Understanding Network Hacks: Attack and Defense

with Python 3 2nd Edition Bastian Ballmann

download

https://textbookfull.com/product/understanding-network-hacks-
attack-and-defense-with-python-3-2nd-edition-bastian-ballmann/

Download more ebook from https://textbookfull.com

We believe these products will be a great fit for you. Click
the link to download now, or visit textbookfull.com
to discover even more!

Advanced ASP.NET Core 3 Security: Understanding Hacks,

Attacks, and Vulnerabilities to Secure Your Website 1st
Edition Scott Norberg

https://textbookfull.com/product/advanced-asp-net-
core-3-security-understanding-hacks-attacks-and-vulnerabilities-
to-secure-your-website-1st-edition-scott-norberg/

Cybersecurity attack and defense strategies

infrastructure security with Red team ens Blue team
taxtics 1st Edition Yuri Diogenes

https://textbookfull.com/product/cybersecurity-attack-and-
defense-strategies-infrastructure-security-with-red-team-ens-
blue-team-taxtics-1st-edition-yuri-diogenes/

Cybersecurity attack and defense strategies

infrastructure security with Red team ens Blue team
taxtics 1st Edition Yuri Diogenes

https://textbookfull.com/product/cybersecurity-attack-and-
defense-strategies-infrastructure-security-with-red-team-ens-
blue-team-taxtics-1st-edition-yuri-diogenes-2/

Transformers for Natural Language Processing Build

train and fine tune deep neural network architectures
for NLP with Python PyTorch TensorFlow BERT and GPT 3
2nd Edition --
https://textbookfull.com/product/transformers-for-natural-
language-processing-build-train-and-fine-tune-deep-neural-
network-architectures-for-nlp-with-python-pytorch-tensorflow-
Python 2 and 3 Compatibility: With Six and Python-
Future Libraries Nanjekye

https://textbookfull.com/product/python-2-and-3-compatibility-
with-six-and-python-future-libraries-nanjekye/

Network Defense and Countermeasures: Principles and

Practices 3rd Edition Chuck Easttom

https://textbookfull.com/product/network-defense-and-
countermeasures-principles-and-practices-3rd-edition-chuck-
easttom/

Applied Network Security Proven tactics to detect and

defend against all kinds of network attack 1st Edition
Arthur Salmon

https://textbookfull.com/product/applied-network-security-proven-
tactics-to-detect-and-defend-against-all-kinds-of-network-
attack-1st-edition-arthur-salmon/

Python Network Programming Cookbook Kathiravelu

https://textbookfull.com/product/python-network-programming-
cookbook-kathiravelu/

Learn to Program with Python 3: A Step-by-Step Guide to

Programming, 2nd Edition Irv Kalb

https://textbookfull.com/product/learn-to-program-with-
python-3-a-step-by-step-guide-to-programming-2nd-edition-irv-
kalb/
Bastian Ballmann

Understanding
Network Hacks
Attack and Defense with Python 3
2nd Edition
Understanding Network Hacks
Bastian Ballmann

Understanding Network
Hacks
Attack and Defense with Python 3
2nd Edition
Bastian Ballmann
Uster, Switzerland

ISBN 978-3-662-62156-1 ISBN 978-3-662-62157-8 (eBook)

https://doi.org/10.1007/978-3-662-62157-8

© Springer-Verlag GmbH Germany, part of Springer Nature 2015, 2021

This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of the
material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation,
broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storage
and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or
hereafter developed.
The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication does
not imply, even in the absence of a specific statement, that such names are exempt from the relevant protective
laws and regulations and therefore free for general use.
The publisher, the authors and the editors are safe to assume that the advice and information in this book
are believed to be true and accurate at the date of publication. Neither the publisher nor the authors or the
editors give a warranty, expressed or implied, with respect to the material contained herein or for any errors
or omissions that may have been made. The publisher remains neutral with regard to jurisdictional claims in
published maps and institutional affiliations.

Responsible Editor: Martin Börger

This Springer imprint is published by the registered company Springer-Verlag GmbH, DE part of Springer
Nature.
The registered company address is: Heidelberger Platz 3, 14197 Berlin, Germany
For data travelers, knowledge hungry, curious,
network-loving lifeforms who like to explore and
get to the bottom of thing.
Foreword

Doesn’t this book explain how to break into a computer system? Isn’t that illegal and a
bad thing at all?
I would like to answer both questions with no (at least the second one). Knowledge is
never illegal nor something bad, but the things you do with it.
You as an admin, programmer, IT manager or just an interested reader cannot protect
yourself if you don’t know the techniques of the attackers. You cannot test the effective-
ness of your firewalls and intrusion detection systems or other security related software if
you are not able to see your IT infrastructure through the eyes of an attacker. You cannot
weigh up the danger to costs of possible security solutions if you don’t know the risks
of a successful attack. Therefore it is necessary to understand how attacks on computer
networks really work.
The book presents a selection of possible attacks with short source code samples to
demonstrate how easy and effectively and maybe undetected a network can be infiltrated.
This way you can not only learn the real techniques, but present them to your manager
or employer and help them in the decision if it would make sense to care a little bit more
about IT security. At the end of the book you should be able to not only understand how
attacks on computer networks really work, but also to modify the examples to your own
environment and your own needs.
Sure, the book also tells those bad guys how to crack the net and write their own
tools, but IT security is a sword with two sharp blades. Both sides feed themselves off
the same pot of knowledge and it is an continuous battle, which the protecting side can
never dream of winning if it censors itself or criminalizes their knowledge!

vii
Introduction

Who should Read this Book?

This book addresses interested Python programmers who want to learn about network
coding and to administrators, who want to actively check the security of their systems
and networks. The content should also be useful for white, gray and black hat hackers,
who prefer Python for coding, as well as for curious computer users, who want to get
their hands on practical IT security and are interested in learning to see their network
through the eyes of an attacker.
You neither need deep knowledge on how computer networks are build up nor in pro-
gramming. You will get throught all the knowledge you need to understand the source
codes of the book in Chaps. 2 and 3. Readers, who know how to program in Python and
dream in OSI layers or packets headers can right away jump to Chap. 5 and start having
fun at their device.
Of course a book like this needs a disclaimer and the author would be happy if all
readers only play on systems they are allowed to do so and use the information of this
book only for good and ethical actions otherwise you maybe breaking a law depending
on the country your device is connected in.
The length of the book doesn’t allow for in depth discussion of all topics. You will
only get somewhat more than the basics. If you want to dig deeper you should afterwards
get some special lecture in your special field of interest.

The Structure of the Book

The different hacks are grouped by network protocols and every chapters content is
ordered by difficulty. You can read the book in the order you like except the both intro-
duction chapters about networks (Chap. 2) and Python (Chap. 3).
The code samples are printed unshortened therefore you can just copy and use them
without worrying about incremental changes or addons. All source codes presented in
this book can also be found on Github at https://github.com/balle/python-network-hacks.

ix
x Introduction

At the end of each chapter you will find a selection of tools also written in Python that
attack the described protocol in a more detailed way.
Thanks to the basic knowledge learned in the chapter it shouldn’t be too hard to read
and understand the source code of the tools.

