Monitoring and blocking traffic without using arp protocol - monitoring

Is it possible to monitor and modify traffic without using the arp protocol? I am trying to develop an app that monitors and manages flow of traffic however, there is a rival company that has a patent on using arp and tcp for this use.
I looked into building a firewall but that uses arp/ndp so it has to be caught on another TCP layer. Any info you can provide will be helpful.

Related

Decentralized Peer to Peer

I am interested in a peer 2 peer decentralized network , I have tried using libraries like pyp2p which required a rendezvous and the likes of https://github.com/macsnoeren/python-p2p-network , since i am not deep in the computer networks domain , I have several questions to ask :
Is it possible to solely communicate with a device only using IPV4 and An open port number without HTTP requests (DIRECT)? IS there a way to do this with socket programming and HTTP requests ? what libraries do you suggest that enable this functionality ?
Is port forwarding necessary for systems like this or can it be bypassed?
which library is best for developing decentralized peer to peer networks in the python language?
Is it possible to solely communicate with a device only using IPV4 and An open port number without HTTP requests (DIRECT)?
Yes, however one issue with direct peer-to-peer is the existence of NAT devices in many networks that block incoming connections.
IS there a way to do this with socket programming and HTTP requests ?
Yes, just open a listening socket on one end, and connect to it from the other.
what libraries do you suggest that enable this functionality ?
This is outside the scope of Stack Overflow questions, but you don't really need any library to create or use sockets. They're provided by the operating system and can be used using the standard library of most languages.
Is port forwarding necessary for systems like this or can it be bypassed?
If there are NAT devices on the path between the peers, you'd need some way of traversing that NAT. Port forwarding is one way of doing that. Look into UPnP and STUN if you want something more automatic.
which library is best for developing decentralized peer to peer networks in the python language?
I honestly don't know. You'll need to do your own research.

GPRS -Reliable, Fast, Guarantee Communication

I have recently developed a GPRS communication software using Arduino (embedded application) and GSM modem to communicate to/fro from web server. However I found that there is enough delay and request getting dropped (response timeout) while receiving a response from server at client side.
The techniques I have tried are - TCP / UDP / HTTPS / HTTP.
In my case our requirement is for a Reliable, Fast, Guarantee Communication between client and server.
Please let me know which communication stack would establish the same or rather be best to be used?
Thanks in advance
GPRS gives you direct IP access to the Internet. If you're losing packets or suffering large delays when sending packets to your server then this sounds like a problem with the mobile ISP.
As Ken mentioned GPRS will provide you IP connectivity to the internet (or some private network if applicable).
On top of IP you can choose to use a number of higher layer protocols, the two most common of which are probably UDP and TCP.
UDP is 'connectionless' and provides very little in the way of error detection/correction etc.
TCP is connection orientated (which means that some signalling happens back and forth to establish a virtual 'connection' first). It also includes mechanisms to provide error detection, error correction and correct packet delivery order. TCP also includes flow control, to avoid the sender overloading the receiver, and congestion control to avoid network overload.
There is a perception that UDP is faster than TCP, but I think it depends on the situation - take a look at this discussion for some further discussion on speed, reliability etc between UDP and TCP (go down through all the high scored answers):
UDP vs TCP, how much faster is it?
For your requirements, I would think a solution based on TCP/IP is probably what you want.
Whether you want to use HTTP or some other protocol on top of that is going to be dependent on your solution, and to some extent on personal preference.

