The TLS Handshake:
Everything that happens between YOU and the WEBSITE you are visiting in order to get that coveted padlock. 🔒
Explained in a Twitter thread. 🧵
#ssl
#tls
#cybersecurity
I've been in the networking industry nearly 20 years, and I have never heard an explanation of Layer 5, 6, and 7 of the OSI model that I liked.
So I created my own =)
👉 Why is Twisted Pair cabling the most popular type of Network Cabling?
The first blog post I ever wrote was a deep dive into Ethernet. In honor of that, my first Twitter Thread is going to be a subset of that article which answers the question above.
0/12
#utp
#networking
1/14 Network Address Translation
Twitter Thread to demystify all the concepts of NAT from a practical perspective with clear illustrations of each type of translation.
First, let's clearly define the Terms that make up all NAT Translations:
Static / Dynamic
NAT / PAT
@danieldibswe
You can also just "ping 1.1" (no, not a typo).
It's become my go to, instead of 8.8.8.8. You know... because of how much time I save by avoiding having to type those extra 4 digits.
;)
Ok, My turn to give away 1000 free seats to my OSPF course in partnership with
@davidbombal
=)
Because of how Udemy does coupons, this will be the last set we can give away in May.... but follow us for whatever giveaways might occur in June ;)
What if learning Networking was easy?
What if there was a free video series that existed which taught Networking from the ground up, in a methodical and practical way?
I could tell you I created such a series... but I'd rather you hear it from others.
🔐🔒 Free TLS / SSL Infographics! 🔒🔐
These are from my SSL Deep Dive course: Practical TLS.
The course was recently updated with 20+ new lessons covering TLS 1.3.
And by popular request, I'm extending my TLS 1.3 promotion another two weeks:
📢 I just added three modules (22 lessons!) to my TLS deep dive course: Practical TLS.
Which means my "working on TLS 1.3 content" promotion is coming to an end. ($297 course, for only $50!)
More details:
Take advantage of it while you still can =)
Have you ever explained TCP and UDP to someone, and gone through all the cool features TCP provides... and they come away thinking UDP sucks?
Yea... me too!
This prompted a video that speaks specifically to UDP, and why it doesn't suck =).
Alright Twitter... I've released my full, deep dive lesson of the TLS 1.2 handshake.
In the video I unpack EVERYTHING the Client and the Server know, and everything they exchange in order to secure data transfer with SSL / TLS
#ssl
#tls
#cryptography
What if I told you that you could understand 90% of TCP with only 12 key ideas?
That is how I (attempt to) explain TCP in this recent video:
Sequence numbers, acknowledge numbers, window size, three way handshake... All this and more.
#tcp
#networking
TCP in 12 simple ideas:
Sequence Numbers, Acknowledge Numbers, Window size, and SYN ACK FIN RST flags... Explained through a simulated TCP conversion between Alice and Bob
#tcp
#networking
#internet
Sequence Numbers, Acknowledgement Numbers, Window Size, Flow Control, and all the flags: SYN, ACK, FIN, RST -- these are the core components of TCP.
And in this video I explain how TCP uses each in 12 simple ideas:
#tcp
#networking
#ccna
What if there was an easier way to explain Networking?
A way that eased you through to the deeper parts, and gave you a framework by which to understand everything else in computer networking.
What if that way helped you pass job interviews?
How many of you heard the phrase "TCP is Connection Oriented"
... and then thought: "Wait, what does that actually mean !?"
I know I sure did. So I made sure to define it, and a bunch of other TCP Facts (and Myths) in this video I just released:
📣 GIVEAWAY ALERT: I'm giving away 10 FREE seats to my Practical TLS course
To enter: (1) Post a comment on any of my 3 videos covering TLS 1.3 content, and/or (2) Retweet this tweet
📺 TLS 1.3 Changes -
📺 Cipher Suite
The TLS 1.3 Handshake is DRASTICALLY different than the TLS 1.2 handshake.
Compare it to the TLS 1.2 handshake in this thread:
If you want to *really* understanding TLS, my Practical TLS course is currently on a Black Friday sale:
Ok, it's happening, the Black Friday 2023 sale for my Practical TLS course is live!
to purchase, use coupon code BF2023
$297 course for only $50
This is *the* course if you want to really "get" how SSL & TLS work.
