How to do it using JAVA? I can find what port is used or not used by iteration through all ports
tcp = new Socket(remote_address, i); // i [0 - 65535]
tcp.setReuseAddress(true);
But how to find what application is using this port?
Its really hard to find this using java . You have to write a quite large codes checking various characteristics of ports for this . If u google about this , you can get more details regarding this . Actually some requests has to be send to the port . Now various applications running behind that port will respond with particular headers/banners/format which you will be using to check against various pre set conditions . But this is not a 100% accurate way .
Smart Net Admins can fake you by putting up decoys behind the port .
Instead ,you can use Nmap for this . Its a command line tool used in linux/windows/mac that can help you find quite a lot information about port.
You can't really determine this. Any application can send any stream of data over TCP, and for security reasons, this information is not exposed remotely. You can, however, probe the port with different messages and see what happens, allowing you to experimentally infer the application.
In addition, some services/protocols will have distinctive greetings, headers, and messages, and can even expose debugging information.
Related
Well I m working on Java project.in order to make an application that will capture all packets in my lan , and be able to see HTTP traffics . I m currently using Jnetpcap API , i succeed listing interface and do a live capture and extract HTTP PACKETS . the problem I m having is I only Capture traffic of my own machine . I have already look up about this in google . the only solution I have found so far is to enable promiscuous mode , i did that using ifconfig cmd , unfortunately the problem remains . I don't how to solve that . any solutions ..??
You can only ever capture traffic that is actually passing through the box you are listening on. Promiscuous mode only means that if traffic happens to arrive at your box but is not addressed to it, it would read that traffic. You are only going to get into that situation if you are using a network hub however. On a switched network, only traffic actually intended for your machine ever gets to your machine.
You would need to use a switch that has a SPAN port in order to monitor all the traffic going through that switch, or run your monitoring program on a system that all your network traffic passes through (a machine on the border of your network, for example).
I use winpcap (not Jnetpcap) but I think somethings are constatnt.
Whether you enable promiscuous mode in your OS or not, you must pass the promiscuous mode flag when you open tour network adapter. For example, in winpcap we do like as below code:
pcap_open(d->name, 65536, PCAP_OPENFLAG_PROMISCUOUS /* promiscuous mode */ , 1000, NULL, errbuf)
For more information please check the official winpcap documentation.
Good luck
Ya Ali.
What method could I use to login to a Cisco or Juniper routers? I know I can use telnet to make a connection to the router itself but I am not aware of an API or anything that allows me to login non-interactively. So how could I do this?
Are there any libraries I can use to achieve this?
I have seen people use scripts that implement things like expect to know when to send the username and the password. But that is for shell scripting. How can I do this in java? I would prefer to keep strictly in java too.
The goal of this is allow a java program login into a router so I can query the router for interface states and execute commands on the router.
Any ideas?
You need to use some Java library for doing the same. http://www.pitman.co.za/projects/jssh/ is a good Java SSH client. http://commons.apache.org/proper/commons-net/ has a good telnet implementation
As far as extracting information, you should be able to do it by using SNMP to query the router. Pretty much everything is available over SNMP. Now, as far as command execution, there are SNMP set commands used to "write" information to a router, but you will need to look into that more carefully as I doubt the full command set can be replaced with SNMP set commands.
For Cisco, find out what the IOS image filename is for your device, then you can get the MIB file here: http://tools.cisco.com/Support/SNMP/do/MIBSupport.do?local=en&step=3. Review the MIB file and you will see what is available via SNMP for that device.
You should be able to do something similar for Juniper on their site.
Now, I don't know much about Java, but I do know that there are SNMP libraries available for it (like http://www.snmp4j.org/ ).
With that you will not need to worry about logging into the router, or about any interactive stuff.
Note that, in the case of Cisco, it's common to connect using a serial port on a PC directly into the service port on the router. This connection uses a programming protocol called IOS.
The easiest way to utilize this is with a programming language called expect. This name describes the language in that you expect to get a prompt from the port and then you respond. Sending that message (your response), you expect to get another response, to which you respond, ad completum - my term ;)
Note that this cable is proprietary to Cisco, I'm sure there are pin-outs available though.
