Network Basics

The slides can be found here

Notes on Presentations

Network Basics

The second lecture today will cover the basics of network programming. Here are a few links that could help you during the lab session:

• Socket Programming in Perl
• Socket Programming in Python
• A Crash Course in UNIX TCP/IP Socket Programming in C
• An Introduction to Socket Programming in C
• Libnet Packet Construction Library Developer Documentation for libnet 1.1.x, Doku from Fred
• Socket Tutorial in C
• UNIX Network Programming with many examples
• Beej's Guide to Network Programming
• Unix Socket FAQ

• Twisted, an event-driven networking framework written in Python, pdf-file
• POE - Perl Object Enviroment, really simple Servers
• Simple webserver in perl
• python module for libpcap
• Programming with pcap in C
• Packet Capture With libpcap and other Low Level Network Tricks
• Documentation to Net::RawIP
• Ruby/Pcap extension library
• Libnet documentation
• Search for RFCs

Linux clock timings

These show some measurements I have take on the Linux 2.4 kernel clock using gettimeofday(). This returns results with microsecond precision, so I wanted to make sure that this precision was significant. These graphs show that both the millisecond and microsecond parts give fairly uniform results.

Milliseconds
http://www.cl.cam.ac.uk/users/sjm217/volatile/timing_msec.png

Microseconds
http://www.cl.cam.ac.uk/users/sjm217/volatile/timing_usec.png

-- Steven Murdoch

A mathematical theory of communication

I've uploaded this famous paper by C.E. Shannon to http://berlin.ccc.de/~cc/shannon-a_mathematical_theory_of_communication.pdf.
You may download it, if you're interested.

--Cpunkt 12:21, 23 Sep 2004 (CEST)

Billy the kid

a python lib that allows you to make raw sockets.

Notes on Lab Session

Google Search String Competition

Insert here your Favorite (novel) search strings:

• inurl:"robots.txt" Disallow secret
• "phpScheduleIt v1.0.0 RC1" - Get a free homepage (see bug report Bugtraq 11080)

nmap - always print fingerprint bad bad idea

diff -Nau nmap-3.70/output.cc nmap-3.70.mm/output.cc
--- nmap-3.70/output.cc	2004-08-29 11:12:03.000000000 +0200
+++ nmap-3.70.mm/output.cc	2004-09-23 19:14:13.000000000 +0200
@@ -353,8 +353,9 @@
 	snprintf(portinfo, sizeof(portinfo), "%d/%s", current->portno, protocol);
	state = statenum2str(current->state);
 	current->getServiceDeductions(&sd);
-	if (sd.service_fp && saved_servicefps.size() <= 8)
-	  saved_servicefps.push_back(sd.service_fp);
+    // always print the fingerprint
+	if (sd.service_fp)
+	    saved_servicefps.push_back(sd.service_fp);
 
 	if (o.rpcscan) {
 	  switch(sd.rpc_status) {
diff -Nau nmap-3.70/service_scan.cc nmap-3.70.mm/service_scan.cc
--- nmap-3.70/service_scan.cc	2004-08-29 11:12:03.000000000 +0200
+++ nmap-3.70.mm/service_scan.cc	2004-09-23 19:20:57.000000000 +0200
@@ -1825,6 +1825,9 @@
 
     if (MD && MD->serviceName) {
       // WOO HOO!!!!!!  MATCHED!  But might be soft
+      // mm: print a fingerprint everytime
+        svc->addToServiceFingerprint(MD->serviceName, readstr, readstrlen);
+
       if (MD->isSoft && svc->probe_matched) {
 	if (strcmp(svc->probe_matched, MD->serviceName) != 0)
 	  error("WARNING:  service %s:%hi had allready soft-matched %s, but now soft-matched %s; ignoring second value\n", svc->target->NameIP(), svc->portno, svc->probe_matched, MD->serviceName);
@@ -1967,7 +1970,8 @@
 					  *(*svc)->product_matched? (*svc)->product_matched : NULL, 
 					  *(*svc)->version_matched? (*svc)->version_matched : NULL, 
 					  *(*svc)->extrainfo_matched? (*svc)->extrainfo_matched : NULL, 
-					  NULL);
+                      (*svc)->getServiceFingerprint(NULL));
+					  //NULL); // always pass the fingerprint
 
    } else if ((*svc)->probe_state == PROBESTATE_FINISHED_SOFTMATCHED) {
     (*svc)->port->setServiceProbeResults((*svc)->probe_state,