I have a project on DNS reflection prevention and I need somehow to capture incoming and outgoing packets in real time... I am working on Linux Debian 8.0... can you please tell me how to do that... I looked in many websites and watched many tutorials but they were confusing and didn't help at all.. could you please help me
Thank you
You can use Wireshark for listening for network traffic and capturing the packets. A command-line version - T-shark can output structured XML, which you can store into the database using the programming language / tools of your choice.
Related
I was looking all over the internet to find a way to capture incoming packets from a certain network interface, then I came across PCAP, TCPDUMP, I believe the most commonly used networking library out there is Boost/Asio, so I wanted to use this library in order to capture traffic, but apparently there is no example for using Raw sockets or other classes to listen for incoming packets to a certain NI, I would appreciate any help or examples on this.
We eventually found out the best option for sniffing incoming packets was Libtins.
libtins is a high-level, multiplatform C++ network packet sniffing and crafting library.
Its main purpose is to provide the C++ developer an easy, efficient,
platform and endianness-independent way to create tools which need to
send, receive and manipulate network packets.
It uses a BSD-2 license and it's hosted at github.
I don't know if anybody have issued this, but I wan't to ask. My problem was like this:
I could use video chatting from apprtc.appspot.com using two Chrome tab (which means I call myself). Everything worked well.
I could use apprtc with two different laptop as well, if those laptop were on the same network. I used my university's network behind proxy.
However, apprtc didn't work if I used it with one laptop on modem, and the other on LAN.
Can anybody explain what happened? Is this STUN/ICE problem? Or JSEP?
The public demo includes a STUN server but does not provide a TURN sever because the bandwidth to run a free TURN server is expensive. STUN get thought lots but not all NATs / firewalls but not anywhere near as many as TURN. You might be in a situation where TURN would work (but you don't have a TURN server) but STUN does not.
I've been able to use the demo at http://apprtc.appspot.com/ from behind two different NAT's. So it can at least work in theory; but it's also fairly well known that STUN, TURN and ICE aren't infallible. For starters, if someone has blocked access to the port 19302 (the port of the STUN server that the apprtc demo uses), the firewall traversal will never be able to get started.
The basic troubleshooting step would be to open up the Chrome developer tools (ctrl-shift-i) and look to see if there are any errors in the console. Failing to observe anything interesting there, you'd need to write up your own version of the demo app, this time with better error handling. For instance, the apprtc demo assumes certain things that can't really be taken for granted, for instance, that peerConnection.setLocalDescripton() and peerConnection.setRemoteDescription() will succeed. In production code, you'd really need to implement both success and failure callbacks on those - and that would give you better information about what might be going wrong.
AppRTC uses stun by default. TURN is 'better' (from my understanding), but I recall Justin Uberti saying public TURN servers will likely be misused (or something to that effect).
STUN often fails on enterprise grade subnets because it can't 'cope' with unfriendly NAT addressing.
I am relatively new to iphone development. I have looked through the documentation and cannot really find an answer to this problem.
I have a server which I have created and know the ip address and the port it is using. I am now trying to connect to this using an iphone application I am creating. Through the documentation there are many example where it connects via an ID (such as the witap example) however there is none where it directly accesses a previously created server.
Would anyone be able to point me in the direction of an example that uses this, give me some information or even inform me of another way around doing this? It would be much appreciated. Thanks.
Bonjour is a technology to detect servers in your local network. If you already know it, as you seem to because you know the IP address, you can connect to it using the usual techniques.
It depends on your server, is it a HTTP server? There are some Cocoa classes that might help you.
If it's a custom made server you might consider CFStream or raw sockets.
I am working with an electronics appliance manufacturer to embed LAN based control systems into the products. The idea is to serve up a system configuration/control interface through a web browser so clients never need to install software. We can communicate with the appliance by sending and receiving serial data through the embedded module. Since the appliance can also be controlled from a front panel UI, it creates a challenge to keep a remote web interface in sync with very low latency. It seems like websockets or some sort of Push is what we need for handling real time events from the server to clients.
I am using a Lantronix Mathport AR embedded device server. Out of the box the unit will serve up any custom HTML and java servlets/applets. We have the option to install a lightweight Linux distro if we need more flexibility. I am not sure how to implement any server side apps since the device is not running standard Apache. I believe it is using Boa.
Can anyone guide me in the right direction of how to do this?