The Most Important Security Principles

The most important principles in building a secure network of the authors point of view
are:

1. Security solutions should be simple. A firewall rule-set that no one understands, is

a guarantee for security holes. Software that’s complex has more bugs than simple
code.
2. Less is more. More code, more systems, more services provide more possibilities of
attack.
3. Security solutions should be Open Source. You can easier search for security prob-
lems if you have access to the source code. If the vendor disagrees to close an impor-
tant security hole you or someone else can fix it and you don’t have to wait for six
or more months till the next patch day. Proprietary software can have build in back-
doors sometimes called Law Interception Interface. Companies like Cisco (see RFC
3924), Skype (US-Patent-No 20110153809) and Microsoft (e.g. _NSAKEY http://
en.wikipedia.org/wiki/NSAKEY) are only popular examples.
4. A firewall is a concept not a box that you plug in and you are safe.
5. Keep all your systems up to date! A system that’s considered secure today can be
unprotected a few hours later. Update all systems, also smart phones, printer and
switches!
6. The weakest device defines the security of the complete system and that doesn’t nec-
essarily have to be a computer it can also be a human (read about social engineering).
7. There is no such thing as 100% secure. Even a computer that is switched off can be
infiltrated by a good social engineer. The aim should be to build that much layers that
the attacker falls over one tripwire and leaves traces and that the value he or she can
gain from a successful infiltration is much lower than the effort to attack or that it
exceeds the intruders skills.
Contents

1 Installation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
1.1 The Right Operating System. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
1.2 The Right Python Version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
1.3 Development Environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
1.4 Python Modules. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
1.5 Pip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.6 Virtualenv. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
2 Network 4 Newbies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
2.1 Components. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
2.2 Topologies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
2.3 ISO/OSI Layer Model. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.4 Ethernet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
2.5 VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
2.6 ARP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
2.7 IP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
2.8 ICMP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
2.9 TCP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
2.10 UDP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
2.11 An Example Network. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
2.12 Architecture. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
2.13 Gateway. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
2.14 Router. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
2.15 Bridge. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
2.16 Proxies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
2.17 Virtual Private Networks. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
2.18 Firewalls. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
2.19 Man-in-the-middle-Attacks. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22

xi
xii Contents

3 Python Basics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
3.1 Every Start is Simple. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
3.2 The Python Philosophy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
3.3 Data Types. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
3.4 Data Structures. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
3.5 Functions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
3.6 Control Structures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
3.7 Modules. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
3.8 Exceptions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
3.9 Regular Expressions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
3.10 Sockets. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
4 Layer 2 attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
4.1 Required modules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
4.2 ARP-Cache-Poisoning. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
4.3 ARP-Watcher. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
4.4 MAC-Flooder. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
4.5 VLAN hopping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
4.6 Let’s play switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
4.7 ARP spoofing over VLAN hopping. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
4.8 DTP abusing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
4.9 Tools. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
4.9.1 NetCommander . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
4.9.2 Hacker’s Hideaway ARP Attack Tool . . . . . . . . . . . . . . . . . . . . 46
4.9.3 Loki . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
5 TCP / IP Tricks. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
5.1 Required Modules. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
5.2 A Simple Sniffer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
5.3 Reading and Writing PCAP Dump Files. . . . . . . . . . . . . . . . . . . . . . . . . 49
5.4 Password Sniffer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
5.5 Sniffer Detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
5.6 IP-Spoofing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
5.7 SYN-Flooder. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55
5.8 Port-scanning. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56
5.9 Port-scan Detection. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
5.10 ICMP-Redirection. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
5.11 RST Daemon. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
5.12 Automatic Hijack Daemon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
5.13 Tools. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
5.13.1 Scapy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
Contents xiii

6 WHOIS DNS?. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
6.1 Protocol Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
6.2 Required Modules. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72
6.3 Questions About Questions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72
6.4 WHOIS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
6.5 DNS Dictionary Mapper . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
6.6 Reverse DNS Scanner . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
6.7 DNS-Spoofing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
6.8 Tools. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81
6.8.1 Chaosmap. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81
7 HTTP Hacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83
7.1 Protocol Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83
7.2 Web Services. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
7.3 Required Modules. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
7.4 HTTP Header Dumper. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
7.5 Referer Spoofing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88
7.6 The Manipulation of Cookies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89
7.7 HTTP-Auth Sniffing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90
7.8 Webserver Scanning. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
7.9 SQL Injection. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93
7.10 Command Injection. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99
7.11 Cross-Site-Scripting. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100
7.12 HTTPS. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101
7.13 SSL / TLS Sniffing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
7.14 Drive-by-Download. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106
7.15 Proxy Scanner . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107
7.16 Proxy Port Scanner . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110
7.17 Tools. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111
7.17.1 SSL Strip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111
7.17.2 Cookie Monster. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112
7.17.3 Sqlmap. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112
7.17.4 W3AF. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112
8 Wifi Fun. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113
8.1 Protocol Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113
8.2 Required Modules. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117
8.3 Wifi Scanner. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117
8.4 Wifi Sniffer. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118
8.5 Probe-Request Sniffer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119
8.6 Hidden SSID . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120
8.7 MAC-Address-Filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121
8.8 WEP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121
xiv Contents

8.9 WPA. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123

8.10 WPA2. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125
8.11 Wifi-Packet-Injection. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125
8.12 Playing Wifi Client. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126
8.13 Deauth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128
8.14 PMKID. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129
8.15 WPS. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130
8.16 Wifi Man-in-the-Middle. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130
8.17 Wireless Intrusion Detection. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135
8.18 Tools. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137
8.18.1 KRACK Attack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137
8.18.2 KrØØk attack. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137
8.18.3 WiFuzz. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137
8.18.4 Pyrit. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137
8.18.5 Wifiphisher. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138
9 Feeling Bluetooth on the Tooth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139
9.1 Protocol Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139
9.2 BLE – Bluetooth Low Energy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141
9.3 Required Modules. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142
9.4 Bluetooth-Scanner. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143
9.5 BLE-Scanner. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143
9.6 GAP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144
9.7 GATT. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146
9.8 SDP-Browser. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149
9.9 RFCOMM-Channel-Scanner. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150
9.10 OBEX. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151
9.11 BIAS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152
9.12 KNOB Attack. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154
9.13 BlueBorne . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155
9.14 Blue Snarf Exploit. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156
9.15 Blue Bug Exploit. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157
9.16 Bluetooth-Spoofing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158
9.17 Sniffing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159
9.18 Tools. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161
9.18.1 BlueMaho. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161
9.18.2 BtleJack. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162
10 Bargain box Kung Fu. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163
10.1 Required Modules. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163
10.2 Spoofing e-mail Sender. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163
10.3 DHCP Hijack. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165
10.4 IP Brute Forcer. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167
Contents xv

10.5 Google-Hacks-Scanner . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168

10.6 SMB-Share-Scanner . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 169
10.7 Login Watcher. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171

Appendix A Scapy reference. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175

Appendix B Secondary links. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215

Index. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217
Installation
1

Abstract

This chapter explains on which operating system the sources can be executed, which
Python version you will need and how to install additional Python modules. Last but
not least, we will discuss some possible solutions for setting up a complete development
environment. If you are already familiar with the Python programming language you can
skip this introductory chapter without missing anything.

1.1 The Right Operating System

Yes, I know the title of this section can lead to flame wars. It should just illustrate on which
operating systems the source codes of this book are run. The author is using a GNU/Linux
systems with kernel version 5.x for development, but most of the sources, except the chapter
about Bluetooth, should also runable on BSD or Mac OS X systems. If you succeed in
running the source code on other systems the author would be happy if you could drop him
a tiny email. Of course all other comments or criticisms are also welcome.

1.2 The Right Python Version

All source code examples are written in Python 3 and have been tested with Python 3.7.
To check which version of Python is installed on your system, execute the following
command

python3 --version
Python 3.7.4

© The Author(s), under exclusive license to Springer-Verlag GmbH, DE, part of Springer 1
Nature 2021
B. Ballmann, Understanding Network Hacks,
https://doi.org/10.1007/978-3-662-62157-8_1
2 1 Installation

1.3 Development Environment

The author prefers GNU/Emacs (www.gnu.org/software/emacs) as a development environ-

ment, because he thinks its editing and extension possibilities are unbeatable. Emacs supports
all common features like syntax highlighting, code completion, code templates, debugger
support, PyLint integration and thanks to Rope, Pymacs and Ropemacs, it has one of the
best refactoring support for Python.
If you want to give Emacs and it features a try, the author suggests installing the awesome
extension set Emacs-for-Python, downloadable at gabrielelanaro.github.com/emacs-for-
python. Thanks to the amount of available plugins, Emacs can also be used as an email
and Usenet client, for irc or jabber chatting, as music player and additional features like
speech support, integrated shell and file explorer up to games like Tetris and Go. Some guys
even think Emacs is not an IDE, but a whole operating system and use it as init process.
A good alternative for a console editor is Vim (www.vim.org/) of course. The author does
not like flame wars so if you do not know Emacs or Vim, give both a try. They are great!
Vim includes all features of a modern IDE, is extensible and completely controllable with
keyboard shortcuts and features a GUI version.
If you want to use one of those full-blown, modern IDEs, then check out Eclipse
(www.eclipse.org/) together with PyDev (pydev.org/). Eclipse also has all the common fea-
tures as well as code outlining, a better integrated debugging support and an endless seeming
torrent of useful plugins like UMLet to draw UML diagrams or Mylyn to perfectly integrate
a bugtracking system.
As alternative GUI-only IDE, you could also check out Eric4 (eric-ide.python-projects.
org/) and Spyder (code.g.oogle.com/p/spyderlib/), which also include all common features
plus a debugger, PyLint support and refactoring.
If you do not have that many resources and RAM for programming tasks, but need a GUI
then Gedit might be the editor of your choice. However you should extend it with a bunch
of plugins: Class Browser, External Tools, PyLint, Python Code Completion, Python Doc
String Wizard, Python Outline, Source Code Comments and Rope Plugin.
The installation could be somewhat nasty and the functionality not as complete as for the
other candidates. However, Gedit only uses the tenth of your RAM that Eclipse does.
The final choice is left to you. If you don’t want to choose or try all possibilities, you should
first try Eclipse with Pydev as bundle downloadable from Aptana (aptana.com/products/
studio3). The chances are high that you will like it.

