Commit graph

19 commits

Author SHA1 Message Date
2c53ebae21 Source IP added in the extended output 2013-06-11 08:20:54 +02:00
f732de8c83 Usage of nb_send updated 2013-06-08 10:52:30 +02:00
6c23e403c8 Logging fixed 2013-06-08 10:51:59 +02:00
89bfdb344d logging for seq store fixed 2013-06-08 10:07:49 +02:00
e5121985cc Multiple destinations option added
Multiple destinations via the -d option can be set:

python nb_send.py -d 127.0.0.1 -d 127.0.0.2 -s
2013-06-08 10:00:12 +02:00
74663a39f7 netbeacon example added 2012-12-08 14:01:29 +01:00
73ac46b5d6 Header level 3 in MD format 2012-12-08 13:50:31 +01:00
457c6fd35b First description of the netbeacon tool sets 2012-12-08 13:44:55 +01:00
1fbe22532e usage clarification 2012-12-08 13:44:05 +01:00
0fad43adfd usage clarified 2012-12-08 13:40:10 +01:00
a129166738 netbeacon pcap collector
nb_collect output netbeacon packet from pcap or live capture.

Example usage:
 nb_collect.py -r test.pcap

The extended output includes the timestamp of the pcap header.
2012-12-08 13:18:11 +01:00
dba349091c PSK option added 2012-12-08 13:00:17 +01:00
785d3b66b1 psk option and verbose option added 2012-12-08 11:59:04 +01:00
e59ee5e971 -d destination address option added
The destination IPv4 address where to send the netbeacon
to. IPv6 is currently not supported.
2012-12-05 18:59:43 +01:00
2441060500 -i to set the number of netbeacon to send (Default:10) 2012-12-05 18:53:50 +01:00
d9a9cdf082 -s option added for nb_send
Sequence is now saved on the sender side in a shelve.
2012-12-05 18:46:48 +01:00
6544699165 -t and -s added (time and sequence check)
-s option is checking the expected sequence value and store
the last seen value in a persistent shelve. The sequence is
an incremented unsigned integer value.

-t option to check time delta or not
2012-12-05 18:25:03 +01:00
40aeeb4fe3 Sequence is an unsigned integer 2012-12-05 08:10:17 +01:00
66a5b4866a netbeacon - network capture monitoring
netbeacon is a small free software to send beacon over the network
to test the following properties of your network capture (e.g. for
your honeypot network data capture, your data interception device,
your NIDS, ...):

 - Checking how long it takes for a packet to reach your monitoring.
 - Checking time inconsistencies between devices.
 - Checking missing packets or its ordering.

The netbeacon format is a simple ASCII format encapsulated in an UDP
packet. The format is the following:

header;epoch;sequence;hmac

The current header is nb
The epoch value (in UTC format)
The sequence an unsigned integer
and the HMAC-SHA1 signature.

A private shared key (PSK) is agreed between the netbeacon sender
and netbeacon recipient to ensure packet integrity using HMAC (SHA1).

As a test, you can directly send the debug output from nb_send.py to
nb_verify.py to verify your netbeacons.

 python nb_send.py | python nb_verify.py
 4aa846f627ae7f92991622e9a0199fbbdb71e48d
 valid signature for nb;1354690456;1;
 Time delay 0.0
 8b7ec2d5bb5e0644f2ba7f9842797296171e20e1
 valid signature for nb;1354690456;2;
2012-12-05 08:06:50 +01:00