But don't take my word for it...
Ok, it's happening, the Black Friday 2023 sale for my Practical TLS course is live!
to purchase, use coupon code BF2023
$297 course for only $50
This is *the* course if you want to really "get" how SSL & TLS work.
But don't take my word for it...
What are some content creators you like in the Network Engineering / Network Security space ?
I'm hoping to bring some attention to some hidden gems with less then 200k subscribers on YouTube.
Please tag them and/or share a link to their channel!
Thanks =)
📣 GIVEAWAY ALERT: I'm giving away 10 FREE seats to my Practical TLS course
To enter: (1) Post a comment on any of my 3 videos covering TLS 1.3 content, and/or (2) Retweet this tweet
📺 TLS 1.3 Changes -
📺 Cipher Suite
TCP 3-Way Handshake -- a mini 🧵
Below are infographics illustrating the packet headers for the infamous SYN, SYN ACK, and ACK.
The 3-way handshake starts every TCP connection. It establishes the Sequence numbers that will be used by either party.
#tcp
#networking
#ccna
Released a new video in my Practical OSPF Series:
In the video we explore the Election process for DR/BDR, and what happens when a Routing Updates needs to be sent from the DR, BDR, and DRothers.
Please RT/Tag someone you know studying OSPF. =)
@CyberPatronMC
Thank you for the mention =).
For those interested, here is my Networking Fundamentals series -- available for free:
Vendor and Certification agnostic -- this will help everyone, in any tech discipline, understand how computer networking works.
The holidays are upon us, and rather than a typical "here's a discount to my course" I'm doing something extra.
In the spirit of gift giving, buy my course for just $75 (normally $297) and I'll throw in a free pass for a friend.
🎄🎁🎅🕯️✡🕎
Details:
Yes! There is a big difference between Dynamic NAT and Dynamic PAT. This is a frequent confusion spot for many CCNA (& CCNP) candidates.
Dynamic PAT:
Dynamic NAT:
Twitter Thread explaining all the NATs:
#YesterdaysCCNAQuestion
Well done if you answered
Dynamic NAT
As this was correct.
It was not PAT because there is no mention of overload or port translations occurring.
Wohoo! My OpenSSL course with
@davidbombal
just went live!
To celebrate the release, David is giving away 1000 free spots. Use the link in his tweet to get the code.
#openssl
#pki
#ssl
#tls
Struggling with Subnetting? EVERYONE does at first! Until they find a method that clicks.
I love seeing comments like this 😃
As someone who also once thought they were not smart enough, this transformation is exactly why I created this series.
I learned something interesting while working on my OSPF series... For fun, here's a trivia question:
If R3 is the only OSPF Router on the 10.0.3.0/24 network, connected via Ethernet, will R3 advertise the 10.0.3.0/24 network using a Type 1 or Type 2 LSA?
#ospf
#ccna
#ccnp
A few weeks ago, I reached a Youtube milestone - crossing 200k. This feels surreal, exhilarating, and humbling.
As a believer of "a rising tide lifts all ships", I want to use this occasion to shine light on creators that have helped me in my journey:
I just reached a new milestone... a single video crossed 1 million views! =)
That's wild! When it released, I thought it would be the least interesting video in the series.
Who knew a video about Network Protocols would gain so much traction?
New Video: Using Telnet to mimic your browsers HTTP request to download an HTML page.
One of my favorite demonstrations for students learning networking.
As a bonus, this video introduces you to the *greatest* website ever created...
;)
#networking
How much of a demand is there for IKEv1 content?
If I did a 4 hour webinar / deep dive on IKEv1, who would be interested in attending?
Like/Reply if you'd be interested. Retweet to get a wider audience. I'll use the engagement metrics to determine if this will happen.
📢 I just added three modules (22 lessons!) to my TLS deep dive course: Practical TLS.
Which means my "working on TLS 1.3 content" promotion is coming to an end. ($297 course, for only $50!)
More details:
Take advantage of it while you still can =)
For anyone in my network that is studying for CCNA... Consider following
@mymindsmadness
for really well thought out CCNA questions.
