This is more a thought experiment than anything.
I'm wondering what it would take to detect everything I legally can about the laptops in a hotspot. My first thought was to grab every MAC address I can and extract the maker from the first 24bit.
The question is would this be illegal and what else could I legally scavenge, preferably passively?
P.S. This constitutes a pattern-recognition problem so it IS programming... I think.
nmap can do a reasonable job of guessing the operating system by the way the target system responds to various probes
For the brain dead answer: Quit typing and look around for a few minutes :-D
I guess the obvious one would be to sniff the user-agent out of their HTTP requests.
IIRC there are ways to detect what TCP/IP stack is being used by sniffing choices in port usage and sequence numbers.
Why does it matter, 90% of them will be apples ;-)
The people wearing black turtle necks will be using Macs, the rest will be using PC's and Windows (except for that one guy with long pony tail who is using Linux).
Packet sniffing is illegal without the network owners consent. At least that's the generally followed precedent. There has been very few tests of this in court. But your idea of how to do it, using the mac addresses, would work well. Wireshark is a good packet sniffer if you're looking.
GFI Languard gives a lot of info like this. Check it out.
Related
First, I need to know this in kernel space, so please take this into consideration.
No, I cannot use the IP address of the other device and ARP it(too long to explain why here) but I simply cannot use ARP, ARP won't work for the project I am working on.
Is there a function/utility I can use to know the MAC address of the other end in a connection attached to a given net_device I already have regardless of the IPs?
Thanks in advance, and if my question is not clear or makes no sense, leave a comment and I'll make sure to edit the question to explain/fill in the gaps
The standard protocol for "I need to speak to my neighbor" kind of problems is LLDP. At the moment, this is usually implemented via OpenLLDP (user-space) on Linux systems. However, there appears to be some kernel-space patches on the way that might help you:
Supposing you have the possibility to enable LLDP on the other end, you should be able to use it to discover that device.
Just because of curiosity, I'd like to get to know better, how the Internet works.
I have already read quite some articles in Wikipedia, but these are very theoretical. I know, which protocols are used where, and what they are good for (IP, TCP, HTTP). But I have no idea how these are actually implemented in Linux or any other OS.
So, for me to understand these things better, I'd like to write a simple implementation of the Echo-Protocol in C, preferrably for Linux, and from ground up. My client-application should be able to send a message to a given port on any other computer, and my server-application should be able to receive this message, and send it back to the client.
Where do I start best? What should I read to get more information on these topics? Has anyone of you already done something like this, and if so, what did you learn?
In addition, it would be great if someone could tell me a bout a program that shows me the raw Internet-traffic that runs trough my PC. I think this would also help me understanding things a bit better.
Thanks in advance for your advice.
http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=berkley+socket+tutorial
http://beej.us/guide/bgnet/
http://www.tenouk.com/cnlinuxsockettutorials.html
http://www.paulgriffiths.net/program/c/sockets.php
In addition, it would be great if someone could tell me a bout a program that shows me the raw Internet-traffic that runs trough my PC.
Ethereal is pretty great for this.
So I want to learn all about networks. Well below the socket, down to raw sockets and stuff. And I want to understand hubs, routers, access points, etc. For example, I'd like to be able to write my own software to do this kind of stuff.* Is there a great source for this kind of information?
I know that I'm asking a LOT here, and that to fully explain it all requires from high level down to low level. I guess I'm looking for a source similar in scope and depth to Applied Cryptography, but about networks.
Thanks to anyone who can help to point me (and others like me?) in the right direction.
* Yes, I realize using any of my hand-crafted network stack code would be a huge security issue, and am only looking to do it to learn :)
Similar Question: here. However I'm looking for more than just 'what's below TCP/UDP sockets?'.
Edited for Clarification: The depth I'm talking about is above the driver level. So assuming that the bits can make it to and from the other end of the wire, what next?
I learned IP networking from TCP/IP Illustrated. Highly recommended.
This may not help you learn it, but a packet sniffer like Wireshark will give you some insight into what the data looks like at a pretty low-level protocol (TCP/IP).
As you have obviously recognised, the universe does not start and end with the IP Protocol. Take a look at the OSI 7 Layer Model where IP is a Layer 3 (Network) protocol. Common IP Routers will operate at this level, but there is more complexity you probably should understand in the Data Link and Physical layers before you start coding your own network stacks.