Finally, it would be possible to emulate this program on java, via a serial port library.
What I mean is like servers on video games. You can run an application and it will set up a server on your computer with an IP and a port.
For example, how would you make an application where one host application sets up a thing where it has an IP and a port, and another computer that has access to the internet as well can type in the IP and port and it would be able to communicate with the host? I mean simple communication, like sending a boolean or String.
And would there be any security problems that would be needed to fix?
I guess I grasp the concept of your question...
You want two computers to connect via internet right? If that is the case, then you will have to use a thing called "sockets" that do connections between computers. About the server thing, well, for starters the client must always know what IP the server as (direct IP or by a DNS), and then you can connect your client to your server. There is a tutorial for sockets at the java pages: http://download.oracle.com/javase/tutorial/networking/sockets . About security issues, well, you must make sure that your server can handle anything that comes from the client (i really mean everything), i mean, accepting every type of data that is supposed to receive and deny everything that is not (trash per say). If you have that in mind then there is no problem (and of course, the server must have a firewall also to control the sockets, but that's not up to you).
Here is an example of how to use sockets to send a string from a server to a client.
http://www.java2s.com/Code/Java/Network-Protocol/StringbasedcommunicationbetweenSocket.htm
The site has about 20 examples of how to do what you are trying to do. In general I find this site to be the best JAVA resource that I know.
In general, the thing you probably want is a Socket. Sockets allow you to send bytes to an endpoint via TCP or UDP. This is very low-level, though, and are somewhat tricky because you have to design your own application protocol. You may want to use something that offers more abstraction.
Java sockets expose a stream interface so you could just encode integers as strings, for instance, and send them line by line, or you could do something fancier and more efficient like using a DataOutputStream to wrap it.
Handling the following issues can improve security.
If you have router ,set different ports for routing.
Example: If you are running server say on port 6001, map a virtual port say 9001 , which would be exposed to public.
DDos
IP Restriction - Not every user can access your machine !
Enabling router firewall does handle most of the issues.
I have a Java program running on two computers that are both on the same network. I would like to have these applications become aware of each other, so they could communicate directly as opposed to communicating with the server to relay messages.
I believe i may have a solution as to how this would work, but am unable to find any examples to compare my solution against. Do you guys know how this problem is usually solved?
There is a good library that implements the Zeroconf / Bonjour standard in plain java at http://jmdns.sourceforge.net/
This basically relieves you from the protocol burden and allows you to advertise and lookup service providers based in logical names (That's what iTunes or Mac printing does for example).
This book http://www.amazon.com/Zero-Configuration-Networking-Definitive-Guide/dp/0596101007 explains all basic concepts.
You could get them to do a UDP multicast within a LAN environment to identify the programs using protocol messages then have a stored cache of each other's identity and then use TCP to connect and do main exchanging of messages (which is more reliable than UDP). Or you can simply proceed with UDP messaging only if you want to.
You can search for multicasting in Java online.
Some multicast related links:
http://download.oracle.com/javase/1.4.2/docs/api/java/net/MulticastSocket.html
http://www.javafaq.nu/java-article817.html
A good multicast chat software you can reference:
http://sourceforge.net/projects/mc2/
One way would be to send a broadcast to see who's out there, then implement a GUI to show the user what other peers are there and give an option to connect to. (The broadcast will give you the IP address of everybody there.)
Once you know who to connect to, you simply open a TCP connection (or use UDP if it is time-critical) and you're done.
Btw, this is for IPv4 - IPv6 doesn't have broadcast (although something similar).
Given a list of servers & a list of clients, how to find a server that is closest to a particular host using "traceroute"? The program should be in java.
What do you define as "closest"? Lots of hops in a traceroute do not indicate closeness just devices the packet routes through. Ping is also not too great as it just shows latency.
What I would suggest is if you are on the web use BGP to work out closeness. If you are on a lan or you get a tie with BGP then fall back to Traceroute.
Those links go to Java implementations of BGP and traceroute.
I don't think it can be done using only the standard Java API, since it does not support the ICMP protocol sufficiently. You may be able to do it using Jpcap.