Home → Magazine Archive → April 2012 (Vol. 55, No. 4) → The Network Protocol Battle → Abstract

The Network Protocol Battle

By George V. Neville-Neil

Communications of the ACM, Vol. 55 No. 4, Pages 27-28

[article image]

A tale of hubris and zealotry.

The full text of this article is premium content


Marko Schuetz-Schmuck

Dear KV,

I agree with the statement "Tools are Useful", but knowing and being able to read a low-level representation goes boyond "preening themselves over their 1337 hex-dump reading skills".

All tools operate in specific contexts with very specific assumptions, e.g. as a standalone program that intercepts network traffic or reads a file that stores such traffic.

It is often helpful to be able to identify and/or parse the same kind of information outside of the context that the tool requires. Using the example of the IPv4 packet this might be when debugging a core dump and finding the hexdump of [[Figure 1] http://cacm.acm.org/magazines/2012/4/147357-the-network-protocol-battle/fulltext#F1 ] in some buffer. In my experience it is often that being familiar with the low-level representation is enormously helpful as it allows one to spot suspicious states and to investigate behavior in contexts where the dedicated tool is not available.

"Tools are useful", but so is just /seeing/ through the representation.


Displaying 1 comment