1.4 Python Modules

Python modules can be found in the Python packet index pypi.python.org. New modules
can be installed by one of the following three possibilities:
1.5 Pip 3

1 Download the source archive, unpack it and execute the magic line

python3 setup.py install

2 Use easy_install

easy_install <modulname>

3 Get your feet wet with pip. Maybe you have to install a package like python-pip
before you can use it.

pip3 install <modulname>

You should use pip, because it also supports deinstallation and upgrading of one or all
modules. You could also export a list of installed modules and its version, reinstall them on
another system, you can search for modules and more.
Alternatively you can tell pip to install the modules in a directory of your homedir by
adding the parameter –user.
Which Python modules are needed for which tools and source code snippets will be
described at the beginning of the chapter or in the description of the snippet, if the module
is only used for that code. This way, you will only install modules that you really want to
use.

1.5 Pip

With Pip you can also search for a module.

pip search <modulname>

To uninstall a module just use the option uninstall. A listing of all installed modules
and their versions can be achieved with the parameter freeze and later on used to reinstall
them.

pip3 freeze > requirements.txt

pip3 install -r requirements.txt

Which modules are outdated reveas the command pip list –outdated. A single
module can be upgraded by executing pip3 install –upgrade <modulname>.
4 1 Installation

1.6 Virtualenv

If you like you could install all Python modules needed for this book in a subfolder (a so
called virtualenv) so that they wont conflict with the modules installed in your operating
system. As an example we will create a virtualenv called python-network-hacks,
install the module scapy into it and exit from the virtual environment.

python3 -m venv python-network-hacks

source python-network-hacks/bin/activate
(python-network-hacks) $ pip3 install scapy
(python-network-hacks) $ deactivate
$ _

Make sure that the prompt is the default prompt again after deactivating.
Network 4 Newbies
2

Abstract

Computer networks are the veins of the information age, protocols the language of the
net. This chapter describes the basics of networking starting with hardware going over
to topology and the functionality of the most common protocols of an Ethernet/IP/TCP
network up to Man-in-the-middle attacks. For all who want to rebuild or refresh their
knowledge of networking.

2.1 Components

To be able to build a computer network of course you need some hardware. Depending on
the kind of net you’ll need cables, modems, old school acoustic in banana boxes, antennas
or satellite receivers beside computers and network cards as well as router (Sect. 2.14),
gateways (Sect. 2.13), firewalls (Sect. 2.18), bridges (Sect. 2.15), hubs and switches.
A hub is just a simple box you plug network cables in and it will copy all signals to all
connected ports. This property will probably lead to an explosion of network traffic. That’s
a reason why hubs are rarely used these days. Instead most of the time you will see switches
building the heart of the network. The difference between a hub and a switch is a switch
remembers the MAC address of the network card connected to the port and sends traffic
only to the port it’s destinated to. MAC addresses will be explained in more detail in Sect.
2.4.

© The Author(s), under exclusive license to Springer-Verlag GmbH, DE, part of Springer 5
Nature 2021
B. Ballmann, Understanding Network Hacks,
https://doi.org/10.1007/978-3-662-62157-8_2
6 2 Network 4 Newbies

2.2 Topologies

You can cable and construct computer networks in different ways. Nowadays the most com-
mon variant is the so called star network (see Fig. 2.1), where all computer are connected
to a central device. The disadvantage is that this device is a single point of failure and the
whole network will break down if it gets lost. This disadvantage can be circumstanced by
using redundant (multiple) devices.
Another possibility is to connect all computers in one long row one after the other, the so
called bus network (see Fig. 2.2). The disadvantage of this topology is that each computer
must have two network cards and depending on the destination the traffic gets routed through
all computers of the net. If one of them fails or has too high a load the connections behind
that host are lost.
The author has seen only a few bus networks this decade and all consisted of two com-
puters directly connected to guarantee time critical or traffic intensive services like database
replication, clustering of application servers or synchronization of backup servers. In all
cases the reason for a bus network was to lower the load of the star network.
As last variant the ring network (Fig. 2.3) should be mentioned, which as the name
implies connects all computers in a circle. The ring network has the same disadvantages as
a bus network except that the network will only fail partly if a computer gets lost as long as
the net can route the traffic the other way round. The author has not seen a productive ring
network, but some wise guys whisper that it it the topology of backbones used by ISPs and
large companies.
Additionally one often reads about LAN (Local Area Network), WAN (Wide Area Net-
work) and sometimes even about MAN (Middle Area Network). A LAN is a local network
that’s most of the time limited to a building, floor or room.
In modern networks most computers are connected on a LAN over one or more switches.
Multiple LANs connected over a router or VPN (see Sect. 2.17) are called MAN. If the

Fig. 2.1 star network

2.3 ISO/OSI Layer Model 7

Fig. 2.2 Bus network

Fig. 2.3 Ring network

network spreads over multiple countries or even the whole world like the internet than it is
defined as a WAN.

2.3 ISO/OSI Layer Model

According to the pure doctrine the ISO/OSI layer model, technically separates a computer
network into seven layers (see Fig. 2.4).
Each layer has a clearly defined task and each packet passes them one after another in
the operating systems kernel up to the layer it’s operating on (Table 2.1).
8 2 Network 4 Newbies

Fig. 2.4 OSI model

Table 2.1 OSI layer

OSI layer Layer name Task
1 Physical Cables, Antennas, etc.
2 Data-Link Creates a point-to-point connection between two compu-
ters
3 Network Provides for addressing of the destination system
4 Transport Takes care that the data is received in the right order and
enables retransmission on packet loss
5 Session Used to address single applications (e.g. using ports)
6 Presentation Conversion of data formats (e.g. byte order, compression,
encryption)
7 Application Protocols that define the real service like HTTP

2.4 Ethernet

Have you ever bought a “normal” network cable or card in a shop? Than the chance is nearly
100% that you own ethernet hardware, because Ethernet is with huge margin the most used
network technology today. You will see network components with different speed limits like
1, 10, 100 MBit or gigabit and an ethernet can be constructed with different cable types like
coaxial (old school), twisted pair (common) or glass fiber (for data hungry guys).
2.4 Ethernet 9

Twisted pair cables can be divided into to the variations STP (Single Twisted Pair) and
UTP (Unshielded Twisted Pair) as well as patch- and crossover cables.
The difference between STP and UTP cables is that the fibers of the UTP cables are
unshielded and therefore they have a lower quality compared to STP cables. Nowadays new
cables in a shop should all be STP.
Patch and cross cables can be separated from each other by looking at the plugs of the
cable. If the colors of the fibers are in the same order than its a patch otherwise a cross cable.
A cross cable is used to directly connect two computers, a patch cable is used to connect
a computer to a hub or switch. Modern network cards can automatically cross the fibers so
cross cables are a dying race.
Every network card in an Ethernet network has a MAC address that’s worldwide unique
and are used to address devices on the net. The MAC address consists of six two digit
hexadecimal numbers, which are separated by colons (e.g. aa:bb:cc:11:22:33).
Its a common misbelief that a computer in a local TCP/IP network is reached over its IP
address; in reality the MAC address is used for this purpose. Another common misunder-
standing is that the MAC address cannot be spoofed. The operating system is responsible
to write the MAC into the Ethernet header and systems like GNU/Linux or *BSD have
possibilities in their base system to change the MAC with one command.

ifconfig enp3s0f1 hw ether c0:de:de:ad:be:ef

Beside the source destination MAC address an Ethernet header (see Fig. 2.5) consists of
a type field and a checksum. The type field defines the protocol that follows Ethernet e.g.
0x0800 for IP or 0x0806 for ARP.
Last but not least the term CSMA/CD should be explained. CSMA/CD stands for Carrier
Sense Multiple Access/Collision Detect and describes how a computer sends data over an
Ethernet. First of all it listens on the wire if someone is currently sending something. If
that’s the case it just waits a couple of random seconds and tries again. If the channel is
free it sends the data over the network. Should two stations be transmitting data at the same
data a collusion will result, therefore every sending station must listen afterwards to detect
a collusion, than randomly wait some seconds and retransmit the data.

