I am trying to calculate the throughput for TCP/MPTCP by using the parameter tp->packets_out and also tp->snd_una but they are not accurate.
How does wireshark do it?
Or does anyone know any solution?
Thanks in advance.
I am the author of https://github.com/teto/mptcpanalyzer which tries to provide some statistics for MPTCP connections. Current release has many bugs but the upcoming one is much better. Feel free to open issues there if you have any problem.
My boss is planning to implement DeviceNet on some of our products. I've looked through Google and odva.org but I can't seem to find any specific technical detail which tells me what and how I should do.
Here is my amateur understanding after reading random articles on the Internet. I would appreciate it if someone here can make them clear for me.
DeviceNet, or CIP in general, is in fact a closed protocol, despite the "open" stereotype in the company name "ODVA". You have to pay for the specification. Is this correct?
I can find a lot of "tutorials" about DeviceNet, but I can't really do anything practical without the official DeviceNet specification, right?
Is Vendor ID mandatory? If I somehow know how to talk DeviceNet, will the target refuse to talk to me without a valid Vendor ID?
I know CAN bus. Once I understand DeviceNet protocol, it's going to be purely coding stuff, right?
My company sells UPS monitoring hardware. We are not selling millions but maybe a few hundreds of thousands of devices per year. Is DeviceNet worth it?
How many software devs does it take to implement DeviceNet on a finalized product?
Thank you.
so basically I've been online trying to research this the whole day and I seem to only be able to come across specific setups that people have for their own specific needs rather than a generic list of hardware needed.
What I want to do firstly using my raspberry pi 2 running raspbian, and secondly a laptop running kali, is to be able to do penetration testing along with some extras.
What I Am looking for is a list of hardware that I need (other than the rpi2 for the first case and laptop for the second) that will enable me to sniff out WiFi signals, and attempt to get onto the network. I believe the general name for this is wardriving.
I know that I need a portable power supply for the rpi2, and a screen or some sort (I want a small screen that I can see the rpi gui desktop from. Not just terminal), so any suggestions of examples of those would be appreciated.
Where I get confused is about the WiFi antenna that I need. From what I understand is that it needs to be one that can monitor as well as connect to a WiFi, but I don't really know of any examples or of what the actual difference is between it and a normal usb WiFi stick.
I'm also not sure what else I need to have beyond that to successfully accomplish my stated goal.
Any further help would be greatly appreciated, and I think beneficial to anyone else who's looking to get started doing the same thing.
Any extra information would be good too what I mean is when I was doing my research I saw some people mentioning radio attachments, gps attachments, etc. But I'm not really sure if they're necessary to start or things that can be added further down the road with experience.
Thanks.
Ok so I seem to have found a good article that answers at least the general part of my question. It can be found here.
http://lewiscomputerhowto.blogspot.ca/2014/06/how-to-hack-wpawpa2-wi-fi-with-kali.html?m=1
It also gives tips on the process of pen testing.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I have an information theory question about how to prove (or at least give statistical evidence) that an auction website is not shilling its users.
We recently launched a pay-per-bid auction website. It is a new type of auction where the users pay to bid on timed auctions. Each bid raises the price and increases the time of the auction. The last bidder when the time runs out gets to buy the item.
The problem is that users are suspicious that we may be cheating them. I have no such intentions as the trust of my users is of paramount importance to me. However, the model could be implemented by other unscrupulous sites and it would be straightforward to cheat bidders. I need to put measures in place that will show our users that we are legitimate.
I am committed to running an honest operation. The challenge is how to prove this to the world? Any approach will need to be balanced with preserving the privacy of users.
Some ideas I have are:
show IP address of each user
solicit testimonials from winners who
have received their merchandise. Have
them mail in photos of them with
their merchandise and a recent cover
copy of their local paper.
show some broad information about each user, such as home state and country
I am looking for any suggestions.
Update
Some great suggestions. So far:
Provide behavioral information about each users:
when joined
which auctions took part of
stats for auction - bids placed, cost
do not publish personally identifiable information. No IP address, since people who did not win could exact retribution on the winner.
public forum for discussion and address questions
solicit testimonials from users to show that people do win and do receive products.
how can we show in the testimonial that it is not "invented" by us? I am thinking of perhaps asking to include a photo with a recent local newspaper. This would be hard to fake on a large scale, and how distribution of winners through time and locality.
Do you believe it would be OK to show the home State and Country of user, or would that be too much personal information?
Provide as much information as possible to users, such as who won, how much was paid, how many buys/sellers a user has made, etc;
Provide a feedback mechanism on individual auctions and users;
Have a public forum for discussion on results, support issues and complaints by users;
Don't require users to use other pay services you provide to get results, such as your own snipe system;
State your policies clearly on your Website. This should include, at a minimum, a privacy policy, discussion of how the site works, an FAQ and steps you've taken to prevent any appearance of impropriety or conflict of interest (eg employees aren't allowed to participate); and
Have a complaints and dispute resolution mechanism.
