Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 5 years ago.
Improve this question
I was wondering how I would go about retrieving a file in a way that wouldn't be shown (or at least somewhat encrypted) in a web debugger or similar tool (wireshark for instance). I am currently using FTP, but FTP has a couple security flaws such as username and password being viewable in a web debugger or in programs that have been created for getting FTP username and password. Would SFTP be any safer?
The important thing to remember here is that Wireshark/Fiddler/et al see every packet that moves through your card. If you have a legitimate need to hide traffic from the card (and I don't see how you could), you're looking at some drastic measures.
With that in mind, establishing a VPN link is likely your best bet. That makes all traffic through your card look pretty much the same, even the legitimate stuff. A simple HTTPS connection might help, too, but in this case you still leak that something was being downloaded, as well as the base domain name (not full URL). Failing that... don't use the card. Fall back to a serial connection or USB thumb drive.
Related
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 7 years ago.
Improve this question
Trying to make console app that monitors alongside its main program, and monitors what the main program has going in and what goes out its tcp/ip sockets. I have seen people do this in a few programs, but I can't figure out how. Something about using a raw socket, but I am not sure.
Any ideas how?
If you want the console app to be entirely separate from the main program, you can do this various ways:
Create a man-in-the-middle proxy for the connections. Run a client and server socket from your console application - i.e. clients connect to your proxy server and then your proxy server will forward the connection to your main program. This allows you to record the packets on their way through your console.
Hook winsock.dll. Essentially you will be gaining access to the parameters of send() and recv() calls that your main program makes, and you can then output or do as you like with it.
Forget programming it, and use Wireshark or another network sniffer to check what's going in or out.
More information on number 2:
It was surprisingly difficult to find good tutorials in C#, mainly because it's generally done with C++ or C. Some links to get you started:
https://en.wikipedia.org/wiki/Hooking
http://csns.calstatela.edu/download.html?fileId=2062150
http://www.elitepvpers.com/forum/co2-programming/1917917-c-dll-injecting-hooking.html
A tool to assist with hooking: http://easyhook.codeplex.com
I'll update this list as I find better resources. I might make a tutorial myself, will keep you informed.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 9 years ago.
Improve this question
I have designed a virtual classroom software for students with disabilities, it is being used by some local colleges. The limitation of the software is that the students within a Local Area Network (LAN) are able to connect with server in order to receive audio/video data. I have used sockets to connect clients with server. Now the demand for the software has increased and students outside of the LAN want to connect to server using their internet connection. I am aware that I have to rewrite the server/client connectivity modules, but I am not sure how to go about connecting clients to server using internet.
I think one way is to use a vpn but I am not really sure.
Any guidance would be much appreciated. Thanks in advance.
1)First, the good news: You may not have to rewrite your client server code (at least not completely)
2)This question may be better suited for serverfault
3)Get with your IT staff to discuss your needs. Developing the app without consulting them is asking for trouble, because they're going to be the ones to ensure the proper firewall ports are opened. Even if you had a VPN, without consulting them there's no guarantee it would even work. Because you would need
4)A routable IP address. Yes, DYNDNS or something similar would work, but that introduces another single point of failure. No IT staff? Then
5)Find an IT consultant knowledgeable in basic networking, or make heavy use of serverfault.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 7 years ago.
Improve this question
I'm currently thinking about developing a sockscap-like tool with some cool new features and a nice WPF gui.
For those who don't remember:
SocksCap was a tool that allowed you use any application with the use of a SOCKS4/5 Proxy... So e.g. you could play games with another IP without using VNC and alike.
However I'm not much of a network guy, so I'd love some input on how to "socksify / proxify" from an external application within a windows environment. As this is supposed to be a project, not a "quick and dirty" thing I'm only into "clean and generic" approaches instead of "modify HOSTS entry" or "plugin for each application"...
So how would someone with knowledge about networking programming start his research about redirecting (routing?) an applications traffic via a proxy?
Thanks for any help :-)
Google always helps.
Under windows there is something similar to socksify:
FreeCap -- is a program for transparency redirect connections from programs through SOCKS server. In fact that some programs hasn't native SOCKS support (for example Internet Explorer), In this case FreeCap will be helpful, transparently redirect all connections requests through SOCKS server.
The internal implementation of this seems hijacked the socket call of the client applications.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 1 year ago.
Improve this question
Im looking to create a sort of remote desktop software, and it is required that i transfer the users screen over the internet to the viewer.
My goal is to create an optimized capture so that i dont have to transfer the whole screen 10 times a second..
The idea i had was take the screenshots on the local computer and then determine only the CHANGED pixels from the last screenshot. So basically if they did something, only what changed on the screen would be sent and reconstructed on the other side, so i can save bandwidth and speed it up for slower internet connections.
My questions:
How can i compare a new screenshot to an old one and determine what has changed.
How would i send the information discovered in step 1 over a standard TCP stream.
How would i reconstruct that data to display the screen updates successfully once on the other side.
VNC is an open source remote desktop software. I recommend you download the source and take a look at how it works. However I am sure its not written in C#.
Here is a link to TightVNC's source code:
http://www.tightvnc.com/download.php
FogCreek recently used the VNC source for its CoPilot product. You can download it's source from here as well:
https://www.copilot.com/faq/#t28
Hope that helps
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 8 years ago.
Improve this question
Our customer has asked that our application be able to communicate through HTTPS. The application itself is a C#.NET application, a client/server/database sort of application. My understanding from my programmer is that this is an additional layer of unnecessary encryption, but because our customer has asked for it we're going to try to provide it anyway.
What I'm looking for is a way to setup an SSL environment that does not require me to install a webserver. Although we could recompile our server into a DLL that could allow us to be hosted through IIS, the idea doesn't exactly thrill me (we're not wanting our customer to have to implement IIS in addition to our solution).
In any case, the idea is to provide an SSL tunnel over port 443 that our C#.NET remoting packets (they're http packets at the moment) may pass through.
Does anybody have any suggestions which may prove helpful in this regard? Do we need to add any additional handling to the communication process to allow this? (My gut says no, but I'm not the programmer.)
Mike
Check out this article on MSDN:
.NET Remoting: Writing an Asymmetric Encryption Channel Sink
First header is 'Support For HTTPS'