Fig. 2.5 Ethernet header

10 2 Network 4 Newbies

Fig. 2.6 VLAN header

2.5 VLAN

A VLAN (Virtual Local Area Network) separates several networks on a logical base. Only
devices on the same VLAN can see each other. VLANs where invented to define a networks
structure independently from its physical hardware, to prioritize connections and to minimize
broadcast traffic. They were not developed with security in mind, but its a common myth
that VLANs can add to your security. Don’t rely on this myth, because several ways exist
to circumvent the separation of a VLAN (see Sect. 4.5).
Switches implement VLANs in two different ways: through tagging of packets using a
IEEE 802.1q Header (see Fig. 2.6), that’s inserted after the Ethernet header or simply defined
by port. 802.1q is a newer variant, which allows the creation of a VLAN spread over several
switches.

2.6 ARP

ARP (Address Resolution Protocol) translates between layer 2 (Ethernet) and 3 (IP). It is
used to resolve MAC addresses to IP addresses. The other way round is done by RARP
(Reverse Address Resolution Protocol). The structure of an ARP headers can be seen in
Fig. 2.7.

Fig. 2.7 ARP header

2.7 IP 11

Imagine a source host (192.168.2.13) tries to communicate with a destination host

(192.168.2.3) for the first time than it will loudly shout over the broadcast address (see
Sect. 2.7) something like the following: “Hello, here is Bob, to all, listen! I want to talk to
Alice! Who has the MAC address of Alice?!”
In Ethernet speech it looks like this:

ARP, Request who-has 192.168.2.3 tell 192.168.2.13,

length 28

The destination host (192.168.2.3) now shrieks up and screams “Hey that’s me!” by
sending his MAC address to the requesting host (192.168.2.13).

ARP, Reply 192.168.2.3 is-at aa:bb:cc:aa:bb:cc, length 28

2.7 IP

IP like Ethernet is a connection-less protocol, that means it doesn’t know a relation between
packets. It is used to define the source and destination host on layer 3, to find the (quickest)
path between two communications partners by routing packets (see Sect. 2.14) and to handle
errors with ICMP (Sect. 2.8). An example error is the famous host not reachable packet.
Beside that it handles fragmentation by cutting packets bigger than the MTU (Max Trans-
mission Unit) into smaller ones. Last but not least does it implement a timeout mechanism
thanks to the header TTL (Time-to-live) and such avoids endless network loops. Every host
called hop a packet passes subtracts the TTL by one and if it reaches 0 it should be thrown
away and the source host gets a error via ICMP.
Today there are two variants of IP IPv4 and IPv6. Both protocols differ widely and not
only in size of IP addresses. IPv6 can be extended through so called optional headers and
IPv6 alone can fill a whole book. This book only covers IPv4.

Fig. 2.8 IP-Header

12 2 Network 4 Newbies

An IPv4 header looks like Fig. 2.8.

First we want to see how IP network addressing works. An IPv4-address (e.g. 192.168.1.2)
consists of 4 bytes divided by dots. A byte is equal to 8 bit therefore each number of an IPv4
address can be 2 expand 8 or 256 in maximum, thus it starts with a zero in reality it can not
be bigger than 255.
Beside an IP address every IP network node needs a netmask (the most common one is
255.255.255.0). The netmask defines the size of the net and its used to calculate the net-
start-address. The first IP of a net is called net-start-address, the last one is called broadcast
address, both cannot be used by hosts because they have a special functionality. Packets to
the broadcast address are forwarded to every host on the network.
If a computer wants to communicate to another one over an IP network it first of all
calculates its net-start-address with the use of its IP address and network mask. Let’s say
the computer has the IP 192.168.1.2. In binary that is:

11000000.10101000.00000001.00000010

A network mask of 255.255.255.0 in binary looks like:

11111111.11111111.11111111.00000000

Now one combines both addresses using a binary AND-operation that means every posi-
tion, where both number are 1, stays 1, otherwise it is replaced with a 0. At the end you have
the number of figure (Fig. 2.9).

11000000.1010100.00000001.00000000

Calculated in decimal this is 192.168.1.0, the net-start-address.

If you are not familiar with digital systems such as binary you could help yourself with
a scientific calculator or a short internet search.
The netmask defines how many bits of an IP address are reserved for the net and how
many for the host. In our example the first 24 bits are 1 that’s the same as /24 for short, the

Fig. 2.9 Subnet-calculation

2.9 TCP 13

so called CIDR block. If the complete last byte is accessible for hosts the net is classified as
a class c, two byte make a class b, and three a class a otherwise the net is called a subnet.
Our example host computes the same AND-operation for the destination to obtain its net-
start-address. If they differ the destination is in another network and the packet is send to the
default gateway, otherwise the net is looked up in the routing table (see Sect. 2.14) and the
packet is sent over the specified device or to the next router depending on its configuration.

2.8 ICMP

ICMP (Internet Control Message Protocol) is used by IP for error handling. Therefore it
sets a type and a code field in its header to define the error. The header looks like in Fig.
2.10.
Most readers know the protocol for the famous ICMP echo-request packet sent
by the program ping, that hopes to receive an echo-response to test if a computer is
reachable and measures the network latency. Other ICMP messages include redirect-host
for telling a host that there is a better router to reach his destination. Table 2.2 lists all type
and code combinations.

2.9 TCP

TCP (Transmission Control Protocol) provides session management. A new TCP session is
initialized by the famous Three-Way-Handshake (see Fig. 2.13). TCP numbers all packets to
ensure that they are processed in the same order they were transmitted by the source system.
The destination host sends an acknowledgment to let the source know that the packet was
received correctly after checking a checksum otherwise the source retransmits the packet.
Last but not, least TCP addresses programs on a host by the use of ports. The port of the
sending instance is called source port the receiving destination port. Commonly used
application protocols like HTTP, FTP, IRC etc. have default port under 1024 e.g. a HTTP
server normally listens on port 80.
A typical TCP looks like Fig. 2.11.

Fig. 2.10 ICMP-Header

14 2 Network 4 Newbies

Beside ports one also needs to know about TCP flags (see Table 2.3), sequence- and
acknowledgment-number and windowsize. Flags are used for session management to create
or destroy a connection and to bid the destination to handle a packet with a higher priority.
The Sequence-Number is used to sort the received packets into the same order as they
were send by the origin and to detect lost packets. Each packet gets an individual number
that is incremented by one for every transmitted byte.
The Acknowledgment-Number as the name suggests acknowledges the counterpart
that a packet with a certain sequence number has been received correctly. Therefore it uses

Table 2.2 ICMP Codes/Types

Code Type Name
0 0 echo-reply
3 0 net-unreachable
3 1 host-unreachable
3 2 protocol-unreachable
3 3 port-unreachable
3 4 fragmentation-needed
3 5 source-route-failed
3 6 dest-network-unknown
3 7 dest-port-unknown
3 8 source-host-isolated
3 9 network-admin
3 10 host-admin
3 11 network-service
3 12 host-service
3 13 com-admin-prohibited
3 14 host-precedence-violation
3 15 precedence-cuttof-in-effect
4 0 source-quench
5 0 redirect-network
5 1 redirect-host
5 2 redirect-service-network
5 3 redirect-service-host
6 0 alternate-host-address
8 0 echo-request
9 0 router-advertisement
10 0 router-selection
2.9 TCP 15

Table 2.2 (continued)

