The AROS Archives(anonymous IP: 3.145.103.169,352) 
 HomeRecentStatsSearchSubmitUploadsMirrorsContactInfoDisclaimerConfigAdmin
 Menu


 Categories

   o Audio (96)
   o Datatype (15)
   o Demo (50)
   o Development (247)
   o Document (62)
   o Driver (19)
   o Emulation (62)
   o Game (529)
   o Graphics (224)
   o Library (22)
   o Network (62)
   o Office (21)
   o Utility (250)
   o Video (18)

Total files: 1677

Full index file
Recent index file

Part of aros exec
 Readme for:  Network » Misc » nsa.lha

Nsa

Description: NetworkSnoop-Aros
Download: nsa.lha       (TIPS: Use the right click menu if your browser takes you back here all the time)
Size: 189kb
Version: 0.1
Date: 07 Sep 11
Author: Marcin Kielesiñski
Submitter: serk118uk
Email: serk118/gmail com
Homepage: http://www.portacall.org/aros/
Requirements: i386
Category: network/misc
License: Freeware
Distribute: yes
FileID: 1024
 
Snapshots:
 
Comments: 0
Snapshots: 2
Videos: 0
Downloads: 87  (Current version)
126  (Accumulated)
Votes: 1 (0/0)  (30 days/7 days)

[Show comments] [Show snapshots] [Show videos] [Show content] [Replace file] 
NetworkSnoop is a patch which purpose is similiar to SnoopDos but it is aimed at
tracing bsdsocket.library calls. This is not a program for an ordinary user - it
is not going to improve the functionality of TCP/IP stack. NetworkSnoop is for
developers who develop tools which use bsdsocket.library. This tool offers them
ability to check eg. content of the buffers of such functions as recv(), send(),
content of the system's structures which are used by bsdsocket.library. The
developers may also like to check if the function receives proper parameteres
and what are they.

This tool can also be used to monitor "uncertain" software:  suspected for
spamming, software that sends 
unwanted information in non-specified web places.

-Requirements
any AROS x86 based distros


Requirements are as follows:

-any TCP/IP stack compatible with bsdsocket.library (practically all stacks;
bsdsocket.library 
emulation built into WinUAE also works)
-MUI 3.x or newer,
-MUI NList class,
-any tool that uses bsdsocket.library (to test on something)

-How does it work?

As already mentioned, NetworkSnoop patches bsdsocket.library functions and
exec.library functions 
(OldOpenLibrary(), OpenLibrary(), CloseLibrary()). The patches are tracing all
the calls to the basic 
API of bsdsocket.library (currently NetworkSnoop traces calls of procedures in
offsets table of jumps 
within the range of -30 and -300).  It is a common knowledge that each process
that uses bsdsocket.library 
has to open the library only for its very own purposes - database of the library
is connected with the 
process and can not be shared between other processes.  According to this and in
contrary to all the 
others AmigaOS libraries, it is impossible to assemble a single patch for
bsdsocket.library as well as 
simply monitor the calls of this library.  It is necessary to assemble patches
dynamically into each 
database of bsdsocket.library which was created by exec.libary/OpenLibrary()
calls. Basically it 
means that NetworkSnoop must be run BEFORE any tool which has to be monitored.

-What exactly can I do with NetworkSnoop?

You may observe the functions' calls and their parameters (top lister).  In the
bottom lister there are 
contents of structures or buffers of functions which assign more complexed
parameters. In the second 
tab you can turn on/off patches, choose the name of the process to trace (by
default, NetworkSnoop 
traces all the process which in any way are connected with bsdsocket.library),
turn on/off saving to 
file information about the buffers of the functions recv()/send() (you can
choose between saving to 
progdir or to the directory of the traced process). Every session is logged and
can be saved to a text 
file. All the changes take place immediately, including saving the preferences.
















Copyright © 2005 - 2024 The AROS Archives All Rights Reserved