Send UDP from iPhone to iPhone via WAN

In my recent app I managed to send data (mostly audio) via UDP in my local network (WiFi) to other iPhone. And now I need to do this same but in WAN. Can You guys please point me in the right direction where to start? What I need to achieve this?
I'm using GCDAsyncSocket to manage sockets. I believe that I have to got server, where I can keep IP addresses of both devices.
Also, how can I connect to device behind NAT/Firewall? I'm guessing, that I need to have public IP address (scrapped for instance from http://checkip.dyndns.com/). And then do I need to traceroute? Or NSLookup? Or piggyback? Or do I need to use UDP hole punching?
I know it's a lot of question, but if you can just point me to the right technology, I would be very grateful.
To achieve a communication between two participants behind a NAT you could use Hole-Punching like you mentioned it. This is explained quite well here: http://en.wikipedia.org/wiki/UDP_hole_punching#Flow
Basically a Server with a Public IP and Port is used to share the Port-numbers of the iPhones.
But a NAT may use a different Port for every different IP the iPhone talks to. So if iPhone1 sends data to the server the NAT uses port X, but if iPhone1 wants to send data to a different IP the NAT may choose port Y. (See http://en.wikipedia.org/wiki/Network_address_translation#Symmetric_NAT)
To overcome this problem there is a protocol called UPnP and the lesser known NAT Port Mapping Protocol.
I am not well versed in UPnP but maybe someone else can provide some information on that.
The protocol NAT-PMP enables you to dynamically request an external port to be forwarded to your device. See http://en.wikipedia.org/wiki/NAT_Port_Mapping_Protocol, RFC 6886 .
This allows you to "predict" your external port and establish connections over NAT.

Comparison of P2P Technology

I have gone through various udp based P2P Technology like Stun . I have implemented UDP/TCP hole punching recently for implementing p2p.
I found there are other technology as for like ICE,UPnP and teredo
Can any body tell me what is the difference between these technology.
Which one is the latest technology/protocol used for P2P in recent year.
It will good If any can provide comparative analysis on various UDP based P2P protocols.
Any link or suggestion will appreciated.
ICE stands for Interactive Connectivity Establishment. It is a protocol for NAT traversal (i.e., punching holes) supported by the IETF. There has been several reviews and evolutions of the RFC. Some may find the specifications overkill in general or unclear when it comes to performing TCP NAT traversal.
UPnP is a technology helping local devices finding each other and start communicating automatically. It implements IGD for NAT traversal, which allows remote configuration of the NAT/Router (when possible) to redirect WAN traffic to the device. Unfortunately, this method is a huge threat to security, since any application could hijack NATs/routers to let any undesirable traffic come in.
Teredo is not really related to P2P or NAT traveral. If you have an IPv6 device A on a ipv4 LAN (for example), it won't be able to connect using ipv6 to a remote ipv6 enabled device B located on the WAN. Teredo allows A to communicate with B with ipv6 by transporting ipv6 over ipv4. Teredo is massaging the frictions between ipv4 and ipv6, so to speak.
None of these technologies is 'dominating' P2P for now. It is still a boiling environment.

Hiding Network Address Translation (NAT) Traffic

I live in a place with an oppressive network policy where everything is aggressively monitored. Among the many rules is a prohibition on using any device that generates Network Address Translation traffic (i.e. Wireless routers, vms...). They monitor network logs and disconnect anyone who uses such. Is there any way I can mask traffic (i.e the nat transltion generated by routers or virtual network devices) via encryption or the like so that it is indistinguishable from normal network traffic that would be generated by a single device using a single ip address to a monitor that is sniffing packets on the network?
(I already use a VPN to encrypt any sensitive traffic, but the NAT is applied post VPN encryption. )
I am not really sure why you need to dodge security, but one way to achieve this in your case is to use a trojan horse-like mecanism. Instead of having any peer or devices on your LAN trying to connect to the WAN, install some kind of application on a valid node behind the LAN to propagate traffic in an out of the LAN for other nodes. If necessary, have this node connect to another fix node on the WAN. Since it will use a valid connection, it won't be filtered.
Each device on your LAN should connect to the trojan node instead of trying to connect outside. The bandwidth will be slower, but this should work. That being said, this is most probably breaking the intentions of those who have implemented the security policy on your LAN. If they catch you, you're good for the electric chair...

Resources