Please view my proposal on Packet Manipulator on
https://docs.google.com/viewer?a=v&pid=explorer&chrome=true&srcid=0B0zrpJ27iKqbMTU2OTVhODUtOGQ1OS00ZTczLTkwODctZjY0YjcxOGUzY2E0&hl=en
and on
http://www.google-melange.com/gsoc/proposal/review/google/gsoc2011/shreysharma/1
Hoping for the best,
Shrey
On Wed, Apr 6, 2011 at 9:53 PM, Shrey Sharma <[email protected]>wrote:
>
>
> ---------- Forwarded message ----------
> From: Shrey Sharma <[email protected]>
> Date: Wed, Apr 6, 2011 at 9:52 PM
> Subject: Re: [umit-devel] Regarding GSoc project- Packet Manipulator
> To: "Luis A. Bastiao Silva" <[email protected]>
> Cc: [email protected]
>
>
> Hey I have a query!...
> In the project "Project Manipulator" How many new plug-ins do we
> need to suggest?
> Do we need to make a plug-in exploiting one protocol at a time?
> Or do we have to make one plug-in for some attack exploiting more
> than one protocol at a time?
>
> Please let me know As soon as possible
> -Shrey Sharma
>
>
> On Wed, Apr 6, 2011 at 3:17 PM, Shrey Sharma <[email protected]>wrote:
>
>> Hey,
>> This is regarding the project Packet Manipulator.It is said
>> "Interesting audits plugins could target/Routing (and related) protocols
>> such as:
>>
>> - VLAN truncking protocol (VTP) "
>>
>>
>> But VTP operates in one of three modes:
>>
>> - *Server* – In this VTP mode you can create, remove, and modify
>> VLANs. You can also set other configuration options like the VTP version
>> and
>> also turn on/off VTP pruning for the entire VTP domain. VTP servers
>> advertise their VLAN configuration to other switches in the same VTP
>> domain
>> and synchronize their VLAN configuration with other switches based on
>> messages received over trunk links. VTP server is the default mode. The
>> VLANs information are stored on NVRAM and they are not lost after a
>> reboot.
>> - *Client* – VTP clients behave the same way as VTP servers, but you
>> cannot create, change, or delete VLANs on the local device. Remember that
>> even in VTP client mode, a switch will store the last known VTP
>> information—including the configuration revision number. Don’t assume
>> that a
>> VTP client will start with a clean slate when it powers up.
>> - *Transparent* – When you set the VTP mode to transparent, then the
>> switches do not participate in VTP. A VTP transparent switch will not
>> advertise its VLAN configuration and does not synchronize its VLAN
>> configuration based on received messages. VLANS can be created, changed or
>> deleted when in transparent mode. In VTP version 2, transparent switches
>> do
>> forward VTP messages that they receive out of their trunk ports.
>>
>>
>> So, which mode are we talking about.? What exactly do we have to do by
>> making a plug-in?Can you please explain elaborately so that I can plan for
>> the implementation of this plug-in?
>>
>> Thanks,
>> Shrey Sharma
>> On Mon, Apr 4, 2011 at 4:43 AM, Luis A. Bastiao Silva <[email protected]
>> > wrote:
>>
>>> Hi,
>>>
>>> I think some of them could work fine, as plugins. But go ahead with the
>>> new audits.
>>>
>>> I think you expose a plan to integrate tools like that in your proposal.
>>>
>>> On Sun, Apr 3, 2011 at 9:36 PM, Shrey Sharma
>>> <[email protected]>wrote:
>>>
>>>> Hey,
>>>> As it is mentioned in your "11.Packet-Manipulator" project it is
>>>> mentioned that "it should be nice to have interaction with other
>>>> security tools".
