Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1920
  • Last Modified:

vb.net passive tcp port monitoring of another application

I have a vendor-provided VoIP contact center application.  There is a softphone installed on the local PC which communicates with a CTI server application.  The CTI server is accessed via a constant IP address and port.  The port used on the local PC is dynamically assigned.

Using Wireshark, I have documented all of the XML command/responses that occur between the softphone and the CTI application.  What I am trying to do is to reverse-engineer a passive API that sits on the local PC and monitors this softphone-CTI server traffic.  I intend to use this information to record events and drive activities in our CRM application.

I've created a vb.net application that can monitor a port and capture the activity.  The problem is that although I am communicating to the CTI application using a fixed server port, the local TCP port is dynamic, so I don't know which port to listen to.  It is this local port that initiates the conversation.

Is there a way to passively monitor all active ports for traffic going TO a specific IP/port and then use that to determine which local port to monitor for outgoing/incoming traffic?

Thanks.
0
asrobins
Asked:
asrobins
  • 2
1 Solution
 
andr_ginCommented:
Version1:
You can use WinPcap that is used in Wireshark directly.
http://www.codeproject.com/KB/IP/dotnetwinpcap.aspx

Then you can log all packets that are Ethernet packets and IP packets and tcp packets and go from your computer of any port to a specific computer of a specific port.

Only combining the tcp packets to a continous stream may be complicated.

Version2:
You can build a simple proxy. You listen on the specific port and forward traffic to the same port on the other computer. Then you change the ip of the program on your pc to your local IP.
0
 
asrobinsAuthor Commented:
Building a simple proxy is a good solution.  Unfortunately, aynchronous socket programming is not altogether that simple!
0
 
andr_ginCommented:
1.) You can check TcpClient.Available to see, if there is data available in the buffer to read:

Do
    If ClientTcpClient.Available>0 Then
        BytesRead = ClientStream.Read(Buffer,0,Buffersize)
        ServerStream.Write(Buffer,0,BytesRead )
   EndIf
   If ServerTcpClient.Available>0 Then
        BytesRead = ServerStream.Read(Buffer,0,Buffersize)
        ClientStream.Write(Buffer,0,BytesRead )
   EndIf
Loop

2.) Dont try to read and write the same TcpClient/Networkstream in two threads at the same time. This will cause an error.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now