i have developed of software which interacts with printer with python
my pc and printer is connected via usb port
so when print, the data pass through usb port.
from this anyone can sniff the data
i think the data transfer can be divided in 2 parts
pc --------------> usb driver -------------> printer
and in which point, do sniffers capture data?
And how can we prevent from sniffing the data?
There is nothing you can do to prevent the data capture. On the software side, it can be done with a driver, virtualization, inspection of memory. On hardware, there is affordable hardware which can emulate and proxy the data. There is more expensive hardware which can passively show what's happening.
At best, you can encrypt the data but if you expect the data to be used, there must obviously be some method to decrypt it... so any effort here is probably not worth it.
Related
I'd like to redirect traffic from and to USB devices in an application.
Particularly I want to talk to USB dongles.
So for example if a dongle is connected on a USB port, is it possible to get the traffic that is intended to be written to this device? On the other hand, can you simply write data in the same manner?
I don't have any experience so I'd appreciate to get some directions.
BTW, this is not intended to be used in anything illegal ;-)
With "USB dongles" you mean: Software license dongles?
First of all you should know that USB is not a stream of data such as RS232 but a very complex bus transferring a lot of different control and data messages.
On Linux you can use Wireshark to monitor the data on the USB bus. There are similar tools for Windows (up to Windows XP only) but the Windows version of Wireshark does only support Ethernet and not USB. Windows 7 has a built-in command line tool that does the same job.
If you really want to redirect data you might use something like "usbip" that allows sharing USB ports over network. You may simulate an USB dongle device by programming a server that simulates the dongle... However doing this is very tricky and requires a lot of programming experience!
I'm trying to reverse the protocol used by an early nineties logic analyzer an its PC software.
The device is connected via RS-232 (propietary wiring) and communicates with a DOS program, successfully running on DOSBOX.
I'm able to control the device with the original software but it would be useful to autimathe the downloading of data from the analyzer using a custom program but to do so I need to know what is going on the serial port.
Ineed to know what mode is the serial port set, while I know for sure the datarate is either 1200 or 9600 bps (configurable on the device) I don't know the flow control (I guess it is RTS/CTS).
I also need to tap into the conversation between the prgram and the device without disturbing their communication.
Reading the serial port with another program (cutecom/minicom) prevents the emulator from receiving the data from the hardware.
So, summing up, what I need to know is:
What configuration is set on /dev/ttyS0 (via IOCTL calls, i think)
What goes on between program and device.
I was thinking in programming a library which acts as a proxy for the standard c library (via LD_PRELOAD) but there must be an easier way to do this.
You can use slsnif (Serial Line SNIFfer).
http://linux.die.net/man/1/slsnif
Here's a link to the sourceforge project so you can download it. I don't believe it comes with any modern distributions but I could be wrong so check your distro's software repository first.
http://sourceforge.net/projects/slsnif/
I use ttyrpld for tty sniffing. I ported it to PPC and run it on 2.6.32. It logs all of the tty traffic on the board to files, one per tty. Works well.
I've got usb cable plugged to my computer, which D+ and D- pins are connected to multimeter. I want to send some raw bytes to get some voltage.. is it possible at all?
I'm 99% sure that usb port I've plugged cable in is something like /dev/bus/usb/002
I know that there was possibility to do the same with LPT or RS232 ports.
RS232 and LPT are not bus ! USB devices need to be addressed in order to become reachable.
Maybe unloading and reloading usb driver that drive your usb host... or trying to make a reset on usb hub host...
For doing this kind of operation on usb port, you have to break usb kernel driver and whipe all addressing operation to address directly the chipset...
At all, due to USB concept, I'm not sure you may successfully hold some power state on outlet.
For playing with that kind of physical IO, two solution:
Install a low-cost RS-232 <-> USB adapter
or better
Buy an Arduino micro-controller for prototyping and development.
I'm nearly 100% sure that you can't send anything down your USB lead unless you actually have a device at the other end. If you still want to play with this, get a cheap memory stick, break the casing off it [not too roughly], and measure whilst doing a large file-transfer to the memory stick, or some such.