>>>> I have some of them in mind which I am posting below:
>>>>
>>>> 1.Hping:*hping* is a free packet
>>>> generator<http://en.wikipedia.org/wiki/Packet_generator> and
>>>> analyzer for the TCP/IP <http://en.wikipedia.org/wiki/TCP/IP> protocol
>>>> distributed by Salvatore Sanfilippo (also known as *Antirez*). Hping is
>>>> one of the *de facto* tools for security auditing and testing of
>>>> firewalls and networks, and was used to exploit the idle
>>>> scan<http://en.wikipedia.org/wiki/Idle_scan> scanning
>>>> technique (also invented by the hping author), and now implemented in the
>>>> Nmap
>>>> Security Scanner <http://en.wikipedia.org/wiki/Nmap>. The new version
>>>> of hping, hping3, is scriptable using the
>>>> Tcl<http://en.wikipedia.org/wiki/Tcl> language
>>>> and implements an engine for string based, human readable description of
>>>> TCP/IP <http://en.wikipedia.org/wiki/TCP/IP> packets, so that the
>>>> programmer can write scripts related to low level
>>>> TCP/IP<http://en.wikipedia.org/wiki/TCP/IP> packet
>>>> manipulation and analysis in very short time.
>>>>
>>>> 2.Ostinato:
>>>>
>>>>
>>>> - Support for the most common standard protocols
>>>> - Ethernet/802.3/LLC SNAP
>>>> - VLAN (with QinQ)
>>>> - ARP, IPv4, IPv6, IP-in-IP a.k.a IP Tunnelling (6over4, 4over6,
>>>> 4over4, 6over6)
>>>> - TCP, UDP, ICMPv4, ICMPv6, IGMP, MLD
>>>> - Any text based protocol (HTTP, SIP, RTSP, NNTP etc.)
>>>> - More protocols in the works ...
>>>> - Modify any field of any protocol (some protocols allow changing
>>>> packet fields with every packet at run time e.g. changing IP/MAC
>>>> addresses)
>>>> - User provided Hex Dump - specify some or all bytes in a packet
>>>> - User defined script to substitute for an unimplemented protocol
>>>> (EXPERIMENTAL)
>>>> - Stack protocols in any arbitrary order
>>>> - Create and configure multiple streams
>>>> - Configure stream rates, bursts, no. of packets
>>>> - Single client can control and configure multiple ports on multiple
>>>> computers generating traffic
>>>> - Exclusive control of a port to prevent the OS from sending stray
>>>> packets provides a controlled testing environment
>>>> - Statistics Window shows realtime port receive/transmit statistics
>>>> and rates
>>>> - Capture packets and view them (needs Wireshark to view the
>>>> captured packets)
>>>>
>>>>
>>>> 3.Yersinia
>>>>
>>>> *Yersinia* - is a network
>>>> security/hacking<http://en.wikipedia.org/wiki/Hacker_(computer_security)>
>>>> tool
>>>> for Unix <http://en.wikipedia.org/wiki/Unix>-like operating systems,
>>>> designed to take advantage of some weakness in different network protocols.
>>>> Yersinia is considered a valuable and widely used security tools. As of
>>>> 2008
>>>> Yersinia is still under development with a latest stable version number
>>>> 0.7.1.
>>>>
>>>> Attacks for the following network protocols are implemented:
>>>>
>>>> - Spanning Tree
>>>> Protocol<http://en.wikipedia.org/wiki/Spanning_Tree_Protocol>
>>>> (STP)
>>>> - Cisco Discovery
>>>> Protocol<http://en.wikipedia.org/wiki/Cisco_Discovery_Protocol>
>>>> (CDP)
>>>> - Dynamic Trunking
>>>> Protocol<http://en.wikipedia.org/wiki/Dynamic_Trunking_Protocol>
>>>> (DTP)
>>>> - Dynamic Host Configuration
>>>> Protocol<http://en.wikipedia.org/wiki/Dynamic_Host_Configuration_Protocol>
>>>> (DHCP)
>>>> - Hot Standby Router
>>>> Protocol<http://en.wikipedia.org/wiki/Hot_Standby_Router_Protocol>
>>>> (HSRP)
>>>> - IEEE 802.1Q <http://en.wikipedia.org/wiki/IEEE_802.1Q>
>>>> - IEEE 802.1X <http://en.wikipedia.org/wiki/IEEE_802.1X>
>>>> - Cisco Inter-Switch
>>>> Link<http://en.wikipedia.org/wiki/Cisco_Inter-Switch_Link>
>>>> (ISL)
>>>> - VLAN Trunking
>>>> Protocol<http://en.wikipedia.org/wiki/VLAN_Trunking_Protocol>
>>>> (VTP)
>>>>
>>>>
>>>> ******These even include some of the protocols we are trying to
>>>> implement in the project*********
>>>> Please notify me if any of them is useful in context of the project
>>>> "Packet Manipulator "
>>>>
>>>> Thnx....