Some general info...The WebSocket protocol (draft spec here) is a simple layer on top of TCP. What this means is that, if you already have a TCP server for your platform, implementing the WebSocket is just a matter of hours. The protocol specifies a handshake and two ways of sending data frames.
I strongly suggest you start by reading the 39 pages spec.
As Tihauan already mentioned, start by reading the spec, and also note that there are still some changes ongoing, although websockets is now more stable than it was 1 year ago.
Key point for me was the requirement that websocket data is entirely UTF-8 text, which lends itself nicely to JSON based message definitions.
Our system uses a form of embedded linux, so we then added and made use of the following libraries:
"libwebsockets" from:
http://git.warmcat.com/cgi-bin/cgit/libwebsockets/
"jansson" from:
http://www.digip.org/jansson/
Using the above as support libraries, we created an internal lightweight "client/server" that allowed our other software modules to register for certain, applicable, websocket messages, and respond as needed. Worked great.
Good luck and best regards,
I'm a bit late, but Mozilla posted a guide entitled "Writing WebSocket servers", which literally guides you through writing a websocket server.
You will need to already know how HTTP works and have medium programming experience. Depending on language support, knowledge of TCP sockets may be required. The scope of this guide is to present the minimum knowledge you need to write a WebSocket server.
https://developer.mozilla.org/en-US/docs/Web/API/WebSockets_API/Writing_WebSocket_servers
Simplified, I have an application where data is intended to flow over the internet between two servers. Ideally, I'd like to test at what point the software ceases to function. At what lowerbound limit (bandwidth, latency, dropped packets) do things stop working to test the reliability of the software.
What I thought I would do was the following:
Setup up 3 machines (VMware instances)
Install the 2 applications on two of the servers.
Setup up the 3rd server to sit between the two machines by doing some sort of magic with Routing and Remote Access on Windows 2003
Install either Traffic Shaper XP or NetLimiter to limit the bandwidth
Run something like TMnetSim Network Simulator to simulate a bad connection.
Does this sound like a good idea or are there easier/better ways of doing this? I'm not that comfortable on Linux and my team mates are even less so.
WANem does exactly this. We have used it both in a virtual machine on the desktop and on a dedicated old pc and it worked great. It can simulate all sorts of broken connectivity.
FreeBSDs ipfw has provisions to simulate links with a given bandwith, latency or error rate. You could use that FreeBSD machine as your machine "in the middle" in your above setup.
You probably can also run at least one of the endpoints on the same machine if you want to reduce the amount of servers involved.
Someone actually packaged up the settings and whatnot necessary for the FreeBSD solution to this problem and they call it DUMMYNET.
It simulates/enforces queue and bandwidth limitations, delays, packet losses, and multipath effects. It also implements a variant of Weighted Fair Queueing called WF2Q+. It can be used on user's workstations, or on FreeBSD machines acting as routers or bridges.
It can simulate exactly what you want, and its free and will boot onto commodity hardware. They even have a canned install of it that is small enough to put on a floppy disk (!) that you can download at that link.
Maybe it is time to learn a bit about Linux because adding a 50ms delay on every outgoing packet can be done in typing just one line:
tc qdisc add dev eth0 root netem delay 50ms
For more see the Linux Traffic Control HOWTO
We had a similar requirement some ten years ago - I'll see if I can recall how we managed it.
If I remember, we wrote a socket proxy program which was controlled by inetd on a UNIX box. This socket would accept connections from a client and open equivalent sessions through to the server. It would then loop, passing messages in both directions.
The way we achieved WAN characteristics was to introduce random delays (with upper and lower limits) in both the connection establishment and the passing of data once the link was up.
It also had the feature to drop the link occasionally as WAN links were less reliable for us than local traffic.
I recall we had to make it threaded to stop the delays from affecting reverse traffic on the link.
There is a very good (and free) Microsoft solution for that, we use it for quite some time and it works great, it can very easily simulate every thing(packet loss, low bandwidth, disconnection, latency....)
This is the best solution i found for a windows environment
More information and a download link can be found here: MARCO blog post
this product has gone some evolution and it is now integrated into visual studio as part of the automation testing, but i found the use of the standalone(that is quite hard to find, so keep a local copy) to work much better. keep in mind that you need at least two computers(or VMs) since you need to pass through a network adapter in order for the application to work its magic.