I have to implement a dsniff version for bro as my final year project. So I started by writing bro scripts where I use protocol events that were implemented by Bro. The thing is Bro didn't implement events for all the protocols and LDAP is one of protocol that suffer from absence of events in BRO. So I was wondering what is the best way to achieve this. I mean : Do I need to add dissectors and events for theses protocols, or do I need to use some functionality of that I missed? (I'm newbie in Bro)
Thank you very much for your help.
For others that want to do the same as me, there's no analyser implemented for ldap. But this not a big problem because there's a handfull tool that helps us to write, simply and easily, analysers of protocols that uses Tcp or UDP as transport layed. This tools is called Binpac. Here's a link of a quickstart up: https://www.youtube.com/watch?v=1eDIl9y6ZnM.
And for people who wanted to know what we have managed to do for the project Bro-Dsniff, here's the link of git : https://github.com/rsabir/bro-dsniff
Related
By default gammu have support for most standard modem. I have a very particular modem with some special requirements and I would like to add a protocol to gammu.
Is there a guide for this somewhere or someone who can list the basic steps for me?
EDIT: #user1664784 recommended to look att Kannel, and actually any system able to handle incoming and outgoing SMS is acceptable as long as it is stable. But I need to know how to modify the system so that I can handle a specific protocol. It is AT-based but a slight dialect. So any suggestion of a system handling SMS from a device connected over serial port is interesting. I need to find a system where someone can give me information on where in the source code I can begin adding a new AT-based protocol.
If someone have done some sample code in this area it would also be greatly appreciated.
It really depends how much different it is from standard AT commands.
If the difference is minor (eg. needs custom initialization), it can be easily achieved by feature flags. This can be seein ATGEN_PostConnect which handles initialization for ZTE or Huawei devices.
If the differences are big, you will probably need to write own driver, which will fall back to AT in some cases. Something similar can be seen in the AT OBEX driver which switches Bluetooth connection between OBEX and IrMC modes.
I think we used to have documentation on adding support for new devices, but I'm unable to find it right now.
I've taken a look at the basic websocket capabilities in Dart, using this simple example:
https://github.com/financeCoding/chat-websocket-dart
But I was wondering if there's a nice library I could use to build a realtime online game using websockets. I've had experience in this using node.js with socket.io, which worked out quite well. I need to be able to have "rooms", join rooms, leave rooms, broadcast to clients in a room, etc. as well as some nice notion of connection "health", reconnection etc. So what I'm asking is if there's a nice library for dart that has similar functionality? Even cooler would be a library on top of that library that could enable nice RPC functionality with variable syncing etc. such as http://nowjs.com/ which achieves this using socket.io. But I guess that might be too ambitious.
If anyone's had any experience or found a project which is similar to what I'm talking about, let me know :)
Duct is clone of Socket.IO in Dart which aims to be protocol-level compatible with the original implementation.
https://github.com/petrhosek/duct
Sorry, at the time of this writing, I'm not aware of a socket.io port for Dart. socket.io is nice because it has a bunch of implementation options for browsers that don't support Web sockets.
Sounds like a good idea for a hackathon project!
In our project our server must know as quickly as possible if a client gets disconnected.
Is there a effective way to implement this? Maybe with the GWTEventService or a powerfull framework?
You have a few options:
You can check out Comet. Comet was designed for this kind of behavior, where you intend to push data to the client without the client explicitly requesting it. Check out Wikipedia's article about Comet for more information. There's a GWT implementation of it here: gwt-comet.
Alternatives: You could use something like Spring Framework to keep tabs on your clients. You could also implement a heartbeat-style approach, where you force the client to hit a given page every X seconds so you know they're still connected.
Honestly, there are countless ways to do what you're looking for here. I'd say Comet would be your best bet if you don't mind implementing a whole framework.
I would like to set up a network with some computers I have, where they can connect to one main source, then receive and send messages back to it. I have never done any network programming before, so I'm just wondering what are the best tutorials using Ruby that I could use.
Thanks in advance.
There are about a billion ways you could do this. Could you post more about what the problem is you're trying to solve, or what the content/purpose/size/format/etc. of the messages is to be? Are you building something "for real" or just trying to learn network programming?
Also, do you already have the lower layer stuff figured out? You have networking infrastructure setup, IP addresses assigned, etc? If not, you'll need to get through that. Once you have that, you could start with a tutorial on basic socket programming in Ruby, but - depending on the answers to the questions above - you might not want to "roll your own" solution at that level. The answer might be to use an XMPP (Jabber) server, and use an XMPP client library, or you might want to deploy something like ActiveMQ, HornetQ, etc. and use a library for interfacing with that. Or maybe you want to use HTTP and pass messages around in JSON, or XML or $WHATEVER. In short, there are a LOT of options in this area.
EDIT: I forgot to include the prime candidate for web applications: JSON over HTTP/REST + Comet. It combines the best features of the others (below)
Persevere basically bundles everything I need in a server
The focus for Java and such is definitely on Comet servers, but it can't be too hard to use/write a client.
I'm embarking on an application with a server holding data, and clients executing operations which would affect this data, and thus require some sort of notification across all interested/subscribed clients.
The first client will probably be written in WPF, but we'll probably need to add clients written in other languages, e.g. a Java (Swing?) client, and possibly, a web client.
The actual question(s): What protocol should I use to implement this? How easy would it be to integrate with JS, Java and .NET (precisely, C#) clients?
I could use several interfaces/protocols, but it'd be easier overall to use one that is interoperable. Given that interoperability is important, I have researched a few options:
JSON-RPC
lightweight
supports notifications
The only .NET lib I could find, Jayrock doesn't support notifications
works well with JS
also true of XML-based stuff (and possibly, even binary protocols) BUT this would probably be more efficient, thanks to native support
Protobuf/Thrift
IDL makes it easy to spit out model classes in each language
doesn't seem to support notifications
Thrift comes with RPC out of the box, but protobufs don't
not sure about JS
XML-RPC
simple enough, but doesn't support notifications
SOAP: I'm not even sure about this one; I haven't grokked this yet.
seems rather complex
Message Queues/PubSub approach: Not strictly a protocol, but might be fitting
I hardly know anything about them, and got lost amongst the buzzwords`-- JMS? **MQ?
Perhaps combined with some RPC mechanism above, although that might not be strictly necessary, and possibly, overkill.
Other options are, of course, welcome.
I am partial to the pub/sub design you've suggested. I'd take a look at ZeroMQ. It has bindings to C#, Java, and many other platforms.
Bindings list: http://www.zeromq.org/bindings:clr
I also found this conversation on the ZeroMQ dev listing that may answer some questions you have about multiple clients and ZeroMQ: http://lists.zeromq.org/pipermail/zeromq-dev/2010-February/002146.html
As XMPP was mentioned, SIP has a similar functionality. This might be more accessible for you.
We use Servoy for this. It does automatic data broadcasting to web-clients and java-clients. I'm not sure if broadcasts can be sent to other platforms, you might be able to find an answer to that on their forum.
If you want to easily publish events to clients across networks, you may wish to look at a the XMPP standard. (Used by, amongst other things, Jabber and Google Talk.)
See the extension for publish-subscribe functionality.
There are a number of libraries in different languages including C#, Java and Javascript.
You can use SOAP over HTTP to modify the data on the server and SOAP over SMTP to notify the subscribed clients.
OR
The server doesn't know anything about the subscription and the clients call the server by timeout to track updates they are interested in, using XML-RPC, SOAP (generated using WSDL), or simply HTTP GET if there is no need to pass back complex data on tracking.