Code Type Name
11 0 ttl-exceeded
11 1 fragment-reassembly-exceeded
12 0 pointer-error
12 1 missing-option
12 2 bad-length
13 0 timestamp-request
14 0 timestamp-reply
15 0 info-request
16 0 info-reply
17 0 mask-request
18 0 mask-reply
30 0 traceroute-forwarded
30 1 packet-discarded
31 0 datagram-conversion-error
32 0 mobile-host-redirect
33 0 ipv6-where-are-you
34 0 ipv6-here-I-am
35 0 mobile-registration-request
36 0 mobile-registration-reply
37 0 domain-name-request
38 0 domain-name-reply
40 0 bad-spi
40 1 authentication-failed
40 2 decompression-failed
40 3 decryption-failed
40 4 need-authentication
40 5 need-authorization

the sequence number and adds one. The Acknowledgment-number contains the next
expected Sequence-Number.
The window size defines the size of the operating systems cache of received, but not yet
processed packets. A window size of zero indicates the sending station is under pressure
and asks to be friendly and to slow down or even stop sending more packets until a bigger
window size is received.
16 2 Network 4 Newbies

Beside that the window size defines the receive window. A host accepts all packets
lower than Acknowledgment-Number + Windowsize (Fig. 2.12).
The establishment of a TCP connection is divided into three actions the Three-Way-
Handshake (see Fig. 2.13): First of all the initiating computer sends a packet with the
SYN-Flag set and to stay by our example an Initial-Sequence-Number of 1000. The Initial-
Sequence-Number must be as random as possible to avoid Blind-IP-Spoofing attacks, where
the attacker guesses a sequence number without being able to read the network traffic.
The destination host responds with a packet where the SYN- and ACK-Flag are set. As
Initial-Sequence-Number it chooses 5000 and the Acknowledgment-Number contains the
Sequence-Number of the source host incremented by one (1001).
Last but not least the source host sends a final packet with set ACK- (but not SYN) flag
set and uses the acknowledgment number of the SYN/ACK packet as sequence number as
well as the sequence number of the previous packet plus one as acknowledgment number.
This completes the Three-Way-Handshake. From now on both parties send packets with the
ACK flag set.send ACK packets.
If a packets hits a closed port the destination must send a RST-Packet to be conform
to RFC793. This signals the source host that the request was invalid. Lot of firewalls (see

Fig. 2.11 TCP-Header

Table 2.3 TCP-Flags

Flag Function
SYN Ask for a new connection
ACK Acknowledge the receipt of a packet
RST Cancel a connection attempt (is usually send when a host tries to connect
to a closed port)
FIN Cleanly close an established connection (must be acknowledged by the
counterpart)
URG Mark a packet as urgent
PSH Bid the receiver to handle packet with higher priority
 Another Random Document on
Scribd Without Any Related Topics
ANDERS. That's the kind of noise he made that Ash Wednesday at
Tuna Flat.
INGHEL. Don't mention that blood-bath, or I can't control myself.
[Passionately] Don't talk of it!
NILS. Hear him spinning, spinning like a cat! No, don't trust him!

The roll of the drums comes nearer.

STIG.Might it not be wise for you, as personal friends of the King, to

meet him and bid the stem master welcome?
MONS. I wonder. Then he might not come here afterward....
WIFE. Stay, Mons! Stay where you are!
MONS. Oh, the place smells of spruce, and the drums are flattened as
for a funeral. [Somebody raps three times at the door from the
outside] Who's that?

[He goes to the door and opens it.

WIFE. [To MASTER STIG as she leaves the room by the door at the
right] Pray for us!

MASTER OLAVUS and HERMAN ISRAEL enter.

MONS. Who is doing me the honour?

OLAVUS. I am the acting secretary of his Highness, the King. And this
is the venerable representative of the free city of Luebeck.
MONS. Come in, my good sirs, and—let us hear the news!
OLAVUS. The King is here and has pitched his camp on Falu Flat.
Personally he has taken his abode at the Gildhall of Saint Jorghen.
MONS. What is the errand that has made the King cross Långhed
Forest and Brunbeck Ford without permission and safe-conduct?[3]
OLAVUS. He hasn't told.
MONS. Then I had better go and ask him.
OLAVUS. With your leave, this is the message our gracious lord, the
King, sends you through us: "Greetings to the goodly miners of the
Copperberg, and let every man stay in his own house." If he desires
speech with any one, that one will be called.
MONS. What is the meaning of it?
OLAVUS. [Seating himself] I don't know. [Pause.
ANDERS. Has the Danish war come to an end, sir?
OLAVUS. I don't know.
ANDERS. Do you know with whom you are talking?
OLAVUS. No, I don't.
ANDERS. I am Anders Persson of Rankhyttan. Have you ever heard
that name before?
OLAVUS. Yes—it's a good name.

HERMAN ISRAEL has in the meantime been studying the wall

paintings and the silver on the mantelpiece. He wears a pair of
large, horn-rimmed eye-glasses. At last he seats himself in the
armchair at the end of the table.

MONS. [Indicating ISRAEL to OLAVUS] Is that chap from Luebeck a

royal person, too?
OLAVUS. [In a low voice] No, he is not, but he is in charge of the
national debt, and we must never forget that our gracious King was
able to free our country of the Danes only with the help of Luebeck.
MONS. With the help of Luebeck only? And how about the
Dalecarlians?
OLAVUS. Oh, of course, they helped, too.
MONS. Does he speak Swedish?
OLAVUS. I don't think so, but I am not sure of it.
MONS. Is that so?
OLAVUS. We happened to arrive together, but I have not yet spoken
to him.
MONS. Very strange! I suppose the King has sent him?
OLAVUS. Probably.
MONS. Perhaps he is the fellow who buys up the bells?
OLAVUS. Perhaps.
MONS. And the church silver?
OLAVUS. And the church silver, too!
MONS. What was his name again?
OLAVUS. Herman Israel.
MONS. Oh, Israel!

He whispers to ANDERS PERSSON, who in turn whispers to the

rest.
A rap at the door is heard. MASTER OLAVUS gets up quickly and
opens the door.
A MESSENGER in full armour enters, whispers something to
MASTER OLAVUS, and leaves again.

OLAVUS. Our gracious lord, the King, requests Inghel Hansson to

meet him at Saint Jorghen's Gild.
INGHEL. [Rising] Well, well, am I to be the first?
NILS. The oldest first.
MONS. Stand up for yourself, Inghel, and tell the truth. The King is a
gracious gentleman who won't mind a plain word in proper time.
INGHEL.Don't you worry. I have said my say to kings before now.
[He goes out.
OLAVUS. Well, Nils, how is the mining nowadays?
NILS.Not bad, thank you. The last fall flood left a little water in the
mine, but otherwise we have nothing to complain of.
OLAVUS. Times are good, then?
NILS. Well, you might say so.... Hm! Good times will mean better
taxes, I suppose?
OLAVUS. I know nothing about the taxes. [Pause; then to ANDERS
PERSSON] And how about the crops? I hear you have plenty of tilled
ground, too.
ANDERS. Oh, yes, and plenty of cattle in the pastures, too.
OLAVUS. Old Dalecarlia is a pretty good country, is it not?
MONS. [Giving ANDERS a poke with his elbow] Yes, everything is fat
here—dripping with fat, so that one can eat the bark off the trees
even.
OLAVUS. Yes, they have told me that you have to eat bark and chew
resin now and then. Is that a common thing or does it happen only
once in a while?
NILS. When the famine comes, you have to eat what you can get.
OLAVUS. [To MASTER STIG, who has been keeping in the background]
There is something you should know, Master Stig. How was it during
the last famine, when the King sent grain to be distributed here: did
it go to those who needed it?
STIG. Yes, it did, although there was not enough of it.
OLAVUS. [To ANDERS] Was there not enough of it?
ANDERS. That depends on what you mean by "enough."
OLAVUS. [To MONS] Do you know what is meant by "enough," Mons
Nilsson?
MONS. Oh, well, everybody knows that.
OLAVUS.[To Stig] As we now know what is meant by "enough," I ask
you, Master Stig Larsson, if anybody perished from hunger during
the last famine?
STIG. Man doth not live by bread only....
OLAVUS. There you spoke a true word, Master Stig, but....

A rap on the door is heard. MASTER OLAVUS opens. The same

MESSENGER appears, whispers to him, and leaves again.