To include possible weekend troubleshooting questions. =)
Todays
#DailyCCNAQuestion
is a little different.
On weekends I would like to introduce at least 1
#Tshooter
to help people prepare for the labs involved in
#CCNA
exam.
I ask a question, provide a packet tracer download. You find the problem, and answer the poll.
sound fun?
@danieldibswe
Anytime I teach Networking I use this framework for the OSI model:
OSI Model - Part 1 - L1, L2, L3
OSI Model - Part 2 - L4, L5-7, Encapsulation
I find this method of talking through it tends to make networking "click" for most.
In 24 hours I'll be doing a deep dive on OSPF LSAs.
If you've ever been confused on what *exactly* is inside LSAs, then you won't want to miss this.
Tomorrow, 4p PDT. No cost (see FAQ). Register here:
In a way... the ultimate goal of every teacher is to create other teachers.
There are frequently thankful comments on my feed, but this one stood out as it touched on a core purpose for the content I create:
To teach in a way that makes the knowledge easy to pass on.
Don't miss this chance to get
@davidbombal
's courses for free!
To David: Happy Birthday!
It's an honor to partner with you to create courses.
You were instramental in my initial Networking learning journey. Thank you for all you do for the community!
Youtube Milestone ... 100k subscribers =). What a journey.
As for what's next... well I thought I would ask "the people" what they want. =)
Please vote here for what you want next from Practical Networking:
In March, I'm going to make another module of my Practical TLS deep dive course free... and YOU get to pick! Reply with the module of your choice =)
Module 1 & 2 are already available free on YT:
More details on the course:
I'm thrilled to share my Practical TLS course with the We Hack Purple community =).
If you're unaware,
@wehackpurple
is a wonderful place to learn about
#appSec
& writing secure code!
Nearly all software communicates over a network, and therefore should be protected by SSL =)
🤔 Banging your head against the keyboard over SSL and TLS?
Don't worry, you're not alone.
🤩 Luckily, the
#WHPAcdemy
released a course on Practical TLS with professor
@ed_pracnet
!
Check it out:
Just released the first part of a three-part OSPF LSA deep dive series! This video covers LSA Type 1 and 2.
Next video will cover Type 3 LSAs, and the final video will cover Type 4 & 5 LSAs.
@IamTheCyberChef
@packetpioneer
Thanks for the shout out =).
For those of you looking for a starting point, this is the series you want to watch to learn Networking:
😊😊 Comments like these make me smile =).
It's a thrill to hear that your training videos on Youtube are hitting home with current and future engineers =).
Link to the video from this comment:
Another comment series that cheered me up 😁. (read the bottom one first)
A lot of the videos I create are from years of interviewing candidates for Networking roles and seeing common confusion points. My goal with many videos is specifically to help folks pass job interviews.
The more I learn, the more I realize how much there is that I *didn't* know.
I thought I knew much more in my first few years of Networking than I do now later in my career.
Can anyone else relate?
Latest infographic...BGP Mega Cheat Sheet🔥
✅eBGP vs iBGP
✅BGP State process
✅BGP Route Selection decision tree
✅BGP attributes (examples & defaults)
✅BGP Timers & Message Types
Couldn't find any graphic that had it all, so I made it🤝
Subscribe to
Hey all, I'm going to run through my OSPF LSA training content that I will one day be adding to my OSPF training series on Youtube.
Join me next Thu, 5/19, at 4p PDT:
Planning to cover LSAs Type 1/2/3/4/5, and if there's time, 7.
Recently I recorded a 6-part practical OpenSSL demo with
@packetpushers
.
In the demo I ran through some of the most common OpenSSL commands and how and when you would need to use them.
All the commands are in this handy OpenSSL Cheat Sheet:
#openssl
TLS 1.3 Handshake:
It's significantly different from the TLS 1.2 (and prior) handshake:
Want to *really* understand TLS 1.3? Look no further than my TLS course which is still on holiday promotion for 3 more days:
The holidays are upon us, and rather than a typical "here's a discount to my course" I'm doing something extra.
In the spirit of gift giving, buy my course for just $75 (normally $297) and I'll throw in a free pass for a friend.
