I have a network, consisting 4 PCs. All PCs are connected to a hub.
One of these PCs has two network interfaces which one of them is connected to the hub. and the other one in connected to the internet.
How can i configure this PC to sniff in the internal hub network, and capture all pockets and send them to the specific destination on internet? (I do not what this PC to change the source address of packets just destination address to the remote machine on the internet! so that when the packet arrived at the remote machine, it contains the address of one of other 3 PCs as the source)
IS it possible at all?
I'm not sure to understand exactly what you want, but if you want to access an external network from your 3 pc, you should set the pc with two cards as the default gateway. On the pc with two cards you should also setup some kind of masquerading. However, at the destination point you'll never have the exact source address, but the addres of the pc doing the nat/pat translation.
Do I understand correctly you want to "spy" the other computer? If you're on the same network, you can try to use Wireshark to capture all traffic going over a router.
Related
I have two devices, a PC and a RaspberryPi, that are connected to two different routers (one has VPN, one does not), that are connected to the same modem. (See diagram). The two routers are physically separated, so it would be difficult to connect them with a cable.
I am trying to access the RaspberryPi from my PC using SSH to run programs remotely on the Pi, and have the Pi send data that the program scrapes back to my PC for processing.
My question is, is this possible? And if so, how would I be able to implement it?
Thanks
I had this working (prior to my network reconfigure).
What I did was set router A as DHCP server.
Router B was configured as not to hand out IP Addresses.
Connect router A and router B on the LAN side.
All clients went through Router A, unless the devices' IP Settings were changed. I only changed gateway to router B to have the secondary connection.
I created two Qt apps: one client and one server.
I use them to send some data for handle a remote device.
If I am in localhost I haven't issues about them, but when i search to connect them by internet i don't know how to find correct Ip server to connect Socket Client.
How i can find this ip node?
Is there a class to find It?
you cannot find it automatically, if this is what you're asking about.
In real life you would deploy your server on some publicly accessible host, give it a domain name (important part as your host can change the IP address at any time) and connect the client via the DNS domain.
However if you're just playing around and you want to show to the world that your app works, specifying the IP address of the server in your client code would be perfectly fine (assuming you're running both the server and the client in the same network).
In that case, if you're running mac/linux run the command ifconfig (or just ip depending on the distribution). On Windows you can run the command ipconfig. Both windows and linux will give you a similar output resembling this:
Pay attention to the network adapters. There can potentially be many of them. You may have some emulated adapters if you have docker or VMWare, you may have the wireless adapters if you have a WiFi card, and then the ethernet adapters if your computer can connect to the the internet with an ethernet cable. Each of these adapters specifies a different IPv4 address. You want to pick the one that is connected to the same network as your client. So for instance if both your server machine and your client running machine are connected to the same wifi, you pick the address from the Wireless LAN adapter
I want to develop an Android app that connects with a Windows desktop application via TCP/IP.
However I have very little knowledge of networking and so please forgive me if this is a very basic doubt.
My Windows based laptop as well as Android phone are connected to the internet via the same WiFi router.
Now I checked the IP address for my laptop as well as phone using a website.
Both are same!
If both have the same IP address, then to achieve networking between these devices I will choose different set of port numbers.
Will this connection work?
Is the connection happening via the internet or just locally on my
router?
EDIT: After reading the answer from #Doon, I have broadened my question.
Let's say the local address of laptop is 192.168.1.10 and that of phone is 192.168.1.20.
If I code my application to use these IP addresses, it should work as it is a local network.
But what if I want my laptop to connect with another phone which is not connected to the WiFi router, rather by 3G network.
Then which IP address should be used for the laptop and the other phone?
Since I am not allowed to use any other server, I am going to use port forwarding i.e. the user will type in the IP address displayed on the other device. The connection could be initiated on either one of the devices.
If you could also show how to do this programmatically, it would be very helpful.
My Windows application is developed in C++ using Qt.
All of your devices are sharing 1 external or WAN IP address using NAPT (network address port translation). Internally on your LAN each device has its own address. So yes it will work but you are going to need to use internal addrss and the devices actual IP address not its perceived address via an external service.
As for the connection locally or via router that all depends on where you are connecting to. If both end points are on your lan or on the same Subnet then the router will not be involved. So in the average home network between your phone and desktop both connected to the same network say via wifi then they are most likely layer 2 adjacent (see the OSI 7 layer model for more info on layer 2 vs layer 3). But once they are not on the same network then routing will be involved and your router will be used. If the phone is connected to 3G or the cell data network and you want it to talk to your desktop on your home network you are going to need to deal with port forwarding on your router and other such fun things.