This isn't a technical problem. It's a social problem. The only way users are going to feel confident in the results is with transparency and professionalism.
Isn't that something like swoopo.com?
It first and foremost must be designed well and look professional enough that people will trust it. People are remarkably good at detecting a poorly designed website and will not respond well to it.
This may be a hard market to get into since there are such well established alternatives, but the best way to gain users is by word of mouth from existing users. This takes time, but is most effective.
Don't go violating people's privacy and publishing their information jsut because they use your site. People won't like it and won;t come back.
Provide a feedback system for users (a la ebay) where people can see other real people that are pleased with the service.
Also a public message board for comments and complaints would help comfort people as well. Good Luck!
Be ware of providing too much information though, depending on your site, your users may decide that they do not like it when too much privacy is revealed to others when they bid on something. For example, if I'm a customer and I just purchased something expensive, I do not want my user name or email shown to other people who'll start spamming me to buy a cheaper version of what I just paid for. Some others may take offense at being out bid and grief the person who out bid them by running a DOS on their IP, for example.
Yes you should protect your own site's reputation, but if you do not take actions to protect your users, you may end up losing some of them.
I think the best way to improve your reputation is through usage (may be hard), or through some reputable review sites.
Giving out IP addresses of users might be risky, and ultimately it's something that a fake site may fake as well.
I guess one way of gaining trust is to use a trustworthy authority to approve you. IOW, delegation :) let someone else solve the problem for you. e.g. Users will tend to trust you more if you're backed by someone like PayPal. That would cost you, though.
[philosophical]
The main problem is that in order to gain trust you need to provide what sociologists call "honest signals". And honest signals are usually costly. That's a problem in business because it means you have to sacrifice your earnings in order to get more customers on-board, and then balance that equation. IOW, customers and shareholders have different incentives. But as a "starup" trying to gain the trust of a user base it would make sense to signal your honesty by costly gestures. You might make less money initially, but eventually, once you're big enough, that signalling would no longer be necessary.
So what kind of honest (costly) signal can you send? Well, maybe instead of soliciting testimonials from winners you should Pay them a symbolic fee. Make it worthwhile for users to help you prove the site's authenticity by disclosing information about themselves or the transaction, and in turn make it up for them with discounts, rebates, whatever.
Anyway, I'm pretty sure you won't gain trust by simply handing out people's information to everyone without asking them. Let people do that for you, and compensate them, thereby signalling your intentions in a costly (honest) manner.
[/philosophical]
Have real time chat on the bidding pages, like IRC. People can only bid by typing "#bid $200" or something in the chat window. That way users can interrogate anyone they think might be a bot or whatever. They can also discuss the product for sale and warn others if it's a fake listing or whatever. You need to show people they can trust the site. People trust people.
Remember sitting through a talk on use of cryptographic methods to prove various facets of auctions were conducted properly. Googling "cryptography" and "auctions" together should provide some starting material if your interested in this approach.
http://www.youtube.com/watch?v=IzVCrSrZIX8
http://www.cs.virginia.edu/crab/Auctions.ppt
Jeff Atwood talked about this on www.codinghorror.com last month.
http://www.codinghorror.com/blog/archives/001261.html
I had never heard of the concept before. He does explain it fairly well.
Cathy
You cant without lying.
The only way to win is by sheer luck. You just call your lottery tickets "bids".
Shame on you.
EDIT:
Some opinions on penny auctions
Profitable Until Deemed Illegal
Penny Auctions: They're Gambling
Open source?
This is a matter of trust and so is a social, not technical issue.
Even if you open-sourced the code and/or had an information theoretical proof, how many of your customers would understand it?
In situations like this, many companies rely on a the word of a trusted third party who has inspected the company's operations. The third party stakes its reputation on its public statement that the company is doing business correctly.
I want the equivalent online resource to DNS in Twenty-One Days. I need one evening's reading that will explain what the different record types do, how do propagation and caching work, what is an SoA, etc.
I don't want anything that begins by explaining what DNS is.
Can anybody please point me in the right direction to find some online 'DNS for Geniuses' guide, please?
Check out DNS for Rocket Scientists
It does start with a very brief "What DNS is" but you can easily skip that.
You can also check out Records 101 which gives a good overview of the different record types - the examples are specific to DNSMadeEasy though.
I keep DNS and BIND on my bedside table. It was good to get me going (I used the TOC and skipped the "What is DNS" bits), and it keeps on giving me confidence and a helping hand.
I don't normally buy soot-on-dead-trees books, but this one is a rare exception that has repaid me many times over.
The definitive source, and quite readable (IMO):
http://www.ietf.org/rfc/rfc1035.txt
When I set up DNS for the first time I read DNS HOWTO. It worked pretty well for me.