OLAVUS. The King requests Nils Söderby to meet him at Saint

Jorghen's Gildhall.
NILS. Won't Inghel Hansson come back first?
OLAVUS. I don't know.
NILS. Well, nobody is afraid here, and....
OLAVUS. What have you to be afraid of?
NILS. Nothing! [To his friends] The big bell at Mora has not been
taken out of Siljan valley yet, Anders Persson and Mons Nilsson.
That's a devil of a bell, and when it begins to tinkle, they can hear it
way over in Norway, and fourteen thousand men stand like one!
OLAVUS. I don't understand what you mean.
NILS. [Shaking hands with ANDERS and MONS] But you two
understand! God bless you and defend you!
MONS. What do you mean?
ANDERS. What are you thinking of, Nils?
NILS.Oh, my thoughts are running so fast that I can't keep up with
them. But one thing I am sure of: that it's going hard with Inghel
Hansson. [He goes out.
OLAVUS. Is this sulphur smoke always hanging over the place?
MONS. Mostly when the wind is in the east.

MONS and ANDERS withdraw to the left corner of the room and sit
down there. Master Stig shows plainly that he is much alarmed.
OLAVUS. Is it the quartz or the pyrites that make the worst smoke?
ANDERS. Why do you ask?
OLAVUS. That's a poor answer!
MONS. May I ask you in return whether King Christian still is free?
OLAVUS. [Looking hard at him] Do you put your trust in the enemy?
[Pause] What kind of a man is Nils of Söderby?
MONS. His friends think him better and his enemies worse than
anybody else.
OLAVUS. What kind of a bell in the Siljan valley was that you spoke
of?
MONS. It's the largest one in all Dalecarlia.
OLAVUS. Have you many bells of that kind?
ANDERS. Of the kind that calls the people to arms we have still a lot.

MONS pokes him warningly.

OLAVUS. I am glad to hear it, and I am sure it will please his

Highness still more.—Are the people attending church diligently,
Master Stig?
STIG. I can't say that they are.
OLAVUS. Are the priests bad, or is the pure word of God not preached
here?
STIG.There are no bad priests here, and nothing but the pure word
of God is preached!
OLAVUS. That's the best thing I have heard yet! Nothing but the pure
word of God, you say! [Pause] Nils intimated a while ago that
fourteen thousand men will take up arms when you ring the big bell
at Mora. That was mere boasting, I suppose?
MONS. Oh, if you ring it the right way, I think sixteen thousand will
come. What do you say, Anders Persson?
ANDERS. Sixteen, you say? I should say eighteen!
OLAVUS. Fine! Then we shall ring it the right way when the Dane
comes next time. Only seven thousand answered the last call—to
fight the enemies of our country.
MONS. [To ANDERS] That fellow is dangerous. We had better keep
quiet after this.
STIG. [To OLAVUS] Why has Inghel Hansson not come back?
OLAVUS. I don't know.
STIG. Then I'll go and find out.

He goes to the door and opens it, but is stopped by the

MESSENGER, who is now accompanied by several pike-men.

MASTER OLAVUS meets the MESSENGER, who whispers to him.

OLAVUS. Master Stig Larsson is commanded before the King at once!

STIG. Commanded? Who commands here?
OLAVUS. The King.
MONS. [Leaping to his feet] Treachery!
OLAVUS. Exactly: treachery and traitors!—If you don't go at once,
Master Stig, you'll ride bareback!
STIG. To hell!
OLAVUS. Yes, to hell!—Away!

MONS and ANDERS rise and start for the door.

MONS. Do you know who I am—that I am a free miner and a friend

of the King?
OLAVUS. Be seated then, and keep your peace. If you are a friend of
the King, there has been a mistake. Sit down, Anders Persson and
Mons Nilsson! No harm will befall you or anybody else who is
innocent. Let Master Stig go, and don't get excited. Where does the
thought of violence come from, if not from your own bad
conscience?
STIG. That's true. We have done nothing wrong, and no one has
threatened us.—Be quiet, friends. I shall soon be back. [He goes
out.
MONS. That's right!
OLAVUS. Throw a stick at the pack, and the one that is hit will yelp.
ANDERS. [To MONS] That was stupid of us! Let us keep calm! [Aloud]
You see, doctor, one gets suspicious as one grows old, particularly
after having seen so many broken words and promises....
OLAVUS. I understand. In these days, when people change masters
as the snake changes its skin, a certain instability of mind is easily
produced. In young men it may be pardonable, but it is absolutely
unpardonable in old and experienced persons.
MONS. As far as age is concerned, there is nothing to say about the
King, who still is in his best years....
OLAVUS. And for that reason pardonable....
MONS. [To ANDERS] I think he must be the devil himself!
ANDERS. [To OLAVUS] How long are we to wait here? And what are we
to wait for?
OLAVUS. The King's commands, as you ought to know.
MONS. Are we regarded as prisoners, then?
OLAVUS. By no means, but it is not wise to venture out for a while
yet.

MONS and ANDERS move from one chair to another and give
other evidence of agitation.

MONS. Some great evil is afoot. I can feel it within me.

ANDERS. It must be very hot in here.... I am sweating. Would you like
a glass of beer, doctor?
OLAVUS. No, thank you.
ANDERS. Or a glass of wine?
OLAVUS. Not for me, thanks!
MONS. But it's real hock.

MASTER OLAVUS shakes his head. At that moment drum-beats are

heard outside.

ANDERS. [Beyond himself] In the name of Christ, will this never come
to an end?
OLAVUS. [Rising] Yes, this is the end!

He goes to the door and opens it.

The MESSENGER enters and throws on the table the bloodstained
coats of INGHEL HANSSON, NILS OF SÖDERBY, and MASTER STIG.

OLAVUS. Look!
MONS and ANDERS. Another blood-bath!
MONS. Without trial or hearing!
OLAVUS. The trial took place two years age, and sentence was
passed. But the King put mercy above justice and let the traitors
remain at large to see whether their repentance was seriously
meant. When he learned that they remained incorrigible and went
on with their rebellious talk as before, he decided to execute the
sentences. That's how the matter looks when presented truthfully.
MONS. And yet there was a lot of talk about everything being
forgiven and forgotten....
OLAVUS. So it was, provided the same offence was not repeated. But
it was repeated, and what might have been forgotten was again
remembered. All that is clear as logic. [To HERMAN ISRAEL] These two
trustworthy men.... [To MONS and ANDERS] You are trustworthy, are
you not?
MONS and ANDERS. Hope so!
OLAVUS. Answer yes or no! Are you trustworthy?
MONS and ANDERS. Yes!
OLAVUS. [To ISRAEL] In the presence of you as my witness, syndic,
these two trustworthy men have given a true report of conditions in
Dalecarlia. They have unanimously assured us that the mines are
being worked profitably; that agriculture and cattle-breeding prosper
no less than the mining; that famines occur but rarely, and that,
during the last one, our gracious King distributed grain in quantities
not insufficient, which went to those that really were in need. These
trustworthy and upright miners have also confirmed the following
facts: that bells to summon the congregations still remain in all the
churches; that no bad priests are spreading devices of men, and that
nothing is preached here but the pure word of God. You have
likewise heard them say, syndic, that the province of Dalecarlia can
raise from sixteen to eighteen thousand men capable of bearing
arms—the figures vary as their courage falls or rises. Being in charge
of the current debt, and for that reason entitled to know the actual
status of the country, you have now heard the people declare with
their own lips, that all the Dalecarlian grievances are unwarranted,
and that those who have spread reports to the contrary are traitors
and liars.
MONS. Veto!
ANDERS. I deny it!
OLAVUS. If you deny your own words, then you are liars twice over!
MONS. He is drawing the noose tighter! Better keep silent!
ANDERS. No, I most speak. [To OLAVUS] I want to know what our fate
is to be.
OLAVUS. So you shall. Your fate is in your own hands. You are invited
to Stockholm and given full safe-conduct. You can travel freely by
yourselves. This is granted you as old friends of the King, to whom
he acknowledges a great debt of gratitude.
MONS. More guile!
OLAVUS.No guile at all. Here is the King's safe-conduct, signed by his
own hand.
ANDERS. We know all about his safe-conducts!
MONS. [To ANDERS] We must consent and submit in order to gain
time! [To OLAVUS] Will you let us go into the next room and talk the
matter over?
OLAVUS. You can now go wherever you want—except to the King.

MONS and ANDERS go toward the left.

MONS. [As he opens the door] We'll bring you an answer shortly.
OLAVUS. As you please, and when you please.

MONS and ANDERS go out.

