We help IT Professionals succeed at work.

Check out our new AWS podcast with Certified Expert, Phil Phillips! Listen to "How to Execute a Seamless AWS Migration" on EE or on your favorite podcast platform. Listen Now

x

Network programming

sespool
sespool asked
on
Medium Priority
680 Views
Last Modified: 2007-12-19
hello

I am writing a programming to monitor my network

yes i know there a number of free programs out there but

i want it to be customizable and interact with the companies database.

I have come up on a few hurdles in the way tot he finishline

 1... I am using vb6 and cannot read the packets of the network
  ..what I want to do is to examine these packets and get some information from then.
 ..the source and the destination
..the source programs that genearted them etc.

 2... the program i am writing is designed to have some intrusion detection capabilities
.....in want to examine the packets for user info

BUT I CANNOT READ THE PACKETS IN VB6 I DONNOT KNOW HOW TO I TRIED EVERYTHING AND I WAS FINALLY SENT TO HERE THE NETWORKING SECTION.

iI AM I SERIOUS NEED I TRIED ALMOST EVERY TUTORIALS i even tried the cpac dlls and .......

help me please ..

this question values about 125 points but i donnt have that much points...
Comment
Watch Question

Commented:
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION

Author

Commented:
Thanks

but i am uising vb6

and  i am on a network

what it want to is to run this application fro, the server and then read all the packets across the network

i could then do analysis on these

i really donnt  get ur code...


help me i am lost

Author

Commented:
sorry about the thread above

i ahve figured out how to get  the packets on one machine but how do i get them from the the network in general from the different work groups etc.

basically how do i go large scale


help me

mr  MrPan  has started me off but how do i fo large scale

Commented:
The machine that is running the code needs to be on a segment that can see all network traffic or it will never work.

Commented:
What I did was copy the data into a access database and used query to analise the data.

Things like the most packets from one IP address

Most packets to an IP address

Busiest time period

Author

Commented:
Hello

i am want to now plot/create some charts from the information gathered

someone told me about krystal reporsts  but i cannot find any toturial on it any one who has tuotrial on this especially if  it relates to the scenario descrived aboved

 halla at me


also if there is ant thing else to create reports and charts  could pure vb6 coding do this ?
cuase i am not sure if i can buy this krsytal reports software................

ammm..

ses

Commented:
It should be Crystal reports and it is shipped with VB (or used to be)

If the data is in a database you can report over it

Author

Commented:
Hello

crystal roports is certainly expensive isnt it

isnt there any other wat to generate roports

and i cannt find any crystal turorials for vb6



Author

Commented:
Hello MrPan

I tried the packet code and i am now read packets and doing all different things thanks


i am how ever still struggling to figure out how to identify the intruions for the data collected i  donnt know what to look for does any one know of any site that i could get the current intrusion techniques and ways of identif\fing then

and how do i use  packetx to read the packets for a machine from and adator that is in anoiher machine.

how can  i read stay on one mahice and read the packet on another machince

i have the ip addresses for the mahines i want to capture the packets from but how do that

Commented:
Here are a couple of sub routines that may help

There should be an event fired with the packetx (Should define it so [withevents])

Then in the pPacket (or whatever variable name you use) there is a onpacket event

Write this to an array or structure if you look below you will see that pPcaket has properties for destIp and sourceIP.

If you do not want to use crystal you could use something like excel

----------------------------------------------------------------------------------------------

    Private Sub ConvertPacketToMyPacketStruct(ByVal pPacket As PACKETXLib.Packet)
        Dim PacketStruct As New structPackets()
        ReDim PacketStruct.PacketHeader(7)


        PacketStruct.PacketData = pPacket.DataArray

        '-- Determine what protocol this packet is using
        Select Case pPacket.Protocol
            Case PACKETXLib.PktXProtocolType.PktXProtocolTypeTCP
                PacketStruct.PacketHeader(1) = "TCP"
            Case PACKETXLib.PktXProtocolType.PktXProtocolTypeUDP
                PacketStruct.PacketHeader(1) = "UDP"
            Case PACKETXLib.PktXProtocolType.PktXProtocolTypeIP
                PacketStruct.PacketHeader(1) = "IP"
            Case PACKETXLib.PktXProtocolType.PktXProtocolTypeEthernet
                PacketStruct.PacketHeader(1) = "ETHERNET"
            Case PACKETXLib.PktXProtocolType.PktXProtocolTypeNone
                PacketStruct.PacketHeader(1) = "NONE"
        End Select

        'oItm.Tag = lstvPackets.Items.Count


        PacketStruct.PacketHeader(0) = Format(Now, "hh:mm:ss")
        PacketStruct.PacketHeader(2) = pPacket.DataSize
        PacketStruct.PacketHeader(3) = pPacket.DestIpAddress
        PacketStruct.PacketHeader(4) = pPacket.DestPort
        PacketStruct.PacketHeader(5) = pPacket.SourceIpAddress
        PacketStruct.PacketHeader(6) = pPacket.SourcePort

        AddPacket(PacketStruct)


    End Sub

Author

Commented:
man thanx you have being a graet help

i am now have the problem of protocol

i am sure the  intruder will not jus sent packets to only four type and i would love to caputere then

and be able to report the protocol of those  packects but the PacketX componnet  only reads three type and has a general packet type for the reset how do i get he details fo the protocol of these packets.

Commented:
I am not sure if that is covered by none.

You could try an else after the type of protocols.

But at the end of the day if the control does not monitor them you would be unable to detect them.

I dont know anything about networking but wouldnt the packed have to conform to one of the standard types?

Author

Commented:
what i am basically asking is if  there sis any way identify packets of the

ICMP
POP
SMTP
 etc..

so i can identifiy mail and noramal none intrusive traffic

Commented:
PacketX can decode limited number of protocols (Ethernet,IP,TCPorUDP) in standard LAN configuration. There is no way to get information about the other network protocols unless you do the all decoding by yourself. PacketX was met to be just an easy to use VB wrapper for Winpcap.

Author

Commented:
Hello

alright

i am stuck with the protocols that packetx recognizes

i am trying now to work with
 
the graphs

can somebody plese tell me where i can find some crystal reports tutorial

i cannot understand it

i am using vb6, crystal report 8 and an access database

help me please
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.