🎄🎁🎅🕯️✡🕎
Details:
To anyone in my audience who might be interested in Video Editing:
Davinci Resolve from
@Blackmagic_News
is incredible and available at the very affordable price of $0.
And for tutorials on how to use it, I can't recommend
@MrAlexTech
's content enough:
Rebuilding an OSPF topology is a wonderful exercise to walk through the learning OSPF.
This was a fun video to make, a fun collaboration with
@JeremysITLab
=)
In my preparation for the Cisco CCNP Enterprise ENARSI exam I have looked at how
@ed_pracnet
has rebuilt
@JeremysITLab
OSPF area 0 network just by looking at one routers LSDB.
A nice view on how OSPF works
Nearly 18 months ago I published this video on how Switches work:
I was responding to grateful YT comments and watched it again and it reminded me how proud I was of how the video came together.
Teaching is often a labor of love ...
Hey... fellow instructors out there... how would you feel if someone recreated your course slides, nearly word for word, and published them elsewhere?
Of course, no one "owns the knowledge", but the slide bullets, and structure, and graphics can certainly be copied.
Reminder: Tomorrow I'm offering a free, live Subnetting class @ 2:00p PST / 5p EST.
No registration required:
If you know people/communities that are trying to get through Subnetting, please tag them and/or retweet. Thank you.
#networking
#ccna
Whoa cool... I just came across
@webernetz
's "Ultimate PCAP" -- a single PCAP file with 70+ different protocols. This is super useful to have handy to quickly look at a pcap. Good stuff!
Johannes, are you planning an updated version? =)
I just posted the last of my 3-part mini series on OSPF Authentication.
There is a link to each video, and timestamps for each subtopic posted here:
This is lesson 19, 20, and 21 from my Practical OSPF Series:
#ccnp
#ospf
#ccna
One of the ways that TLS 1.3 is different is that it creates up to 11 distinct session keys each session.
For example, notice different keys protect the Handshake vs the Application data:
Each of these 11 keys are created via the TLS 1.3 Key Schedule:
The TLS 1.3 Handshake is DRASTICALLY different than the TLS 1.2 handshake.
Compare it to the TLS 1.2 handshake in this thread:
If you want to *really* understanding TLS, my Practical TLS course is currently on a Black Friday sale:
Youtube Milestone Achieved .... 75k =)
Fun fact, my most viewed video is the first video I ever published... with terrible audio and all sorts of very obvious nerves.
My 2nd most viewed video is much, much cleaner polished:
I've been playing with ChatGPT / Dall-E to create a new course image for my Practical TLS course.
What do you all think of some of these ? Any favorites?
I'm putting together the content for the TLS 1.3 Module of my TLS course... and I have to say, this resource by
@xargsnotbombs
is incredible.
I really wish something like this existed 10~ years ago when I was first learning TLS. Great stuff, Michael.
Hi
@hackinarticles
, I see you like sharing infographics...
I made this infographic illustrating the TLS handshake... and explained every piece of it in this twitter thread.
Would it be helpful to your audience?
#tls
#ssl
#infographic
#CyberSecurity
The TLS Handshake:
Everything that happens between YOU and the WEBSITE you are visiting in order to get that coveted padlock. 🔒
Explained in a Twitter thread. 🧵
#ssl
#tls
#cybersecurity
@metal_jedi
@danieldibswe
It's actually a result of the IPv4 interpreter: inet_aton. So it's possible it won't work on all OS's.
But the crux is an IPv4 address can be:
a.b.c.d (as we know it)
or
a.b
Where "a" represents the first 8 bites, and "b" represents the last 24 bits
Want a *practical* take on Cryptography, Encryption, Hashing, SSL, TLS, and everything else in that world?
If so, join WHP's event tomorrow at 9a PST where I'll be unpacking all of those concepts and as many more as we have time for =)
The event and the WHP community is free =)
Get answers to all the questions you've ever had about encryption, web security, and the meaning behind the padlock icon in your browser's address bar tomorrow with
@ed_pracnet
!
RSVP in the community:
RSVP via our newsletter:
For those of you following
@shehackspurple
and
#CyberMentoringMonday
...