OLAVUS. [To ISRAEL] A stiff-necked people, true as gold, but full of

distrust.
ISRAEL. A very fine people.
OLAVUS. Rather stupid, however. Did you notice how I trapped them?
ISRAEL. That was good work. How did you learn to do it?
OLAVUS. By long observation of innumerable human beings I have
been led to conclude at last that vanity the primal sin and mother of
all the vices. To get the truth out of criminals, I have merely to set
them boasting.
ISRAEL.
What wisdom! What wisdom! And you are not yet an old
man!—But there are modest people, too, and out of these you
cannot get the truth, according to what you have just said.
OLAVUS. Modest people boast of their modesty, so that is all one.
ISRAEL.[Looking attentively at him] If you'll pardon me—Master
Olavus was your name, I think? You cannot be Olavus Petri?
OLAVUS. I am.
ISRAEL. [Surprised] Who carried out the Reformation?
OLAVUS. I am that man.
ISRAEL. And who was subsequently tried for high treason on
suspicion of having known about a plot against the King's life?
OLAVUS. Confidences given me under the seal of confession, so that I
had no right to betray them.
ISRAEL. [Gazing curiously at OLAVUS] Hm-hm! [Pause] A mysterious
story it was, nevertheless.
OLAVUS. No, I don't think so. Gorius Holst and Hans Bökman were
found guilty. And it was so little of a secret, that the people of
Hamburg heard of the King's murder as an accomplished fact long
before the plot was exposed at Stockholm.
ISRAEL.That is just what I call mysterious, especially as we knew
nothing about it at Luebeck.
OLAVUS. Yes, I call that mysterious, too, because the road to
Hamburg goes through Luebeck as a rule. [ISRAEL makes no reply]
And it was rumoured at the time, that Marcus Meyer and Juerghen
Wollenweber were no strangers to the plot.
ISRAEL. I have never heard of it, and I don't believe it. [Pause; then,
pointing to the blood-stained coats] Must those things stay here?
OLAVUS. Yes, for the present.
ISRAEL. It seems to me that these royal visits are rather sanguinary
affairs.
OLAVUS.I don't allow myself to pass judgment on the actions of my
King, partly because I am not capable of doing so, and partly
because I know there is a judge above too, who guides his destiny.
ISRAEL. That is beautifully said and thought. Have you always been
equally wise?
OLAVUS. No, but what you have not been you frequently become.
[Pause.
ISRAEL. Won't those people in there try to get away?
OLAVUS. That, too, has been foreseen, just as their desire to discuss
the matter had been reckoned with. Do you know what they are
talking of?
ISRAEL. No, I have not the slightest idea.
OLAVUS. They still imagine that King Christian is free, and they are
planning to seek help from him.
ISRAEL. What a senseless thought!
OLAVUS. Especially as Christian is a prisoner.
ISRAEL. It sounds like madness, but when you hear how devoted
these good men of the mining districts are to their King, it cannot
surprise you that they may have in mind the oath binding them to
their only lawful sovereign....
OLAVUS. Now, with your pardon, I am surprised....
ISRAEL. Oh, mercy, I am merely putting myself in their place.
OLAVUS. It is always dangerous to put oneself in the place of traitors.
[Pause.
BARBRO. [Entering from the right, followed by the smaller children] Is
father here? [She looks around and discovers ISRAEL seated in the
armchair prepared for the King] Goodness, here is the King!

[She kneels, the other children following her example.

ISRAEL.
No, no, dear children, I am not the King. I am only a poor
merchant from Luebeck.
OLAVUS. A noble answer! [To the children] This is Herman Israel, the
far-famed and influential councillor, who, with Cord König and Nils
Bröms, saved our King out of Danish captivity and enabled him to
carry out the war of liberation. You will find him on the picture in
Saint Jorghen's Gildhall which represents Gustavus Vasa appearing
before the City Council of Luebeck. Honour to the man who has
honour deserved. Give homage to the friend of your country and
your King.

BARBRO and the CHILDREN clap their hands.

ISRAEL. [Rises, evidently touched] My dear little friends.... All I can

do is to thank you.... I have really not deserved this.... You see, a
merchant does nothing except for payment, and I have been richly
paid.
OLAVUS. Don't believe him! But bear in mind that there are services
that can never be paid, and beautiful deeds that can never be wiped
out by ingratitude or forgetfulness.—Go back to your own room now.
Your father will come in a moment.

BARBRO and the CHILDREN go out to the right.

ISRAEL. I had never expected such a thing of you, doctor.

OLAVUS. I think I understand why. However, my dear syndic, don't
ever compel us to become ungrateful. Ingratitude is such a heavy
burden to carry.
ISRAEL. What is the use of talking of it? There is nothing of that kind
to be feared.

MONS NILSSON and ANDERS PERSSON enter from the left.

MONS. After talking it over, we have decided to go to Stockholm with

the King's good word and safe-conduct, so that we can quietly
discuss the matter with him and the lords of the realm.
OLAVUS. Then my errand here is done, and both of us can leave. I
wish you, Mons Nilsson, and you, Anders Persson, welcome to the
capital.
MONS. Thank you, doctor.

MASTER OLAVUS and HERMAN ISRAEL go out.

MONS. [Picking up the bloodstained coats as soon as they are out of

sight] These shall be our blood-stained banners! King Christian will
furnish the staffs, and then—on to Stockholm!
ANDERS. And down with it!
OLAVUS. [Returning unexpectedly] There was one thing I forgot to
tell you. Do you hear?
ANDERS. [Angrily] Well!
OLAVUS.King Christian has been captured and made a prisoner at
Sonderborg Castle, in the island of Als.

MONS and ANDERS show how deeply the news hits them; neither
one has a word to say.

OLAVUS. You understand, don't you?—Stinderborg Castle, in the

island of Als?
Curtain.

[1] Peder Jacobsson Sunnanväder, bishop at Vesterås, and his

archdeacon, Master Knut, both members of the old Catholic
clergy, tried to raise the Dalecarlians against the King in 1524-5,
when his hold on the new throne was still very precarious. The
False Sture was a young Dalecarlian named John Hansson, who
had acquired gentle manners as a servant in noble houses and
who posed as the natural son of Sten Sture the Younger, "National
Director" of Sweden until 1520. This pretender, who headed
another Dalecarlian uprising in 1527, figures also in Ibsen's early
 historical drama, "Lady Inger." The taking of the church-bells
mentioned by Mons Nilsson's wife took place in 1531 and resulted
in the killing of several of the King's representatives by the
Dalecarlians.
[2] In 1520 Christian II of Denmark made a temporarily
successful effort to bring Sweden back into the union with the
other two Scandinavian kingdoms. Having defeated the Swedish
"National Director," Sten Sture the Younger, and been admitted to
the city of Stockholm, he caused about eighty of the most
influential members of the Swedish nobility to be beheaded in a
single day. That was the "Blood-bath of Stockholm," by which
King Gustavus lost his father and brother-in-law. On the same
occasion his mother and sister were imprisoned, and both died
before they could be set free.
[3] Långheden is a wooded upland plain on the southern border
of Dalecarlia. Brunbeck Ferry or Ford was for centuries the main
crossing point of the Dal River for all who entered the province of
Dalecarlia from the south. Rendered arrogant by the part they
had played in the wars of liberation between 1434 and 1524, the
Dalecarlians had established a claim that not even the King
himself had the right to pass those two border points at the head
of an armed force without first having obtained their permission.

ACT II

FIRST SCENE

The office of HERMAN ISRAEL. A large room, the walls of which

are covered by cupboards. Door in the rear; doors in both side
walls; few windows, and these very small. A fireplace on the
left-hand side. A large table in the middle of the floor; armchairs
about it. Above the rear door and the fireplace appears the coat
of arms of Luebeck, in black, red, and silver.
 At the right, a desk with writing material and a pair of scales.
The room contains also several sets of shelves filled with goods
in bundles.
One of the cupboard doors stands open, disclosing a number of
altar vessels of gold and silver.
MARCUS is weighing some of the vessels at the desk, while DAVID
is noting down the weights given him.

MARCUS. A crucifix of silver, gilded; weighs twelve ounces.

