|
|
|
|
2
|
|
2
|
|
3
|
![header.png](images/header.png)
|
3
|
![header.png](images/header.png)
|
4
|
|
4
|
|
5
|
-[Verano 2016 - Ive - Coralys - Rafa]
|
|
|
6
|
|
5
|
|
7
|
*Object Oriented Programming* (OOP) is a programming paradigm that promotes the design of programs that solve problems through the interaction of objects. C++ is one of the programming languages that promotes object oriented programming, allowing programmers to create their own classes from scratch or derive them from other existing classes. Other languages that promote OOP are Java, Python, JavaScript and PHP.
|
6
|
*Object Oriented Programming* (OOP) is a programming paradigm that promotes the design of programs that solve problems through the interaction of objects. C++ is one of the programming languages that promotes object oriented programming, allowing programmers to create their own classes from scratch or derive them from other existing classes. Other languages that promote OOP are Java, Python, JavaScript and PHP.
|
8
|
|
7
|
|
|
|
|
|
39
|
|
38
|
|
40
|
### Classes
|
39
|
### Classes
|
41
|
|
40
|
|
42
|
-A class is a description of the data and processes of an object. The class’s declaration establishes the attributes that each of the objects of the class will have, and the methods that it can invoke.
|
|
|
|
|
41
|
+A class is a description of the data and processes of an object. The class’s declaration establishes the attributes that each of the objects of the class will have, and the methods that it can invoke.
|
43
|
|
42
|
|
44
|
The attributes and methods of a class can have one the following levels of access: private, protected and public. An object's **public** data members can be read or modified by any function that has access to the object (including external functions). An object's **private** data members can only be read or modified through the object's **member** functions . Unless specified otherwise, the attributes and methods defined in a class will be **private**. Protected members allow read/write access from member functions and those of inherited classes.
|
43
|
The attributes and methods of a class can have one the following levels of access: private, protected and public. An object's **public** data members can be read or modified by any function that has access to the object (including external functions). An object's **private** data members can only be read or modified through the object's **member** functions . Unless specified otherwise, the attributes and methods defined in a class will be **private**. Protected members allow read/write access from member functions and those of inherited classes.
|
45
|
|
44
|
|
|
|
|
|
77
|
|
76
|
|
78
|
## Communication Among Computers
|
77
|
## Communication Among Computers
|
79
|
|
78
|
|
80
|
-Computers communicate with each other through the Internet Protocol (IP). When a computer sends information to another computer, the information is sent via *Internet packets* that contain the *source address*, which is the Internet address of the computer sending the information, and the *destination address*, which is the Internet address of the computer that receives the message. The Internet addresses are used to guide the information from one computer to another, but once the arrives to its destination, who is supposed to receive the information? Which application must receive the information?
|
|
|
|
|
79
|
+Computers communicate with each other through the Internet Protocol (IP). When a computer sends information to another computer, the information is sent via *Internet packets* that contain the *source address*, which is the Internet address of the computer sending the information, and the *destination address*, which is the Internet address of the computer that receives the message. The Internet addresses are used to guide the information from one computer to another, but once the packet arrives to its destination, who is supposed to receive the information? Which application must receive the information?
|
81
|
|
80
|
|
82
|
-The Internet packets must also specify the application that is sending the information and the application that must receive it. We can think of the Internet addresses like home postal mail addresses, and that the applications that send and receive the information are the persons that send and receive postal letters. To send a letter via postal mail, the recipient of the letter must be specified. This corresponds to the application that receives the information. To identify the source and destination application, the Internet protocol uses what is known as *port numbers*. This way, looking the packet information, the source and destination addresses and ports can be identified.
|
|
|
|
|
81
|
+The Internet packets must also specify the application that is sending the information and the application that must receive it. We can think of the Internet addresses like home postal mail addresses, and that the applications that send and receive the information are the persons that send and receive postal letters. To send a letter via postal mail, the recipient of the letter must be specified. This corresponds to the application that receives the information. To identify the source and destination application, the Internet protocol uses what is known as *port numbers*. This way, looking at the packet information, the source and destination addresses and ports can be identified.