But I'm not sure your multimeter will show much, as they tend to be a bit slow, compared to USB rates.
USB uses pull-up / pull-down resistors on the data lines to detect whether or not a port is connected (1.5k pull-up to 3.3v on the device side, 15k pull-down on the host side IIRC). The exact connection depends on the device speed.
So if you connect an appropriate resistor, the host should attempt to start signalling. Because of the data-rate, you might not be able to see that on a multimeter; an oscilloscope would be more appropriate.
If you want to by-pass the normal USB protocol and just blindly send data, I think you'll need to get your hands dirty and write code to bypass the usual device drivers and access the USB hardware directly. Even then I'm not sure what's possible - the USB hardware is a lot smarter than good ol' LPT and RS232 ports, which might get in the way of doing this sort of low level stuff.
I want to implement a driver in Linux, that has a Ethernet stack but the data going out on hardware will be a serial port. Basically, I want to register my serial port as a Ethernet driver. Does anyone have any idea if this is possible?
I want to be able to push IPv6 and/or UDP packets out of the serial port and in a similar way receive the packets via a serial port and pass it up the Ethernet stack.
I do not want to use the solution of serial-to-ethernet convertors(external hardware that convert a serial port to a ethernet port) but have that in my PC itself.
I tried PPP over the serial port and it works well. I am also told that I can do FTP, HTTP etc using the PPP. Reference to this - http://www.faqs.org/docs/Linux-HOWTO/Serial-Laplink-HOWTO.html
I have tried to hack the code from a RealTek Ethernet driver with a serial driver but not able to gain much success. Rather I do not know the stack of either to actually do anything meaningful. Any advice, guidance or tutorials would be helpful.
Thanks
Aditya
You need to get back to de basics on networking, the way I understand you question is: "I have a serial port and I want to use is an Ethernet link". Sorry to crush your dreams but you don't have the real hardware to do so, I'll elaborate on it.
A serial connection is a physical connection that requires 3 wires (at least) tx, rx and ground. On the logical side you have an IC that coverts binary data into signals that are represented by discrete voltage ranges.
Ethernet is a layer 2 protocol, the layer 1 is provided by the technology used to transmit the signals (coax, up, fiber etc.) As you might see by now, you need a different set of hardware to convert the logical Ethernet frames into a stream of digital numbers, in fact this is call framing.
Since Ethernet has been an easy to use protocol it has been implemented as e preferred protocol for many network operators, of course one of the biggest is PPPoE where you have a PPP session over an Ethernet link. Of course this won't work with your example neither since you're trying the opposite.
If you're just learning and have all the time in the world you can attempt to write your own Ethernet framer over serial lines. This means you need to implement IEEE802.3 into the driver and then you need to serialize the data to push it as a stream of bits over the serial line. Of course note the following drawbacks:
Your driver won't be able to fully support Ethernet, you need some support at hardware level to implement some signaling (example, auto negotiation, CSMA/CD, etc)
You driver will be pretty much useless unless you back in time where 115.2kbps is top speed in data transfers
IMHO there are more exciting projects that you can pick up in the networking field for device drivers. You can for example attempt to buy a NIC and develop the device driver for it from scratch and you can optimize certain areas. Finally, remember that most of the Ethernet implementations are now done in hardware so you don't have to do anything but filling a few registers on the MAC and voila!
SLIP and PPP do already what you want.
I am a rookie in network security field. I am eager to know if it is possible for a spoofing attack on a serial communication like RS232?
The notion of spoofing data for a real serial port is kinda funny, hard to spoof anything when you can see the opposite end of the cable. Still, serial ports made a comeback of sorts, lots of device drivers emulate a virtual serial port to make it easy for user-mode code to interface with them. Including drivers for things like BlueTooth, hard to see the other end of the cable then.
And yes, spoofing is trivial if you can replace the device driver. Luckily, replacing the device driver isn't trivial. In general, any machine that's insecure enough to allow drivers to be replaced is wide-open for any kind of attack, not just through a serial port.