DAVID. [Writing] Twelve ounces....
MARCUS. Item: a monstrance of gold—a perfect thumper. Weighs....
Let me see now.... Oh, it's hollow—and the base is filled with lead....
Put down a question-mark.
DAVID. Question-mark it is.
MARCUS. A paten of silver—well, I don't know. [He tests the vessel
with his teeth] It tastes like copper at least. Put it down as "white
metallic substance."
DAVID. White metallic substance.—Do you think those rustics are
cheating us?
MARCUS. Us? Nobody can cheat us!
DAVID. Don't be too certain. Niegels Bröms, the goldsmith, says that
interlopers from Holland are going through the country selling
church vessels full of coggery, probably meant to be exchanged for
the genuine goods.
MARCUS. We'll have to get it back on the bells, which contain a lot of
silver, according to old traditions.
DAVID.The bells—yes, they were to go to Luebeck, but instead they
are going to the royal gun-foundry to be cast into culverins and
bombards.
MARCUS.So it is said. If only the Dalecarlians knew of it, they would
come galloping across the border forests, I suppose.
DAVID. I think their galloping came to an end with the recent fall
slaughter.
MARCUS. No, there will be no end to it while the two blackest rogues
are still at leisure....
DAVID.You mean Mons Nilsson of Aspeboda and Anders Persson of
Rankhyttan, who are still hanging about the town, hoping to get an
audience with the King?
MARCUS. Those are the ones.
DAVID. Calling them rogues is rather an exaggeration, and our
Principal seems to put great store on them.
MARCUS. Now, David, don't forget the first and last duty of a
Hanseatic clerk—which is to keep his mouth closed. And bear in
mind the number of talkative young fellows who have vanished for
ever through water-gates and cellar holes. You had better
remember!
DAVID. I'll try, although it seems about time for the Hansa itself to be
thinking of the great silence. [Pause.
MARCUS. Do you know where the Principal is?
DAVID.With the King, I suppose, taking an inventory of Eskil's
Chamber.[1]
JACOB ISRAEL. [Enters; he is the son of HERMAN ISRAEL; a richly
dressed young man, carrying a racket in his hand; his forehead is
bandaged] Is my father here?
MARCUS. No, he is not. I think the Principal is with the King.
JACOB. Then I'll sit down here and wait. Go on with your writing. I
won't disturb you.

[He seats himself at the big table.

PRINCE ERIC.[Enters; he is somewhat older than JACOB] Why did you

leave me, Jacob?
JACOB. I was tired of playing.
ERIC.I don't think that was the reason. Some one offended you—
some one who is not my friend.
JACOB. No one has offended me, Prince, but I have such a strong
feeling that I ought not to appear at court.
ERIC. Oh, Jacob, my friend, why do you cease to call your old
schoolmate by name? And why do you look at me like a stranger?
Give me your hand You won't? And I, who have been lonely and
deserted ever since my mother died; who am hated by my
stepmother, by my father, and by my half-brother; I am begging for
the friendship which you gave me once and which you are now
taking back.
JACOB. I am not taking back anything, Eric, but we are not allowed to
be friends. The fact that we two, as mere boys, formed ties of
friendship that were nursed by common sufferings, has been ignored
or tolerated by our fathers so far. Now, when you are about to marry
a foreign princess and take possession of a duchy, it has been
deemed politic to separate us.
ERIC.Your words are stilted, as if you meant to hide your own
thoughts, but your feelings are not to be concealed....
JACOB. Pardon me, Eric, but this is not the place for a conversation
like this....
ERIC. Because this is a place for trading, you mean—as if the parties
to such a transaction were degraded by it? I don't object to it,
although I am rather inclined to think the seller more broad-minded
than the buyer.

JACOB indicates by a gesture the presence of the two clerks.

ERIC.Oh, let them hear. Marcus and I are old friends, and we met at
the Blue Dove last night.
JACOB. Ugh! Why do you visit a vulgar place like that, Prince?
ERIC.Where can I go? I have no one to talk with at home; and it
seems to me, for that matter, that people are equally good or bad
everywhere—although I prefer what is generally called bad company.
—Do you know John Andersson?
JACOB. [Embarrassed] I have never heard his name even. Who is he?

MARCUS and DAVID go quietly out to the left.

ERIC.A man from Småland who is full of sensible ideas.—Do you still
need to have your forehead bandaged?
JACOB.Do you think I wear the bandage as an ornament, or as a
souvenir of the city mob?
ERIC.You should not bear a grudge against the good folk because
some scamp has misbehaved himself.
JACOB.I don't, my friend, and I know perfectly well what a stranger
must expect in a hostile country. If you come to Luebeck, you will
see how they stone Swedes.
ERIC. You talk just like Jorghen Persson. Do you know him?
JACOB. I don't.
ERIC. He looks at everything in the same way as you do.
JACOB. How do you mean?
ERIC. He thinks every one is right, and that whatever happens is
juste. There is something sensible and enlightened in his view of life.
That's why my father hates him....
JACOB.Don't talk badly of your father. It sounds dreadful—if you will
pardon me!
ERIC.But if he acts badly, why shouldn't I say so? And I hate him, for
that matter!
JACOB.Don't say that—don't! The greatness of your royal father is so
boundless that you can't grasp it.
ERIC. It only looks that way—I know! Last night he came up to me
and put his arm around my shoulders—for the first time in my life—
and I, who have been living in the belief that I barely came up to his
hip, found to my surprise that I am as tall as he. But as soon as I
looked at him from a distance again, he grew taller and turned into a
giant.
JACOB. That's what he is. And he resembles one of Buonarotti's
prophets—Isaiah, I think. And, verily, the Lord on high is with him.
ERIC. Do you really believe in God?
JACOB. Are you not ashamed of yourself?
ERIC. Well, what are you to believe in times like these, when kings
and priests persecute the faithful and profane everything that used
to be held sacred. And yet they call themselves "defenders of the
faith."
JACOB. Can't we talk of something else? Please, let us!
ERIC. That's what the King always says when I go after him, and for
that reason I hate him still more—as he hates me! Do you know that
it was your father who brought my mother to him from Lauenburg?
[2]

JACOB. No, I didn't know that.

ERIC. Yes, but the marriage turned out badly. They hated each other
beyond all bounds—and one day [he rises in a state of great
agitation] I saw him raise his stick against her—[roaring out the
words] against my mother—and he struck her! That day I lost my
youth[3]—and I can never forgive him—never!
JACOB. [Leaps to his feet and put his arms about Eric] Look at me,
Eric! Look at me! I have a stepmother, too—who is always
tormenting me when I am at home—but hush, hush! If it can help
you to hear that I am worse off than you—very much worse—then—
you know it now! Remember that it won't last for ever, as we are
growing up to freedom....
ERIC. And you don't hate her?
JACOB. Such a feeling has no place beside the new one that is now
filling my soul.
ERIC. That means—you are in love.
JACOB. That's what we may call it.... And when your own time
comes, you, too, will see your hatred change form and vanish.
ERIC. I wonder!—Perhaps you are right The lovelessness in which I
was born and brought up has turned into a flame that is consuming
my soul. My blood was poisoned at my birth, and I doubt the
existence of an antidote.... Why do you leave me?
JACOB. Because ... because we are not allowed to be friends—
because we cannot be friends.
ERIC. Do you think me so vile?
JACOB. No, no!—But I mustn't say anything more. Let us part. I shall
always watch your fate with sympathy, for I think you were born to
misfortune.
ERIC. What makes you utter what I have thought so many times?—
Do you know that I was also born to be in the way? I stand in the
way of my father's desire to see Johan on the throne. I stand in the
way of his wish to forget the hated German woman. My mind has
not the true Swedish quality, and the fault lies in my German blood.
Although I am a Vasa, I am Saxony, too, and Lauenburg, and
Brunswick. I am so little of a Swede that it gives me pleasure when
the free city of Luebeck imposes a penal tax on my country—and
keeps it humiliated.
JACOB. [Looking hard at him] Is that the truth, or do you merely talk
like that out of politeness?
ERIC. [Puts his hand to his sword, bid regains self-control
immediately] Do you notice how much I love you, seeing that I
pardon such a question?—Yes, my friend, the first words taught me
by my mother were German, and in German I learned to say my
Welcome to our website – the ideal destination for book lovers and
knowledge seekers. With a mission to inspire endlessly, we offer a
vast collection of books, ranging from classic literary works to
specialized publications, self-development books, and children's
literature. Each book is a new journey of discovery, expanding
knowledge and enriching the soul of the reade

Our website is not just a platform for buying books, but a bridge
connecting readers to the timeless values of culture and wisdom. With
an elegant, user-friendly interface and an intelligent search system,
we are committed to providing a quick and convenient shopping
experience. Additionally, our special promotions and home delivery
services ensure that you save time and fully enjoy the joy of reading.

Let us accompany you on the journey of exploring knowledge and

personal growth!

textbookfull.com