commit 544782441d97cfc4b03de812937feb6df82e0bea Author: Alexandre Dulaunoy Date: Sat Dec 8 05:07:32 2012 -0800 Create gh-pages branch via GitHub diff --git a/images/bg_hr.png b/images/bg_hr.png new file mode 100644 index 0000000..7973bd6 Binary files /dev/null and b/images/bg_hr.png differ diff --git a/images/blacktocat.png b/images/blacktocat.png new file mode 100644 index 0000000..6e264fe Binary files /dev/null and b/images/blacktocat.png differ diff --git a/images/icon_download.png b/images/icon_download.png new file mode 100644 index 0000000..a2a287f Binary files /dev/null and b/images/icon_download.png differ diff --git a/images/sprite_download.png b/images/sprite_download.png new file mode 100644 index 0000000..f2babd5 Binary files /dev/null and b/images/sprite_download.png differ diff --git a/index.html b/index.html new file mode 100644 index 0000000..72868e1 --- /dev/null +++ b/index.html @@ -0,0 +1,154 @@ + + + + + + + + + + + Netbeacon + + + + + +
+
+ View on GitHub + +

Netbeacon

+

netbeacon - monitoring your network capture, NIDS or network analysis process

+ +
+ Download this project as a .zip file + Download this project as a tar.gz file +
+
+
+ + +
+
+

netbeacon - monitoring your network capture

+ +

netbeacon is a set of free software tools to send beacons over +the network to test the accuracy and the precision of your network +capture framework. With netbeacon you can test the following properties +of your network capture (e.g. for honeypot packet data capture, +data interception devices, NIDS, DPI ...):

+ +
    +
  • How long it takes for a packet to reach your monitoring.
    • +
  • Time inconsistencies between devices.
    • +
  • Finding missing packets or its (re)ordering.
    • +
  • Watchdog to verify an operational network capture.
    • +

netbeacon - packet format

+ +

The netbeacon format is a simple ASCII format encapsulated in an UDP +packet. The format is the following:

+ +
header;epoch;sequence;hmac
+
+ +
    +
  • The current header is nb
    • +
  • The epoch value (in UTC format)
    • +
  • The sequence an unsigned integer
    • +
  • and the HMAC-SHA1 signature.
    • +

Each message is encapsulated in UDP and by default using port 12345.

+ +

A pre-shared key (PSK) is agreed between the netbeacon sender +and netbeacon recipient to ensure packet integrity using HMAC (SHA1). +There is a default key "netbeacon" but we highly recommend to set your +own for your systems.

+ +

sample netbeacon messages

+ +

Here is a serie of 3 netbeacon messages extracted from 3 UDP packets:

+ +
    nb;1354960619;101;335540bf3dae684c3d5cd5795fd09b9097bad656
+    nb;1354960619;102;56fc82c066644f179b58eb84a47e577bf92adc47
+    nb;1354960619;103;854207f54c1c4be97bdf4cd4a0d1068731848698
+
+ +

netbeacon - usage

+ +

How to use it?

+ +

On a device where you able to send packets on the monitored/tapped network, you +can send beacons using nb_send.py

+ +
python nb_send.py -s -i 3 -d 1.2.3.4
+
+ +

Where you are processing your network capture, you can run the following:

+ +
python nb_collect.py -i dag0 | python nb_verify.py -s -t
+
+ +

nb_send.py

+ +
    Usage: nb_send.py [options]
+
+    Options:
+      -h, --help            show this help message and exit
+      -p PSK, --psk=PSK     pre-shared key used by the HMAC-SHA1 (default:
+                            netbeacon)
+      -s, --storeseq        store sequence and validate sequence
+      -i ITERATION, --iteration=ITERATION
+                            set the number of interation for sending the netbeacon
+      -d DESTINATION, --destination=DESTINATION
+                            set the destination IPv4 address (default: 127.0.0.1)
+      -v, --verbose         output netbeacon sent
+
+ +