>>>>
>>>> -Shrey
>>>>
>>>>
>>>> - On Mon, Apr 4, 2011 at 12:25 AM, Shrey Sharma <
>>>> [email protected]> wrote:
>>>>
>>>> And I have one more question....
>>>>> In the project named Packet Manipulator-new audit
>>>>> what does "change the protocols behavior based on MITM audits" means
>>>>> ...I mean do we have to work to prevent such attacks ??
>>>>>
>>>>> -Shrey
>>>>>
>>>>> On Mon, Apr 4, 2011 at 12:21 AM, Shrey Sharma <
>>>>> [email protected]> wrote:
>>>>>
>>>>>> Hey i was jst experimenting with my Nmap and i found that it doesn’t
>>>>>> identify the windows platform precisely ...i.e. it says that it could be
>>>>>> windows 7,windows vista, windows 2000..
>>>>>>
>>>>>> but it doesn’t identify that exactly which version is being used.So ,
>>>>>> I have come up with an idea, Please read it and tell me if it can work..
>>>>>>
>>>>>>
>>>>>> “Less tactful attempts at OS identification can be made by
>>>>>>
>>>>>> launching known exploits for a given OS type against a target host, in
>>>>>>
>>>>>> chronological order. The theory is that exploits are patched as they
>>>>>> are
>>>>>>
>>>>>> discovered so by starting with the oldest known exploit against a
>>>>>> given host
>>>>>>
>>>>>> and working forward should yield a point at which an attack succeeds,
>>>>>> which
>>>>>>
>>>>>> should thereby identify the revision of OS in use. As an example,
>>>>>> Microsoft
>>>>>>
>>>>>> Windows 95, 98 and NT4 are difficult to distinguish supposedly because
>>>>>> the
>>>>>>
>>>>>> IP stack code was only marginally revised between OS versions.
>>>>>> Starting
>>>>>>
>>>>>> with a basic WinNuke attack and moving forward to more complex attacks
>>>>>> such as Teardrop can eventually yield a vulnerability that points to the
>>>>>> type and/or hotfix revision that is missing from the OS, thus indicating
>>>>>> the
>>>>>> current patch level”
>>>>>>
>>>>>> Waiting Eagerly,
>>>>>> -Shrey
>>>>>>
>>>>>> On Sat, Apr 2, 2011 at 5:40 PM, Luis A. Bastiao Silva <
>>>>>> [email protected]> wrote:
>>>>>>
>>>>>>> Ah, now I notice, did you need any help to start running Audit
>>>>>>> Framework?
>>>>>>>
>>>>>>>
>>>>>>> On Fri, Apr 1, 2011 at 5:24 PM, Luis A. Bastiao Silva <
>>>>>>> [email protected]> wrote:
>>>>>>>
>>>>>>>> Shrey,
>>>>>>>>
>>>>>>>> You should start by doing a proposal.
>>>>>>>>
>>>>>>>> Start filling the template:
>>>>>>>>
>>>>>>>> http://www.google-melange.com/gsoc/org/home/google/gsoc2011/umit
>>>>>>>>
>>>>>>>> Then, submit, and you can edit on the fly. I can paste a few
>>>>>>>> comments. Start by filling it.
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> On Fri, Apr 1, 2011 at 4:52 PM, Shrey Sharma <
>>>>>>>> [email protected]> wrote:
>>>>>>>>
>>>>>>>>> Can you please suggest me how can I submit a patch on 11 - Packet
>>>>>>>>> Manipulator - new audits ?
>>>>>>>>> *and how can I improve my chances to get selected for this
>>>>>>>>> project.
>>>>>>>>> *
>>>>>>>>>
>>>>>>>>> On Fri, Apr 1, 2011 at 9:03 PM, Luis A. Bastiao Silva <
>>>>>>>>> [email protected]> wrote:
>>>>>>>>>
>>>>>>>>>> Hi Shrey,
>>>>>>>>>>
>>>>>>>>>> On Fri, Apr 1, 2011 at 3:55 PM, Shrey Sharma <
>>>>>>>>>> [email protected]> wrote:
>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Hi,
>>>>>>>>>>> My name is Shrey Sharma.I am really very excited
>>>>>>>>>>> about *P**acket Manipulator .*
>>>>>>>>>>> * *I am a B.tech Student of Indian Institute of
>>>>>>>>>>> Technology(IIT),Kharagpur majoring in Computer Science.
