I realize Zeek is capable of analyzing packets for a specific protocol using the API. I want to be able to retrieve all packets without being specific to a protocol and create a packets.log type file with uids that can be correlated with the conn.log. I have been searching through the API documentation trying to find a way to do this (all protocols) but have been unsuccessful. Does anyone have any suggestions? Thank you.
Related
I have a program that uses FIX protocol and the QuickFix engine (in my case, for c++) in order to do inter process communication. My question is, since the data is transferred in plaintext, does the standard of the protocol OR the engine offers a cryptography solution to cipher/decipher the data? Thank you in advance.
You can use SSL with QuickFIX.
https://raw.githubusercontent.com/quickfix/quickfix/master/README.SSL
You could also send data through stunnel. https://www.stunnel.org/
The protocol itself does not offer such functionality although you could specify the encryption method through tag 98/EncryptMethod.
I want to create some command and response injection errors/attacks by using MOD-BUS communication protocol in MAT LAB. But i am unable to succeed to my goal from few months.
so,I tried via TCP/IP protocol communication protocol. I succeed some of my cyber attacks.But, some of response or command attacks are not fully satisfied as per my prerequisites. so i am decided to try once again Mod-bus in MAT-LAB.
kindly help me, how can i create MOD-BUS blocks in MAT-LAB/simulation.
Thanks in advance
Yours sincerely,
sairam.
I can suggest you following solution (TCP ModBus Communication With Yaskawa Controller) as a starting point. I used it myself successfully.
"Using the tcpip command of the Instrumentation Control Toolbox messages are created and transmitted using the ModBus protocol. Various fucntions can be called to do read/write operations. "
i need a little help regarding NS-2
My question is can you implement a particular message format between two nodes in NS-2 like we create a tcp communication but if i want to send particular message eg
a certificate with information inside it such as public key or type of node time, etc.
i am trying to do it in wireless
and also can it be encrypted.
is there any example or sample code or snippet you can share
Creation of your own packets in aodv is so easy. Have a look at it.
http://karthicksivakrr.blogspot.in/2014/02/how-can-i-create-my-own-packets-in-aodv.html
I have '.pcap' files that were generated by Tcpdump. I have been looking for a way with PHP to read data in the files. I have tried several methods available, but the only thing I was able to see was that there were some number of packets with a timestamp against each packet. I tried to read further but it was all in some binary.
Just wanted to ask if anyone out there has experience with packet capture. Would be great help.
I have tried these methods so far:
https://github.com/zobo/php-pcap
https://code.google.com/a/eclipselabs.org/p/php-pcap-analyzer/
and
http://systemsarchitect.net/parsing-binary-data-in-php-on-an-example-with-the-pcap-format/
http://systemsarchitect.net/
Thanks in advance :)
I was able to see http requests from my client machine to internet by using PHP's unpack() function and fread() combined. The libraries mentioned above are also useful to retrieve other information for example the ip addresses of client and server machines with timestamps
But I wasn't able read the responses. That is because the data returned from internet servers to remote client is encrypted and PHP is not a good technology to retrieve this data.
I racked my brain about how can i determine what protocol is used by a mailbox.
I'm creating a simple C# application that get an email adress and read all the mails, first of all i have to know how to access to this mailbox (which protocol to use) - i'm looking for a way to check what it the appropriate protocol (and please don't suggest me to try accessing all of them).
BTW, I don't have any limit which framework to use.
hanks in advance!!!
I'll appriciate a quick (and good :)) respone!
There's no way to tell just from an address what access methods might work. There are the 2 core protocols (POP3 and IMAP) and their SSL variants. Additionally, there's all the other info you need related to the address (mail server running POP3/IMAP/etc.)
The general use case here is handled by getting the appropriate data (including protocol) from the user.