nb_collect.py

+ +
    Usage: nb_collect.py [options]
+
+    Options:
+      -h, --help            show this help message and exit
+      -i INTERFACE, --interface=INTERFACE
+                            live capture on interface (default:lo)
+      -r FILEDUMP, --read=FILEDUMP
+                            read pcap file
+      -e EXTENDED, --extended=EXTENDED
+                            enable extended format including pcap timestamp
+
+ +

nb_verify.py

+ +
    Usage: nb_verify.py [options] <netbeacon messages>
+
+    Options:
+      -h, --help         show this help message and exit
+      -t, --timedelta    show timedelta
+      -s, --storeseq     store sequence and validate sequence
+      -p PSK, --psk=PSK  pre-shared key used by the HMAC-SHA1 (default: netbeacon)
+
+ +

License

+ +

netbeacon is free software: you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation, either version 3 of the License, or +(at your option) any later version.

+ +

Copyright (c) 2012 Alexandre Dulaunoy - https://github.com/adulau/

+
+
+ + + + + + + + diff --git a/javascripts/main.js b/javascripts/main.js new file mode 100644 index 0000000..d8135d3 --- /dev/null +++ b/javascripts/main.js @@ -0,0 +1 @@ +console.log('This would be the main JS file.'); diff --git a/params.json b/params.json new file mode 100644 index 0000000..ecf80ef --- /dev/null +++ b/params.json @@ -0,0 +1 @@ +{"name":"Netbeacon","google":"","tagline":"netbeacon - monitoring your network capture, NIDS or network analysis process","body":"\r\nnetbeacon - monitoring your network capture\r\n===========================================\r\n\r\nnetbeacon is a set of free software tools to send beacons over\r\nthe network to test the accuracy and the precision of your network\r\ncapture framework. With netbeacon you can test the following properties\r\nof your network capture (e.g. for honeypot packet data capture,\r\ndata interception devices, NIDS, DPI ...):\r\n\r\n- How long it takes for a packet to reach your monitoring.\r\n- Time inconsistencies between devices.\r\n- Finding missing packets or its (re)ordering.\r\n- Watchdog to verify an operational network capture.\r\n\r\nnetbeacon - packet format\r\n-------------------------\r\n\r\nThe netbeacon format is a simple ASCII format encapsulated in an UDP\r\npacket. The format is the following:\r\n\r\n header;epoch;sequence;hmac\r\n\r\n* The current header is nb\r\n* The epoch value (in UTC format)\r\n* The sequence an unsigned integer\r\n* and the HMAC-SHA1 signature.\r\n\r\nEach message is encapsulated in UDP and by default using port 12345.\r\n\r\nA pre-shared key (PSK) is agreed between the netbeacon sender\r\nand netbeacon recipient to ensure packet integrity using HMAC (SHA1).\r\nThere is a default key \"netbeacon\" but we highly recommend to set your\r\nown for your systems.\r\n\r\n### sample netbeacon messages ###\r\n\r\nHere is a serie of 3 netbeacon messages extracted from 3 UDP packets:\r\n \r\n nb;1354960619;101;335540bf3dae684c3d5cd5795fd09b9097bad656\r\n nb;1354960619;102;56fc82c066644f179b58eb84a47e577bf92adc47\r\n nb;1354960619;103;854207f54c1c4be97bdf4cd4a0d1068731848698\r\n\r\nnetbeacon - usage\r\n-----------------\r\n\r\n### How to use it? ###\r\n\r\nOn a device where you able to send packets on the monitored/tapped network, you\r\ncan send beacons using nb_send.py\r\n\r\n python nb_send.py -s -i 3 -d 1.2.3.4\r\n\r\nWhere you are processing your network capture, you can run the following:\r\n\r\n python nb_collect.py -i dag0 | python nb_verify.py -s -t\r\n\r\n### nb_send.py ###\r\n\r\n Usage: nb_send.py [options]\r\n\r\n Options:\r\n -h, --help show this help message and exit\r\n -p PSK, --psk=PSK pre-shared key used by the HMAC-SHA1 (default:\r\n netbeacon)\r\n -s, --storeseq store sequence and validate sequence\r\n -i ITERATION, --iteration=ITERATION\r\n set the number of interation for sending the netbeacon\r\n -d DESTINATION, --destination=DESTINATION\r\n set the destination IPv4 address (default: 127.0.0.1)\r\n -v, --verbose output netbeacon sent\r\n\r\n\r\n### nb_collect.py ###\r\n\r\n Usage: nb_collect.py [options]\r\n\r\n Options:\r\n -h, --help show this help message and exit\r\n -i INTERFACE, --interface=INTERFACE\r\n live capture on interface (default:lo)\r\n -r FILEDUMP, --read=FILEDUMP\r\n read pcap file\r\n -e EXTENDED, --extended=EXTENDED\r\n enable extended format including pcap timestamp\r\n\r\n### nb_verify.py ###\r\n\r\n Usage: nb_verify.py [options] \r\n\r\n Options:\r\n -h, --help show this help message and exit\r\n -t, --timedelta show timedelta\r\n -s, --storeseq store sequence and validate sequence\r\n -p PSK, --psk=PSK pre-shared key used by the HMAC-SHA1 (default: netbeacon)\r\n\r\n\r\n\r\nLicense\r\n=======\r\n\r\nnetbeacon is free software: you can redistribute it and/or modify\r\nit under the terms of the GNU General Public License as published by\r\nthe Free Software Foundation, either version 3 of the License, or\r\n(at your option) any later version.\r\n\r\nCopyright (c) 2012 Alexandre Dulaunoy - https://github.com/adulau/\r\n","note":"Don't delete this file! It's used internally to help with page regeneration."} \ No newline at end of file diff --git a/stylesheets/pygment_trac.css b/stylesheets/pygment_trac.css new file mode 100644 index 0000000..e65cedf --- /dev/null +++ b/stylesheets/pygment_trac.css @@ -0,0 +1,70 @@ +.highlight .hll { background-color: #ffffcc } +.highlight { background: #f0f3f3; } +.highlight .c { color: #0099FF; font-style: italic } /* Comment */ +.highlight .err { color: #AA0000; background-color: #FFAAAA } /* Error */ +.highlight .k { color: #006699; font-weight: bold } /* Keyword */ +.highlight .o { color: #555555 } /* Operator */ +.highlight .cm { color: #0099FF; font-style: italic } /* Comment.Multiline */ +.highlight .cp { color: #009999 } /* Comment.Preproc */ +.highlight .c1 { color: #0099FF; font-style: italic } /* Comment.Single */ +.highlight .cs { color: #0099FF; font-weight: bold; font-style: italic } /* Comment.Special */ +.highlight .gd { background-color: #FFCCCC; border: 1px solid #CC0000 } /* Generic.Deleted */ +.highlight .ge { font-style: italic } /* Generic.Emph */ +.highlight .gr { color: #FF0000 } /* Generic.Error */ +.highlight .gh { color: #003300; font-weight: bold } /* Generic.Heading */ +.highlight .gi { background-color: #CCFFCC; border: 1px solid #00CC00 } /* Generic.Inserted */ +.highlight .go { color: #AAAAAA } /* Generic.Output */ +.highlight .gp { color: #000099; font-weight: bold } /* Generic.Prompt */ +.highlight .gs { font-weight: bold } /* Generic.Strong */ +.highlight .gu { color: #003300; font-weight: bold } /* Generic.Subheading */ +.highlight .gt { color: #99CC66 } /* Generic.Traceback */ +.highlight .kc { color: #006699; font-weight: bold } /* Keyword.Constant */ +.highlight .kd { color: #006699; font-weight: bold } /* Keyword.Declaration */ +.highlight .kn { color: #006699; font-weight: bold } /* Keyword.Namespace */ +.highlight .kp { color: #006699 } /* Keyword.Pseudo */ +.highlight .kr { color: #006699; font-weight: bold } /* Keyword.Reserved */ +.highlight .kt { color: #007788; font-weight: bold } /* Keyword.Type */ +.highlight .m { color: #FF6600 } /* Literal.Number */ +.highlight .s { color: #CC3300 } /* Literal.String */ +.highlight .na { color: #330099 } /* Name.Attribute */ +.highlight .nb { color: #336666 } /* Name.Builtin */ +.highlight .nc { color: #00AA88; font-weight: bold } /* Name.Class */ +.highlight .no { color: #336600 } /* Name.Constant */ +.highlight .nd { color: #9999FF } /* Name.Decorator */ +.highlight .ni { color: #999999; font-weight: bold } /* Name.Entity */ +.highlight .ne { color: #CC0000; font-weight: bold } /* Name.Exception */ +.highlight .nf { color: #CC00FF } /* Name.Function */ +.highlight .nl { color: #9999FF } /* Name.Label */ +.highlight .nn { color: #00CCFF; font-weight: bold } /* Name.Namespace */ +.highlight .nt { color: #330099; font-weight: bold } /* Name.Tag */ +.highlight .nv { color: #003333 } /* Name.Variable */ +.highlight .ow { color: #000000; font-weight: bold } /* Operator.Word */ +.highlight .w { color: #bbbbbb } /* Text.Whitespace */ +.highlight .mf { color: #FF6600 } /* Literal.Number.Float */ +.highlight .mh { color: #FF6600 } /* Literal.Number.Hex */ +.highlight .mi { color: #FF6600 } /* Literal.Number.Integer */ +.highlight .mo { color: #FF6600 } /* Literal.Number.Oct */ +.highlight .sb { color: #CC3300 } /* Literal.String.Backtick */ +.highlight .sc { color: #CC3300 } /* Literal.String.Char */ +.highlight .sd { color: #CC3300; font-style: italic } /* Literal.String.Doc */ +.highlight .s2 { color: #CC3300 } /* Literal.String.Double */ +.highlight .se { color: #CC3300; font-weight: bold } /* Literal.String.Escape */ +.highlight .sh { color: #CC3300 } /* Literal.String.Heredoc */ +.highlight .si { color: #AA0000 } /* Literal.String.Interpol */ +.highlight .sx { color: #CC3300 } /* Literal.String.Other */ +.highlight .sr { color: #33AAAA } /* Literal.String.Regex */ +.highlight .s1 { color: #CC3300 } /* Literal.String.Single */ +.highlight .ss { color: #FFCC33 } /* Literal.String.Symbol */ +.highlight .bp { color: #336666 } /* Name.Builtin.Pseudo */ +.highlight .vc { color: #003333 } /* Name.Variable.Class */ +.highlight .vg { color: #003333 } /* Name.Variable.Global */ +.highlight .vi { color: #003333 } /* Name.Variable.Instance */ +.highlight .il { color: #FF6600 } /* Literal.Number.Integer.Long */ + +.type-csharp .highlight .k { color: #0000FF } +.type-csharp .highlight .kt { color: #0000FF } +.type-csharp .highlight .nf { color: #000000; font-weight: normal } +.type-csharp .highlight .nc { color: #2B91AF } +.type-csharp .highlight .nn { color: #000000 } +.type-csharp .highlight .s { color: #A31515 } +.type-csharp .highlight .sc { color: #A31515 } diff --git a/stylesheets/stylesheet.css b/stylesheets/stylesheet.css new file mode 100644 index 0000000..4189751 --- /dev/null +++ b/stylesheets/stylesheet.css @@ -0,0 +1,431 @@ +/******************************************************************************* +Slate Theme for Github Pages +by Jason Costello, @jsncostello +*******************************************************************************/ + +@import url(pygment_trac.css); + +/******************************************************************************* +MeyerWeb Reset +*******************************************************************************/ + +html, body, div, span, applet, object, iframe, +h1, h2, h3, h4, h5, h6, p, blockquote, pre, +a, abbr, acronym, address, big, cite, code, +del, dfn, em, img, ins, kbd, q, s, samp, +small, strike, strong, sub, sup, tt, var, +b, u, i, center, +dl, dt, dd, ol, ul, li, +fieldset, form, label, legend, +table, caption, tbody, tfoot, thead, tr, th, td, +article, aside, canvas, details, embed, +figure, figcaption, footer, header, hgroup, +menu, nav, output, ruby, section, summary, +time, mark, audio, video { + margin: 0; + padding: 0; + border: 0; + font: inherit; + vertical-align: baseline; +} + +/* HTML5 display-role reset for older browsers */ +article, aside, details, figcaption, figure, +footer, header, hgroup, menu, nav, section { + display: block; +} + +ol, ul { + list-style: none; +} + +blockquote, q { +} + +table { + border-collapse: collapse; + border-spacing: 0; +} + +a:focus { + outline: none; +} + +/******************************************************************************* +Theme Styles +*******************************************************************************/ + +body { + box-sizing: border-box; + color:#373737; + background: #212121; + font-size: 16px; + font-family: 'Myriad Pro', Calibri, Helvetica, Arial, sans-serif; + line-height: 1.5; + -webkit-font-smoothing: antialiased; +} + +h1, h2, h3, h4, h5, h6 { + margin: 10px 0; + font-weight: 700; + color:#222222; + font-family: 'Lucida Grande', 'Calibri', Helvetica, Arial, sans-serif; + letter-spacing: -1px; +} + +h1 { + font-size: 36px; + font-weight: 700; +} + +h2 { + padding-bottom: 10px; + font-size: 32px; + background: url('../images/bg_hr.png') repeat-x bottom; +} + +h3 { + font-size: 24px; +} + +h4 { + font-size: 21px; +} + +h5 { + font-size: 18px; +} + +h6 { + font-size: 16px; +} + +p { + margin: 10px 0 15px 0; +} + +footer p { + color: #f2f2f2; +} + +a { + text-decoration: none; + color: #007edf; + text-shadow: none; + + transition: color 0.5s ease; + transition: text-shadow 0.5s ease; + -webkit-transition: color 0.5s ease; + -webkit-transition: text-shadow 0.5s ease; + -moz-transition: color 0.5s ease; + -moz-transition: text-shadow 0.5s ease; + -o-transition: color 0.5s ease; + -o-transition: text-shadow 0.5s ease; + -ms-transition: color 0.5s ease; + -ms-transition: text-shadow 0.5s ease; +} + +#main_content a:hover { + color: #0069ba; + text-shadow: #0090ff 0px 0px 2px; +} + +footer a:hover { + color: #43adff; + text-shadow: #0090ff 0px 0px 2px; +} + +em { + font-style: italic; +} + +strong { + font-weight: bold; +} + +img { + position: relative; + margin: 0 auto; + max-width: 739px; + padding: 5px; + margin: 10px 0 10px 0; + border: 1px solid #ebebeb; + + box-shadow: 0 0 5px #ebebeb; + -webkit-box-shadow: 0 0 5px #ebebeb; + -moz-box-shadow: 0 0 5px #ebebeb; + -o-box-shadow: 0 0 5px #ebebeb; + -ms-box-shadow: 0 0 5px #ebebeb; +} + +pre, code { + width: 100%; + color: #222; + background-color: #fff; + + font-family: Monaco, "Bitstream Vera Sans Mono", "Lucida Console", Terminal, monospace; + font-size: 14px; + + border-radius: 2px; + -moz-border-radius: 2px; + -webkit-border-radius: 2px; + + + +} + +pre { + width: 100%; + padding: 10px; + box-shadow: 0 0 10px rgba(0,0,0,.1); + overflow: auto; +} + +code { + padding: 3px; + margin: 0 3px; + box-shadow: 0 0 10px rgba(0,0,0,.1); +} + +pre code { + display: block; + box-shadow: none; +} + +blockquote { + color: #666; + margin-bottom: 20px; + padding: 0 0 0 20px; + border-left: 3px solid #bbb; +} + +ul, ol, dl { + margin-bottom: 15px +} + +ul li { + list-style: inside; + padding-left: 20px; +} + +ol li { + list-style: decimal inside; + padding-left: 20px; +} + +dl dt { + font-weight: bold; +} + +dl dd { + padding-left: 20px; + font-style: italic; +} + +dl p { + padding-left: 