|
83
|
|
82
|
|
84
|
For instance, when your lab computer communicates with the Moodle server, the packets that carry the information from your computer to the web server contain the source address, which is the address of the lab computer, and the destination address which is the Moodle server. The source port is the port of your web browser and the destination port is the port of the Moodle web server.
|
83
|
For instance, when your lab computer communicates with the Moodle server, the packets that carry the information from your computer to the web server contain the source address, which is the address of the lab computer, and the destination address which is the Moodle server. The source port is the port of your web browser and the destination port is the port of the Moodle web server.
|
85
|
|
84
|
|
|
|
|
|
87
|
|
86
|
|
88
|
Port numbers are composed of 2 bytes or 16 bits and range from 0-65535. There are ports numbers assigned to known application services such as number 22 for ssh, 23 for telnet, 25 for smtp, 80 for http, and so on.
|
87
|
Port numbers are composed of 2 bytes or 16 bits and range from 0-65535. There are ports numbers assigned to known application services such as number 22 for ssh, 23 for telnet, 25 for smtp, 80 for http, and so on.
|
89
|
|
88
|
|
90
|
-To complicate things a little bit, each computer network card has an unique identifier that is used for the communication between your computer and the network device that routes the network traffic from the Internet and local network to your computer and vice-versa (*Ethernet protocol*). This unique identifier is known as the Hardware address (a.k.a *Multiple Access Controll (MAC) address*), is represented using 6 bytes (48 bits), and is presented to the users as strings of 6 hexadecimal values (each pair of hexadecimal digits corresponds to 1 byte). Each hex value is the hex representation of the 6 bytes: "(00-ff):(00-ff):(00-ff):(00-ff):(00-ff):(00-ff)". Some examples of MAC addresses are: `e0:f8:47:01:e9:90` and `70:ad:60:ff:fe:dd:79:d8`.
|
|
|
|
|
89
|
+To complicate things a little bit, each computer network card has a unique identifier that is used for the communication between your computer and the network device that routes the network traffic from the Internet and local network to your computer and vice-versa (*Ethernet protocol*). This unique identifier is known as the Hardware address (a.k.a *Multiple Access Control (MAC) address*), is represented using 6 bytes (48 bits), and is presented to the users as strings of 6 hexadecimal values (each pair of hexadecimal digits corresponds to 1 byte). Each hex value is the hex representation of the 6 bytes: "(00-ff):(00-ff):(00-ff):(00-ff):(00-ff):(00-ff)". Some examples of MAC addresses are: `e0:f8:47:01:e9:90` and `70:ad:60:ff:fe:dd:79:d8`.
|
91
|
|
90
|
|
92
|
---
|
91
|
---
|
93
|
|
92
|
|
|
|
|
|
96
|
|
95
|
|
97
|
A packet sniffer (also known as packet analyzer - protocol analyzer - or network analyzer) is a computer program that can intercept and log traffic passing over a digital network, or network device. As data flows across the network, the sniffer captures each packet and, if needed, decodes the packet's raw data[1].
|
96
|
A packet sniffer (also known as packet analyzer - protocol analyzer - or network analyzer) is a computer program that can intercept and log traffic passing over a digital network, or network device. As data flows across the network, the sniffer captures each packet and, if needed, decodes the packet's raw data[1].
|
98
|
|
97
|
|
99
|
-Each packet captured by a sniffer has a structure similar to the ilustrated in Figure 1.
|
|
|
|
|
98
|
+Each packet captured by a sniffer has a structure similar to the ilustration in Figure 1.
|
100
|
|
99
|
|
101
|
---
|
100
|
---
|
102
|
|
101
|
|
|
|
|
|
157
|
|
156
|
|
158
|
To create a packet sniffer you can use the *pcap* library that provides an interface to access the data passing across your network card. This library contains a function that returns a raw stream of bytes of each packet captured.