Start with the fundamentals of data communications in all its myriad forms and work your way up the stack until you get to where you need to stop. Data Communications, Computer Networking and Open Systems is a good foundation text, and then look for more detail on each area you need to focus on. Previous answers include good links for IP and TCP/IP, and as mentioned Wireshark will let you look down through some of the layers
CISCO CCNA materials contain a great network fundamentals, but does not affect programming aspect. I'm not sure that there is an official free link, but you can try to find them.
You should equip yourself with a c compiler and the necessary libs and headers for your OS and play around. You may want to read for example:
http://snap.nlc.dcccd.edu/learn/fuller3/chap13/chap13.html
I had some more links in my delicious account, but they all went down the digital drain ;-)
Have you any embedded programming experience ? If so I recommend you buy one of these development boards. They are cheap and allow you work on every part of the networking stack plus all the software tools required are free.
Note that getting going on it isn't easy and I ended up reading the CS8900 IC datasheet to learn how to make it communicate with the ARM7 based processor. But if you enjoy that sort of thing (as I do) then they are great fun.
Hmmm ... have you looked into Computer Networks by Tanenbaum ?
The TCP/IP Guide
I have found the networking chapter in "understanding the linux kernel" and "understanding linux network internals" from oreilly to be very helpful.
The TCP/IP stack is a very good start but there is a lot more and a good understanding of how ethernet works and how ethernet != IP != the-interweb will go a long way.
books on network security often do a decent if not goos job explaining how networks work in a concise context.
what really did the trick for me was taking a job implementing NAT :)
This course worked for me: COS 461 at Princeton. Note that it assumes system-level programming experience with C.
Pretty much all the readings and lectures are available online under "Syllabus". And you can try the assignments too (unfortunately, you won't have access to the Virtual Network System).
Check this.. it is a good collection of information:
http://www.tcpipguide.com/free/t_toc.htm
I am sending real-time-critical data over the internet between two dedicated computers, using my own protocol.
There is, of course, latency involved.
For debugging and optimization, I like to have both computers use the same timebase. I.e, I need to know the time difference of their clocks so that I can judge the latencies better.
Of course, relativism and such doesn't really allow me to sync them perfectly, but I like to get as close as possible.
Relying on NTP alone does not appear good enough - clocks can be off by half a second in my experience (clarification: I relied so far on the default one provided by Apple).
I need precision in the 1/10s range, at least. The two computers won't be too far apart, ICMP ping times are less than 100ms, usually.
Any suggestions how to do this?
(currently, the machines involved run OS X, so if you know a solution just for them, that'll be a start)
Get the time from a GPS receiver connected to the machines. If they are in a data centre it can be difficult getting an antenna into a location that it can get a lock though unfortunately.
I would suggest that your best bet is to install an ntp server on one of the machines and get the other to sync to it.
Did you try to have one of the machine as NTP server for the other? May be they won't be in sync with the 'real' time but this may bring you within the precision you require.
Relying on NTP alone does not appear
good enough - clocks can be off by
half a second in my experience.
That's strange. NTPd over Internet is supposed to give you much greater precision.
Is there a reliable programmatic method to open ports common firewall appliances?
The UPnP protocols may help with consumer-grade devices like cable routers. However, I'm not sure I'd call them "reliable", since not all hardware supports them. This is, however, how the Xbox 360 tries to punch through NAT devices for Xbox Live.
Adding to Mattk's answer you could also use NAT-PNP along with UPnP. It's an emerging standard promoted by Apple and used in its recent Airport Extreme WiFi access points. Here's a quick document covering most of the protocol: http://miniupnp.free.fr/nat-pmp.html
Short answer: no.
There are some methods for simple IPv4/NAT gateways, i.e. NAT-PMP and UPnP IGD, but they're not guaranteed to be there, and when you do have them, it's usually only one or the other and not both. More often than not, you get nothing. For simple IPv6 firewalls, it's worse: there's just nothing. Full stop.
Sadly, things like portforward.com exist because they continue to serve a useful purpose.
If the firewall is a secure one, then no. It would defeat the purpose if code could just open holes, no?