[T/F] given ether[12:2] = 0x0800 it is an 802.3 frame,F,ethernet
+[T/F] given ether[12:2] = 0x0800 it is an Ethernet II frame,T,ethernet
+[T/F] given ether[12:2] = 0x0200 it is an 802.3 frame,T,ethernet
+[T/F] given ether[12:2] = 0x0200 it is an Ethernet II frame,F,ethernet
+[T/F] if ether[12:2] > 0x0600 it is an 802.3 frame,F,ethernet
+[T/F] if ether[12:2] < 0x0600 it is an Ethernet II frame,F,ethernet
+[T/F] if ether[12:2] < 0x0600 it is an 802.3 frame,T,ethernet
+[T/F] if ether[12:2] > 0x0600 it is an Ethernet II frame,T,ethernet
+the total maximum size of an Ethernet II or 802.3 frame in bytes: ????,1518,ethernet
+the maximum payload size of an Ethernet II or 802.3 frame in bytes: ????,1500,ethernet
+the minimum frame size of an Ethernet II or 802.3 frame in bytes: ??,64,etherent
+
+# broadcast/collision domains
+[T/F] a router, by default, sends broadcast frames to other networks,F,ethernet
+[T/F] a router, by default, does not send broadcast frames to other networks,T,ethernet
+[T/F] VLANs are used to separate broadcast domains,T,ethernet
+VLAN ids range is from 1-????,4095,ethernet
+A hub is considered a layer [?] device because it simply replicates waveforms,1,ethernet 
+A switch is considered a layer [?] device,2,ethernet
+A router is considered a layer [?] device,3,ethernet
corpus/packet_capture.csv
@@ -11,6 +11,7 @@ which flag specifies the file to write to: tcpdump -w [?],w,packet_capture
 which flag prints each packet in ASCII: tcpdump -[?],A,packet_capture
 which flag prints each packet in hexadecimel: tcpdump -[?],x,packet_capture
 which flag prints each packet in hexadecimel and ASCII: tcpdump -[?],X,packet_capture
+
 # any interface: tcpdump -i [?],any,packet_capture
 # limit to number of packets,c,
 # filters: dst
@@ -32,5 +33,21 @@ which flag specifies the file to read from: tshark -[?] file,r,packet_capture
 
 # bpf 
 the bpf abbreiviation for Ethernet portion of a frame,ether,packet_capture
-the bpf abbreviation for the Internet Protocol v4 portion of a frame,packet_capture
+the bpf abbreviation for the Internet Protocol v4 portion of a frame,ip,packet_capture
 the bpf abbreviation for an ICMP portion of a frame,icmp,pacet_capture
+which flag will print the compiled bpf filter: tcpdump -[?] ether[12:2],d,packet_capture
+bpf compiled filter which loads a full word (4 bytes) into the default register,ld,packet_capture
+bpf compiled filter which loads a half word (2 bytes) into the default register,ldh,packet_capture
+bpf compiled filter which loads a single byte into the default regisger,ldb,packet_capture
+bpf compiled filter which jumps to locations if the supplied value and the default register are equal,jeq,packet_capture and the default register
+the A register is equal to 0x0200, where will this bpf compiled filter jump to? jeq #0x020 jt 3 jt 4,3,packet_capture
+the A register is equal to 0x0201, where will this bpf compiled filter jump to? jeq #0x020 jt 3 jt 4,4,packet_capture
+the bpf compiled filter which jumps to locations based on the bitwise "&" of the supplied value and the default register,jset,packet_capture
+the bpf compiled filter which quits and returns the number of bytes specified,ret,packet_capture
+bpf will translate this expression into what type of load: a[0:1],ldb,packet_capture
+bpf will translate this expression into what type of load: a[0:2],ldh,packet_capture
+bpf will translate this expression into what type of load: a[0:4],ld,packet_capture
+bpf shortcut for matching either source or destination MAC address: ether [?] <MAC>,host,packet_capture
+bpf shortcut for matching source MAC address: ether [?] <MAC>,src,packet_capture
+bpf shortcut for matching destination MAC address: ether [?] <MAC>,dst,packet_capture
+bpf shortcut for matching multicast addressed ethernet frames: ether [?],multicast,packet_capture
corpus/unix_networking.csv
@@ -0,0 +1,5 @@
+
+# ping
+which flag limits the number of ICMP packets: (unix) ping -[?] 1,c,unix_networking
+which flag specifies the size of the ICMP packets: (unix) ping -[?] 100,s,unix_networking
+which flag specifies the interface the ICMP packet will exit: (unix) ping -[?] eth0,i,packet_capture