If you’re interested in learning about Cryptography, I have created some free resources for you, check them out!
Hashing, Hashing Algorithms, and Collisions:
(more below!)
If you missed it the first time around, there's still an opportunity to claim free access to my OpenSSL course with
@davidbombal
. See the link in David's tweet below!
1/12
There are two main reasons UTP (Twisted Pair cabling) become the most widely used network cabling.
Both reasons have to do with Electromagnetic Interference (EMI).
🤔How important are the finer details of OSPF authentication?
Trying to determine "how deep" I should go on authentication for my
#OSPF
series.
Should I simply teach the commands? Or go into the depth of how key rotation works, and the duplicating of packets for every key?
"The big thing the Networking industry has succeeded at very well is building a hugely complex system that no one needs to know about."
-- Quote by
@petergjones
on his interview with
@davidbombal
So true. It's good to step back and recognize the beauty of the Internet.
I'm writing out a Twitter Thread explaining SSL & TLS -- i.e., everything that happens to get you that famous padlock 🔒
Weighing up whether I should go heavier or lighter on the details.
Heavier would be 20-30 tweets, lighter would be 12-20 tweets.
What do you think?
I had the privilege of writing an article for
@packetpushers
. The topic was based on an OSPF thought experiment:
Are there cases where you can get away with duplicate Router ID's within an OSPF domain?
The answer: Yes... sometimes. Read on to find out more =)
#ospf
#ccnp
A student asked about note taking strategies in my Discord. I thought it would make for an interesting discussion:
What is your personal Note taking strategy when learning new concepts?
(mine is below)
@Cyb3rJess
Failing cert exams happens to the best of us. Don't let it get you down. =)
I'll make you a deal...watch my Networking Fundamentals series, and if it doesn't make Networking "click" for you, I'll give you a free 1 hour mentoring session on any Net+ topic.
I guess I'm a month late, but just saw this and I was snickering throughout.
Worth a watch if you are in networking and need a chuckle
Well done, Lexie. =)
@_DeejustDee
It's because there are a _lot_ of bad explanations about PKI out there.
Here is my 5min take on defining what a "PKI" is:
I'd also recommend pairing it with this one:
Looks like it ran out. Congrats to the 1000 of you took advantage of it =). Hope you enjoy it!
To those that missed it... I'm doing another 1000 later this week.
The next one will be during the evening to help balance out the next 1000 across multiple time zones.
Happy holidays, everyone. Hope each of you can take time to disconnect from the online world and reflect on what's most important.
For those that haven't seen it, my Practical TLS course is on a "gift themed" promotion until the end of the year.
=)
The holidays are upon us, and rather than a typical "here's a discount to my course" I'm doing something extra.
In the spirit of gift giving, buy my course for just $75 (normally $297) and I'll throw in a free pass for a friend.
🎄🎁🎅🕯️✡🕎
Details:
Any other Computer Engineers here that want to learn Networking? Look no further than my Networking Fundamentals series:
But don't take my word for it. See what Rafael, a Computer Engineer fo 30 years has to say:
#developers
#computerscience
Packet People! Next monday and tuesday (Aug 7/8th) I will be live on the O'Reilly platform to teach a TCP/IP Deep Dive with Wireshark course. Come check it out!
#wireshark
2/12
🅰️The first reason is that using a PAIR of wires greatly reduces the outbound EMI emission.
🅱️The second reason is that TWISTING them around each other greatly reduces the effect of inbound, or induced, EMI.
5/12
But why are they Twisted around each other?
Effectively, the twisting allows either wire to "take turns" being closest to various sources of other stray EMI.
Consider this illustration:
New TLS 1.3 Video: Changes in TLS 1.3 related to the TLS Handshake:
This is one of the videos included in the promotion for 10 free seats to my Practical TLS course.
To enter, see the Tweet below:
Drawing will occur June 30!
📣 GIVEAWAY ALERT: I'm giving away 10 FREE seats to my Practical TLS course
To enter: (1) Post a comment on any of my 3 videos covering TLS 1.3 content, and/or (2) Retweet this tweet
📺 TLS 1.3 Changes -
📺 Cipher Suite