>>>>>>>>>>> I have a huge interest in the field of networks.
>>>>>>>>>>> I have also volunteered as the system administrator in my Computer
>>>>>>>>>>> Science
>>>>>>>>>>> Department .
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Thanks for introduction. It has a great value for us, because we
>>>>>>>>>> are an open souce organization focused on network security, audit,
>>>>>>>>>> monitoring .. :)
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Skills:
>>>>>>>>>>> I know Python,but didn't do any major project in
>>>>>>>>>>> it.
>>>>>>>>>>> I am currently learning about the network
>>>>>>>>>>> protocols.
>>>>>>>>>>> Recently, attended a workshop on Hacking and
>>>>>>>>>>> Digital Securities organized by Kyrion Digital
>>>>>>>>>>> Securities<http://www.kyrion.in/>
>>>>>>>>>>>
>>>>>>>>>>> It would be really great if you could suggest me any
>>>>>>>>>>> work that I can do to increase my chances to work in this project.
>>>>>>>>>>> I have gone through all the links but it would be
>>>>>>>>>>> great if you can send further details of this project.
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Related ideas:
>>>>>>>>>> http://www.umitproject.org/?active=gsoc&mode=ideas#6
>>>>>>>>>> http://www.umitproject.org/?active=gsoc&mode=ideas#7
>>>>>>>>>> http://www.umitproject.org/?active=gsoc&mode=ideas#11
>>>>>>>>>>
>>>>>>>>>> You can also propose your own idea to improve PacketManipulator.
>>>>>>>>>>
>>>>>>>>>> Information about Packet Manipulator:
>>>>>>>>>> http://trac.umitproject.org/wiki/PacketManipulator
>>>>>>>>>>
>>>>>>>>>> Information about Audit Framework (PacketManipulator framework)
>>>>>>>>>> http://trac.umitproject.org/wiki/AuditFramework
>>>>>>>>>>
>>>>>>>>>> Submit your proposal:
>>>>>>>>>> http://www.google-melange.com/gsoc/org/google/gsoc2011/umit
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Just let us know if you need further information.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>> Eagerly Waiting for your reply,
>>>>>>>>>>> Shrey Sharma
>>>>>>>>>>> Department of Computer Science
>>>>>>>>>>> IIT Kharagpur
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> ------------------------------------------------------------------------------
>>>>>>>>>>> Create and publish websites with WebMatrix
>>>>>>>>>>> Use the most popular FREE web apps or write code yourself;
>>>>>>>>>>> WebMatrix provides all the features you need to develop and
>>>>>>>>>>> publish your website. http://p.sf.net/sfu/ms-webmatrix-sf
>>>>>>>>>>>
>>>>>>>>>>> _______________________________________________
>>>>>>>>>>> Umit-devel mailing list
>>>>>>>>>>> [email protected]
>>>>>>>>>>> https://lists.sourceforge.net/lists/listinfo/umit-devel
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Best Regards,
>>>>>>>>>> --
>>>>>>>>>> Luís A. Bastião Silva
>>>>>>>>>> Skype: koplabs
>>>>>>>>>> http://www.bastiao.org
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>> Luís A. Bastião Silva
>>>>>>>> Skype: koplabs
>>>>>>>> http://www.bastiao.org
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> Luís A. Bastião Silva
>>>>>>> Skype: koplabs
>>>>>>> http://www.bastiao.org
>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>
>>> If you have any doubts, just let us know.
>>>
>>>
>>> Best Regards,
>>> --
>>> Luís A. Bastião Silva
>>> Skype: koplabs
>>> http://www.bastiao.org
>>>
>>>
>>
>
>
------------------------------------------------------------------------------
Xperia(TM) PLAY
It's a major breakthrough. An authentic gaming
smartphone on the nation's most reliable network.
And it wants your games.
http://p.sf.net/sfu/verizon-sfdev
_______________________________________________
Umit-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/umit-devel
