Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 629
  • Last Modified:

Network programming

hello

I am writing a programming to monitor my network

yes i know there a number of free programs out there but

i want it to be customizable and interact with the companies database.

I have come up on a few hurdles in the way tot he finishline

 1... I am using vb6 and cannot read the packets of the network
  ..what I want to do is to examine these packets and get some information from then.
 ..the source and the destination
..the source programs that genearted them etc.

 2... the program i am writing is designed to have some intrusion detection capabilities
.....in want to examine the packets for user info

BUT I CANNOT READ THE PACKETS IN VB6 I DONNOT KNOW HOW TO I TRIED EVERYTHING AND I WAS FINALLY SENT TO HERE THE NETWORKING SECTION.

iI AM I SERIOUS NEED I TRIED ALMOST EVERY TUTORIALS i even tried the cpac dlls and .......

help me please ..

this question values about 125 points but i donnt have that much points...
0
sespool
Asked:
sespool
1 Solution
 
MrPanCommented:
What I have done is downloaded a sample for planetsourcecode (.net) and changed it to write to a database if ou want to do it in vb6

If you want to do this in vb6 the Download the packetxlib from

http://www.beesync.com/packetx/index.html

Then use code something like this

        '-- Selects the First Adapter
        oPktX.Adapter = oPktX.Adapters(1)

        '-- Clear any variables first
        oPktCol.Clear()
        oPktX.Reset()

        '-- Starts the packet sniff
        oPktX.Start()

'After a period of time

oPktX.Stop()

You will need to do something with the event

    Private Sub oPktX_OnPacket(ByVal pPacket As PACKETXLib.Packet) Handles oPktX.OnPacket
        '-- When a Packet is recieved
        'If pPacket.SourcePort = 119 Or pPacket.DestPort = 119 Then
        'Else

        If EvalFilter(pPacket) Then
            ConvertPacketToMyPacketStruct(pPacket)
        End If
        'End If

    End Sub
0
 
sespoolAuthor Commented:
Thanks

but i am uising vb6

and  i am on a network

what it want to is to run this application fro, the server and then read all the packets across the network

i could then do analysis on these

i really donnt  get ur code...


help me i am lost
0
 
sespoolAuthor Commented:
sorry about the thread above

i ahve figured out how to get  the packets on one machine but how do i get them from the the network in general from the different work groups etc.

basically how do i go large scale


help me

mr  MrPan  has started me off but how do i fo large scale
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
vinnyd79Commented:
The machine that is running the code needs to be on a segment that can see all network traffic or it will never work.
0
 
MrPanCommented:
What I did was copy the data into a access database and used query to analise the data.

Things like the most packets from one IP address

Most packets to an IP address

Busiest time period
0
 
sespoolAuthor Commented:
Hello

i am want to now plot/create some charts from the information gathered

someone told me about krystal reporsts  but i cannot find any toturial on it any one who has tuotrial on this especially if  it relates to the scenario descrived aboved

 halla at me


also if there is ant thing else to create reports and charts  could pure vb6 coding do this ?
cuase i am not sure if i can buy this krsytal reports software................

ammm..

ses
0
 
MrPanCommented:
It should be Crystal reports and it is shipped with VB (or used to be)

If the data is in a database you can report over it

0
 
sespoolAuthor Commented:
Hello

crystal roports is certainly expensive isnt it

isnt there any other wat to generate roports

and i cannt find any crystal turorials for vb6



0
 
sespoolAuthor Commented:
Hello MrPan

I tried the packet code and i am now read packets and doing all different things thanks


i am how ever still struggling to figure out how to identify the intruions for the data collected i  donnt know what to look for does any one know of any site that i could get the current intrusion techniques and ways of identif\fing then

and how do i use  packetx to read the packets for a machine from and adator that is in anoiher machine.

how can  i read stay on one mahice and read the packet on another machince

i have the ip addresses for the mahines i want to capture the packets from but how do that
0
 
MrPanCommented:
Here are a couple of sub routines that may help

There should be an event fired with the packetx (Should define it so [withevents])

Then in the pPacket (or whatever variable name you use) there is a onpacket event

Write this to an array or structure if you look below you will see that pPcaket has properties for destIp and sourceIP.

If you do not want to use crystal you could use something like excel

----------------------------------------------------------------------------------------------

    Private Sub ConvertPacketToMyPacketStruct(ByVal pPacket As PACKETXLib.Packet)
        Dim PacketStruct As New structPackets()
        ReDim PacketStruct.PacketHeader(7)


        PacketStruct.PacketData = pPacket.DataArray

        '-- Determine what protocol this packet is using
        Select Case pPacket.Protocol
            Case PACKETXLib.PktXProtocolType.PktXProtocolTypeTCP
                PacketStruct.PacketHeader(1) = "TCP"
            Case PACKETXLib.PktXProtocolType.PktXProtocolTypeUDP
                PacketStruct.PacketHeader(1) = "UDP"
            Case PACKETXLib.PktXProtocolType.PktXProtocolTypeIP
                PacketStruct.PacketHeader(1) = "IP"
            Case PACKETXLib.PktXProtocolType.PktXProtocolTypeEthernet
                PacketStruct.PacketHeader(1) = "ETHERNET"
            Case PACKETXLib.PktXProtocolType.PktXProtocolTypeNone
                PacketStruct.PacketHeader(1) = "NONE"
        End Select

        'oItm.Tag = lstvPackets.Items.Count


        PacketStruct.PacketHeader(0) = Format(Now, "hh:mm:ss")
        PacketStruct.PacketHeader(2) = pPacket.DataSize
        PacketStruct.PacketHeader(3) = pPacket.DestIpAddress
        PacketStruct.PacketHeader(4) = pPacket.DestPort
        PacketStruct.PacketHeader(5) = pPacket.SourceIpAddress
        PacketStruct.PacketHeader(6) = pPacket.SourcePort

        AddPacket(PacketStruct)


    End Sub
0
 
sespoolAuthor Commented:
man thanx you have being a graet help

i am now have the problem of protocol

i am sure the  intruder will not jus sent packets to only four type and i would love to caputere then

and be able to report the protocol of those  packects but the PacketX componnet  only reads three type and has a general packet type for the reset how do i get he details fo the protocol of these packets.
0
 
MrPanCommented:
I am not sure if that is covered by none.

You could try an else after the type of protocols.

But at the end of the day if the control does not monitor them you would be unable to detect them.

I dont know anything about networking but wouldnt the packed have to conform to one of the standard types?
0
 
sespoolAuthor Commented:
what i am basically asking is if  there sis any way identify packets of the

ICMP
POP
SMTP
 etc..

so i can identifiy mail and noramal none intrusive traffic
0
 
starkoffCommented:
PacketX can decode limited number of protocols (Ethernet,IP,TCPorUDP) in standard LAN configuration. There is no way to get information about the other network protocols unless you do the all decoding by yourself. PacketX was met to be just an easy to use VB wrapper for Winpcap.
0
 
sespoolAuthor Commented:
Hello

alright

i am stuck with the protocols that packetx recognizes

i am trying now to work with
 
the graphs

can somebody plese tell me where i can find some crystal reports tutorial

i cannot understand it

i am using vb6, crystal report 8 and an access database

help me please
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now