20px; + font-style: italic; +} + +hr { + height: 1px; + margin-bottom: 5px; + border: none; + background: url('../images/bg_hr.png') repeat-x center; +} + +table { + border: 1px solid #373737; + margin-bottom: 20px; + text-align: left; + } + +th { + font-family: 'Lucida Grande', 'Helvetica Neue', Helvetica, Arial, sans-serif; + padding: 10px; + background: #373737; + color: #fff; + } + +td { + padding: 10px; + border: 1px solid #373737; + } + +form { + background: #f2f2f2; + padding: 20px; +} + +img { + width: 100%; + max-width: 100%; +} + +/******************************************************************************* +Full-Width Styles +*******************************************************************************/ + +.outer { + width: 100%; +} + +.inner { + position: relative; + max-width: 640px; + padding: 20px 10px; + margin: 0 auto; +} + +#forkme_banner { + display: block; + position: absolute; + top:0; + right: 10px; + z-index: 10; + padding: 10px 50px 10px 10px; + color: #fff; + background: url('../images/blacktocat.png') #0090ff no-repeat 95% 50%; + font-weight: 700; + box-shadow: 0 0 10px rgba(0,0,0,.5); + border-bottom-left-radius: 2px; + border-bottom-right-radius: 2px; +} + +#header_wrap { + background: #212121; + background: -moz-linear-gradient(top, #373737, #212121); + background: -webkit-linear-gradient(top, #373737, #212121); + background: -ms-linear-gradient(top, #373737, #212121); + background: -o-linear-gradient(top, #373737, #212121); + background: linear-gradient(top, #373737, #212121); +} + +#header_wrap .inner { + padding: 50px 10px 30px 10px; +} + +#project_title { + margin: 0; + color: #fff; + font-size: 42px; + font-weight: 700; + text-shadow: #111 0px 0px 10px; +} + +#project_tagline { + color: #fff; + font-size: 24px; + font-weight: 300; + background: none; + text-shadow: #111 0px 0px 10px; +} + +#downloads { + position: absolute; + width: 210px; + z-index: 10; + bottom: -40px; + right: 0; + height: 70px; + background: url('../images/icon_download.png') no-repeat 0% 90%; +} + +.zip_download_link { + display: block; + float: right; + width: 90px; + height:70px; + text-indent: -5000px; + overflow: hidden; + background: url(../images/sprite_download.png) no-repeat bottom left; +} + +.tar_download_link { + display: block; + float: right; + width: 90px; + height:70px; + text-indent: -5000px; + overflow: hidden; + background: url(../images/sprite_download.png) no-repeat bottom right; + margin-left: 10px; +} + +.zip_download_link:hover { + background: url(../images/sprite_download.png) no-repeat top left; +} + +.tar_download_link:hover { + background: url(../images/sprite_download.png) no-repeat top right; +} + +#main_content_wrap { + background: #f2f2f2; + border-top: 1px solid #111; + border-bottom: 1px solid #111; +} + +#main_content { + padding-top: 40px; +} + +#footer_wrap { + background: #212121; +} + + + +/******************************************************************************* +Small Device Styles +*******************************************************************************/ + +@media screen and (max-width: 480px) { + body { + font-size:14px; + } + + #downloads { + display: none; + } + + .inner { + min-width: 320px; + max-width: 480px; + } + + #project_title { + font-size: 32px; + } + + h1 { + font-size: 28px; + } + + h2 { + font-size: 24px; + } + + h3 { + font-size: 21px; + } + + h4 { + font-size: 18px; + } + + h5 { + font-size: 14px; + } + + h6 { + font-size: 12px; + } + + code, pre { + min-width: 320px; + max-width: 480px; + font-size: 11px; + } + +}