In regards to updates. Once you leave the local network it gets more complicated especially with IPv4 as address are running out so there is more and more use of nat or IPv6 with 6 to 4 gateways. Do you want the laptop to initiate connect to the phone or phone to the laptop? But normally you will need to iterate your address on your interfaces. Then connect with an external service to get your external IP address and compare and see if they are the same. if both endpoints are dynamically assigned you will need some sort of location mechanism could be dynamic DNS could be locator service etc.
I am trying to send data using the AsyncUDPSocket class. And I can send data using the iPhone simulator over the wire to another machine that is running a simple C-coded listening server. I can also receive data over the wire using a client connected to the simulator(server). However, when I tried the same over Wifi, using the simulator, I could only send data but not receive any data.
I read on another post, that unicast data makes this possible. How can I acheive this using AsyncUDPSocket?
Thanks,
Angelo.
Ok, I figured this out. A newbie kind of thing, really.
When I set my Mac network preferences to Ethernet, I get an IP for me to communicate. However, when I turn Airport(Wi-Fi for more newbies) ON, and ethernet cable disconnected, I checked my network preferences, and sure enough my IP address was a different one.
Spoke to a friend (an ace in networking) and the thing clicked immediately: On WiFi networks a DHCP server allocates an IP address. This IP address has to be reserved, at the very least, at the DHCP server. Since my IP was not reserved, I had to change the IP address, in my udp_client.c file, recompile and run the client to connect.
BTW, I can now communicate between my iPhone and my PC using my local WiFi (office) network.
For any who might face the same problem, do not be assured that the IP address of your mchine is the same, when you switch from LAN to Wifi, and use the device mostly for WiFi reated testing. :)
we have little network devices which are shipped with IP address 0.0.0.1 to ensure that they never collide with any other device in their new environment (thus none of the 10.x.x.x, 172.16.x.x or 192.168.x.x ranges) until configuration. DHCP is no solution since there might be no DHCP server in the field.
The devices would listen to UDP broadcasts and answer with broadcasts until they are given their new IP address this way.
This worked fine with Windows XP - but sucks with Windows 7: the config program does not receive the answer packets from the devices which still have 0.0.0.1. Wireshark sees the packets, then they are dumped by the system.
Question: Is there any reason (RFC?) that actually prohibits using this address in a local environment? Or is it just MS that was overcautious? Where can I read why they treat this address "invalid"? Which ranges are really "invalid" now, too?
Any idea of a workaround on the PC side (Win 7)?
I know that it is not recommended to use 0.xxx addresses for work places, but for this very reason - having a not-used address - it works perfectly.
Edit: there is a device out there called "Netburner" which might have faced the similar issue, according to their forum. See: http://forum.embeddedethernet.com/viewtopic.php?f=5&t=612&p=2198 Does - by coincidence - anybody know some background information?
It sounds as if your configuration application is listening for broadcast packets on all network interfaces and expecting to receive packets from foreign subnets.
That should not work - the OS should only pass-on broadcast packets from the subnets each network interface is on, not from all subnets on the same physical (e.g. Ethernet) segment. I am reasonably certain that doing otherwise is broken behaviour WRT the IP protocol.
The are two ways to deal with this:
Make sure that your network interface has an IP address in the target subnet. You can have more than one IP addresses for each network card, so that should not interfere with normal network operations.
Configure or modify you application to use raw sockets, like Wireshark. Keep in mind, however, that this overrides all normal checks and balances and should be avoided, since it can cause behaviour that is almost impossible to diagnose - which is why it is frowned upon by meny network administrators.
Can you you add new routing table entries to Windows machines easily? Windows has to know which interface to use when routing a broadcast packet to the 0.0.0.x network.
The Unix machines I'm familiar with have a routing table that maps network/netmask entries to either gateways or interfaces (if the network is a local network). The local network (192.168.0.0/16 for my home network) gets sent to interface eth0. Everything else 0.0.0.0/0 gets sent to a specific gateway machine 192.168.0.1.
If my machine sent a UDP broadcast message to network 0.0.0.0/24 (in other words, UDP broadcast sent to 0.0.0.255, then my machine would forward the packet to the gateway machine (which it can look up via arp). The switches in the middle wouldn't propagate the packet to other network devices, because the MAC address is set.
If my machine had another routing entry for 0.0.0.0/24 to the local interface, then my machine would send the packet on the wire using an ethernet broadcast group, and the switches would forward the packet to all connections. (Yay! Just like hubs in the 90s! :)
So I figure you need to add a routing entry for 0.0.0.0/24 to your client machines, so that they can properly address the broadcast packet.