Download presentation
Presentation is loading. Please wait.
Published byDarcy Lawrence Modified over 9 years ago
1
Communications Sniffer Ed Paradise, Rob Lingle, Todd Hoffenberg, Henry Barnes, Robert Brooke Senior Design Proposal ECE4006D Internetworking Design Georgia Institute of Technology Fall 2002
2
Proposal Overview Introduction Project Organization Design Details Project Challenges Product Verification
3
Intro - Concept Sniffing e-mail from network traffic Used to search for specific threatening keywords Valuable to police organizations
4
Intro – Product Back end – retrieve packets and piece them together Database – store packets Front end – web-based access to database
5
Intro – Competing Products Carnivore FBI use - intercepts large volumes of email Data handled differently Etherpeek Admin. use - capture packets of data from many different sources AIM, Real Networks, Windows Media Player, Yahoo! Instant Messenger, and MSN Messenger Lacks database features
6
Project Organization Communications Sniffer Sniffer Python Code MySQL Database PHP GUI Sniffer Python Code: Ed, Rob, Hank MySQL Database: Todd, Bobby, Hank PHP GUI: Todd, Bobby
7
Project Organization WeekSniffer TaskDatabase/GUI Task 4 Preliminary GUI design 5 ArchitectureMeet to discuss database organization 6 ArchitectureSet up database and code search/scoring algorithm 7 Basic SMTP captureRun tests to ensure algorithms are fast enough for high traffic 8 Advanced SMTPWork on GUI/database interface 9 Basic POP capture / Python-MySQL DatabaseWork on GUI/database interface 10 Advanced POPWork on GUI/database interface 11 Basic IMAPFinishing touches/help database 12 Advanced IMAPWork on security/SSL connections to interface 13 TestingWork on security/SSL connections to interface 14 Interoperability of features with database/GUITesting/Additional Features 15 Interoperability of features with database/GUITesting/Additional Features 16 Documentation and paperTesting/Additional Features
8
Design Details - Sniffer Ideas: Ethereal, tcpdump, Sniffit None written in Python Tasks of code Differentiate emails from other traffic Reassemble email Translate code for tailored needs Starting point: Pylibpcab (sniff.py)
9
Design Details – Database/GUI GUI is web-based HTML PHP interface to database GUI highlights Only brief header information shown initially Body, full header, etc. available on request Email separation By e-mail address Scoring system for “offensive” emails – separate table
10
Design Details - Database MySQL Database GUI config/help E-mail address 1 E-mail address N Scored e-mails E-mail address list E-mail Storage Unit Scoring Rules Back-end table Intermediate sorter table GUI table Back-end + sorter table Sorter + GUI table
11
Challenges - Sniffer Sorting messages from multiple users Multi-packet messages Email attachments
12
Challenges – Database/GUI PHP/Python Interface Manipulation of filters during operation
13
Product Demonstration Small network required Mail server (Linux) “Listening post” system (Linux) System with communications sniffer software package End-user system (OS TBD)
14
Product Verification Reconstruct single-packet messages Reconstruct multi-packet messages Reconstruct attachments Handle different protocols: SMTP IMAP POP3
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.