Issue #27: Networking

Sniffing Packets

I remember vividly the first time I saw somebody “online.” It was early in a morning of December 1994, in the hallways of the “Sciences 2” building of the University of Geneva. One of my classmates, who worked part-time as a professional software developer, was connected to a terminal with glowing yellow text over a dark brown background. To my question about what he was doing, he answered with a simple “I am downloading stuff from Apple’s server in California.”

There were so many things in that short phrase that I just could not immediately understand.

To begin with, international phone communications were insanely expensive in 1994. To the point that I regularly exchanged written letters (you know, the paper and ink kind) with the friends I had left behind in Argentina when I moved to Switzerland in 1991. A simple letter to Buenos Aires cost me 1.50 Swiss Francs back then; a direct phone call could easily rack tens of Swiss Francs per minute, far beyond my budget. Understandably enough, my first reaction was to think that my friend’s endeavours were going to cost him a fortune.

Fear not, he explained, “for I am connected over The Internet.”

Say what?

That short interaction was the first time I ever heard the name of the allmighty Network of Networks, the clumsily-named Information Superhighway, the future-proof Cyberspace.

I learnt, shortly after, that most universities were connected to one another with high-speed links, and that they exchanged research, data, documents, and even people sent each other “e-mail” (whatever that was) for a fraction of the cost of common telecommunication channels. As a student I could be a part of it. Thus, a few days later I got my own student account: my first Internet access ever, with the username kosmacze. It required me to login through small terminals, connected to a VAX minicomputer somewhere in the campus, itself running a version of VMS.

It is through that gloomy terminal that I discovered the joys of downloading shareware from ftp.funet.fi. It is there that I discovered mail, Usenet, Gopher (no, not the Go language mascot), talk (the ancestor to Microsoft Messenger and WhatsApp), and shortly after, a clickable thing called the World Wide Web, apparently created not far from where I was studying, in a NeXT workstation somewhere in the depths of CERN. Not far at all; just a 45 minute ride on bus 15 (there were no tramways back then on that line,) and boom, you have arrived to CERN.

Not long after that, I had lost almost all interest in my studies (I was supposed to graduate in Physics) and the ‘net became the greatest interest (and most important outcome) of my academic life.

It became an addiction, to be honest.

Around Autumn 1995 I saw a demo of Netscape Navigator in action; and thus I decided that I wanted to hook my home PC to the Internet. I downloaded Netscape for Windows 3.1 in the university campus, fled home, inserted the floppy disk, launched the app, and I was greeted with a laconic dialog box telling me that I did not have a thing called winsock.dll.

Say what?

It turns out that my operating system (well, if you dare call Windows 3.1 such a thing) did not include any kind of networking support. Of course I did not know that, and even better, I had no idea how to add it, and thus how to get my PC connected “online”. After a few questions on Usenet (which in many ways worked as a precursor to Stack Overflow) I ended up downloading Trumpet Winsock, and lo and behold, Netscape this time loaded without problems.

But I did not have a modem, and quickly found out that Netscape was not yet very useful without one.

To make a long story short, at some point during early 1996 I bought a cheap 14.4 kilobit per second modem, taking 10 minutes in average to download a single megabyte. Together with a monthly subscription to the new “Blue Window” service by Telecom PTT (soon to be renamed Swisscom), lo and behold, I was online.

Amazon was already there; instead of Google, one had Yahoo! and AltaVista; instead of Tumblr, there was GeoCities; no Gmail but HoTMaiL (yes, that was the original spelling.) Hotmail was quickly swallowed by Microsoft, became Passport, and now it is part of Office Online. Apparently though, using your @hotmail.com e-mail can be troublesome these days.

On August 29th, 1996, around 16:00 CET, I published my first web page. I remember precisely the moment. The mandatory “visit counter” stayed stubbornly low until I submitted my website to the AltaVista crawler. That early website, one of the 250’000 websites available on the web at that time, featured prominent characteristics from that era: horrendous background colors, animated GIFs, and rather simple font choices (Times New Roman, thank you so much) but, who cared. I was online.