|
157
|
To create a packet sniffer you can use the *pcap* library that provides an interface to access the data passing across your network card. This library contains a function that returns a raw stream of bytes of each packet captured.
|
159
|
|
158
|
|
160
|
-The task of the sniffer programmer to decode the raw stream into human readable information. Fortunately this is not your task, but you can learn how to do it; if you want, by reading the source code of this laboratory. Your task is to follow the exercises below so you provide the packet sniffer with the needed objects (classes) to process the packets.
|
|
|
|
|
159
|
+The task of the sniffer programmer to decode the raw stream into human readable information. Fortunately this is not your task, but you can learn how to do it, if you want, by reading the source code of this laboratory. Your task is to follow the exercises below so you provide the packet sniffer with the needed objects (classes) to process the packets.
|
161
|
|
160
|
|
162
|
|
161
|
|
163
|
### Exercise 1 - Familiarize Yourself with the Application
|
162
|
### Exercise 1 - Familiarize Yourself with the Application
|
|
|
|
|
169
|
|
168
|
|
170
|
* Using the virtual machine, you need to run QtCreator with administrator (root) privileges.:
|
169
|
* Using the virtual machine, you need to run QtCreator with administrator (root) privileges.:
|
171
|
`sudo qtcreator /home/eip/labs/classes-simplesniffer/SimpleSniffer.pro`
|
170
|
`sudo qtcreator /home/eip/labs/classes-simplesniffer/SimpleSniffer.pro`
|
172
|
- * Downloading the project’s folder from `Bitbucket`: Use a terminal and write the command `git clone http:/bitbucket.org/eip-uprrp/classes-simplesniffer` to download the folder `classes-simplesniffer` from `Bitbucket`. In this directory, you need to run QtCreator with administrator (root) privileges:
|
|
|
|
|
171
|
+ * Downloading the project’s folder from `Bitbucket`: Use a terminal and write the command `git clone http:/bitbucket.org/eip-uprrp/classes-simplesniffer` to download the folder `classes-simplesniffer` from `Bitbucket`. In this directory, you need to run QtCreator with administrator (root) privileges:
|
173
|
`sudo qtcreator ./SimpleSniffer.pro`
|
172
|
`sudo qtcreator ./SimpleSniffer.pro`
|
174
|
|
173
|
|
175
|
2. Configure the project. In this laboratory experience you will be working with the files `ethernet_hdr.h`, `ethernet_packet.h`, `ethernet_packet.cpp`, `ip_packet.h` and `ip_packet.cpp`.
|
174
|
2. Configure the project. In this laboratory experience you will be working with the files `ethernet_hdr.h`, `ethernet_packet.h`, `ethernet_packet.cpp`, `ip_packet.h` and `ip_packet.cpp`.
|
|
|
|
|
187
|
u_short ether_type; /* IP? ARP? RARP? etc */
|
186
|
u_short ether_type; /* IP? ARP? RARP? etc */
|
188
|
};
|
187
|
};
|
189
|
|
188
|
|
190
|
- The Ethernet header above is used to decode the ethernet part of the raw data in each packet. It is composed of the source MAC address (ether_shost, 6 bytes), the destiantion MAC address (ether_dhost, 6 bytes), and the type of Ethernet packet (ether_type, 2 bytes), which is used to determine if the packet is an IP packet.
|
|
|
|
|
189
|
+ The Ethernet header above is used to decode the ethernet part of the raw data in each packet. It is composed of the source MAC address (ether_shost, 6 bytes), the destination MAC address (ether_dhost, 6 bytes), and the type of Ethernet packet (ether_type, 2 bytes), which is used to determine if the packet is an IP packet.
|
191
|
|
190
|
|
192
|
As you know, it is not a good idea to show this information format to a regular user. Your first task is to define the functions of the C++ class that defines the functions that translate the MAC address information into human readable strings.
|
191
|
As you know, it is not a good idea to show this information format to a regular user. Your first task is to define the functions of the C++ class that defines the functions that translate the MAC address information into human readable strings.
|
193
|
|
192
|
|