I learnt HTML reading Elizabeth Castro’s magnificent “Visual Quickstart Guide”; I had not yet learnt any JavaScript, and CSS did not exist yet. Just use <TABLE> for layout and <FONT> tags to style your content, good luck.

As I said, I was online. I edited my files using HoTMetaL Pro, uploaded them with WS_FTP, all while listening to music playing in Mod4Win, or some Internet radio playing through RealAudio.

By 1997 I was already working as a “Web Developer” (that is what people called “Fullstack Developers” back then). Those were the times of EditPlus, ICQ, Photoshop 4, the ground-breaking Macromedia Dreamweaver, and of course its clumsy competitor, Microsoft FrontPage, also known in the industry as a generator of random HTML tag soups.

My employer allowed me to work from home (yes, in 1997) and for that matter provided me with a 56 kilobits per second 3Com modem, capable of downloading a whooping megabyte in just under 3 minutes. They even paid for a separate phone line just for being connected on the Internet at all times.

Looked from the perspective of the OSI model, my career started on the highest level of the hierarchy; the Application Layer, distributing content through its most prominent celebrity, the HTTP protocol. So now I was ready to dive deeper.

Exactly two years ago I told the story of how I took my first steps into packet sniffing, circa 2000:

I found a copy of CaptureNet, a freeware packet sniffer part of the SpyNet/PeepNet by Laurentiu Nicula; then I looked up for the port number used by MSN Messenger (it was 1863 in case you were wondering.) Finally I found out how to enable “promiscuous mode” in the network card in my laptop. (…)
Instantaneously, my screen started to show me the conversations my peers were having on MSN Messenger. And I mean all of it. (…) All on my screen, ready to read, without any encryption.
After changing the sniffing port to 80, I used CaptureNet’s uncanny feature of reconstructing the web pages. All of my colleagues browsing at that very moment (…) appeared in my laptop.

The relation between networking and security is obvious and painful. OpenBSD was designed to be secure from the ground up: back in 2001, that meant all “all non-essential services are disabled” by default, including network services. Unlike, say, Windows and its port 139 (aka NetBIOS) ready to welcome visits from Back Orifice users.

In 2002 I bought an iBook, and I downloaded Apple’s developer tools over my Swisscom-provided ADSL line. It took me 3 hours to get those 300 MB of IDEs, documentation (when it was still excellent), tools, and libraries; that is about 36 seconds per megabyte. That was 15 times faster than in 1996.

In 2020 I can npm install JavaScript packages at a sustained rate of 63 MB per second; that is, around 2300 times faster than in 2002, or around 35’000 times faster than 24 years ago. Always over yet another, this time more powerful, Swisscom-provided connection.

These days we can run Windows 2000 in our browsers, all virtual. In the case of Docker containers and Kubernetes clusters, networks are virtual, just like the machines connected through them. An infinite regression of (hopefully) encrypted packets traveling from one location in memory to another. We curl and ping and gping and scp, even if we should not. It is virtual until it is not.

These days huge proportions of mankind are “downloading stuff from Apple’s server in California” continuously, all the time. Macs are even uploading stuff continuously, all the time, for whatever reason.

In the world of the pandemic, our TVs are directly (or indirectly) connected to the Internet. Our cellphones have become Internet terminals. This magazine is on the Internet, and some of you contribute to it sending money over the Internet. We buy our groceries and books over the Internet. We have video conferences with our loved ones over the Internet. Many of our jobs literally consist of being on the Internet. Politics happen on the Internet with politicians that do not understand the Internet. Economics and sport news are distributed on the Internet. We watch probes on Mars and astronauts on the ISS live on the Internet. People are harassed and phished on the Internet. Governments struggle and then clumsily decide to regulate the wrong parts of the Internet.

The future is here, and it looks precisely like what many science fiction authors thought it would be. It is a state of addiction, and in a quite ironic twist, we are slowly becoming more and more disconnected from one another, sniffing IP packets as if it were a drug.

Cover photo by Leon Seibert on Unsplash.

Adrian Kosmaczewski is a software consultant and evangelist. He is a published writer, trainer and speaker. He holds a Master's degree from the University of Liverpool.