Tag: tcp

SPV client TCP connection in python

I am trying to implement an SPV client in python (for my own learning). I want to start by making a simple TCP connection to a full node, but I either cannot get a response to my version message, or to my verack message if the version message goes through. I have referenced this and this is the code that I am trying to run:

#Import dependencies
import socket
import time
import random
import struct
import hashlib
import binascii
import ssl
import socks

# Binary encode the sub-version
def create_sub_version():
    sub_version = "/Satoshi:0.7.2/"
    return b'x0F' + sub_version.encode()

# Binary encode the network addresses
def create_network_address(ip_address, port):
    network_address = struct.pack('>8s16sH', b'x01', 
        bytearray.fromhex("00000000000000000000ffff") + socket.inet_aton(ip_address), port)
    return(network_address)

# Create the TCP request object
def create_message(magic, command, payload):
    checksum = hashlib.sha256(hashlib.sha256(payload).digest()).digest()(0:4)
    return(struct.pack('L12sL4s', magic, command.encode(), len(payload), checksum) + payload)

# Create the "version" request payload
def create_payload_version(peer_ip_address):
    version = 60002
    services = 1
    timestamp = int(time.time())
    addr_local = create_network_address("127.0.0.1", 8333)
    addr_peer = create_network_address(peer_ip_address, 8333)
    nonce = random.getrandbits(64)
    start_height = 645953
    payload = struct.pack('<LQQ26s26sQ16sL', version, services, timestamp, addr_peer,
                          addr_local, nonce, create_sub_version(), start_height)
    return(payload)

# Create the "verack" request message
def create_message_verack():
    return bytearray.fromhex("f9beb4d976657261636b000000000000000000005df6e0e2")


# Create the "getdata" request payload
def create_payload_getdata(tx_id):
    count = 1
    type = 1
    hash = bytearray.fromhex(tx_id)
    payload = struct.pack('<bb32s', count, type, hash)
    return(payload)

# Print request/response data
def print_response(command, request_data, response_data):
    print("")
    print("Command: " + command)
    print("Request:")
    print(binascii.hexlify(request_data))
    print("Response:")
    print(binascii.hexlify(response_data))

if __name__ == '__main__':
    # Set constants
    magic_value = 0xd9b4bef9
    tx_id = "a13e7979d3607e187d2ce81ca9fdadfe967b2f3fc1109ce47d46cc09ebd41c50"
    peer_ip_address = socket.gethostbyname('bitcoin.aranguren.org') 
    peer_tcp_port =  50002
    buffer_size = 1024

    # Create Request Objects
    version_payload = create_payload_version(peer_ip_address)
    version_message = create_message(magic_value, 'version', version_payload)
    verack_message = create_message_verack()
    getdata_payload = create_payload_getdata(tx_id)
    getdata_message = create_message(magic_value, 'getdata', getdata_payload)

    # Establish TCP Connection
    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    s.settimeout(10)
    ws = ssl.wrap_socket(s, ssl_version=ssl.PROTOCOL_TLSv1)
    ws.connect((peer_ip_address, peer_tcp_port))

    # Send message "version"
    ws.send(version_message)
    response_data = ws.recv(buffer_size)
    print_response("version", version_message, response_data)

    # Send message "verack"
    ws.send(verack_message)
    response_data = ws.recv(buffer_size)
    print_response("verack", verack_message, response_data)

    # Send message "getdata"
    ws.send(getdata_message)
    response_data = ws.recv(buffer_size)
    print_response("getdata", getdata_message, response_data)

    # Close the TCP connection
    ws.close()

The server I connect to in the code is among the only ones that would respond to the version message, returning b’7b226a736f6e727063223a2022322e30222c20226572726f72223a207b22636f6465223a202d33323730302c20226d657373616765223a20226d65737361676573206d75737420626520656e636f64656420696e205554462d38227d2c20226964223a206e756c6c7d0a’.

I also tried referencing: this stack exchange question and Ken Shirriff’s github code, but none seem to work, either because I am using python3 or from other causes. I am a beginner in this, so if somebody could help me understand why I cannot get my messages across in the above code or has another implementation in python3, I would be grateful.

tcp – Exposing different services on the same port

My current project contains multiple heterogeneous TCP servers, but our IT guys have clearly declared that they will give me only one 443 port, which is fair enough.

Two options are on the table now. One is VPN. We can set up a VPN server inside our cooperation and implement the access control. The other one is to implement some kind of software switch, which peeks the recognizable features of any (S) packet and then route the connection to responsible service. Our IT guys are neutral to both approaches for now before any evidence shows that one is superior than the other.

The pros of VPN are that it is a well-established technology and widely used in practice. In our scenario, it ensures sensitive information to be encrypted. The cons are the effort we will need to implement access control policies and mechanisms. The number of services will possibly grow, and the service will go multi-tenant, so it will become more complex.

The pros of the software switch are that it is simple to implement because the features/protocols of the sub-services are well known to us. The cons are that no such practices are heard before (I might be ignorant here), and we are not so confident if exposing such an in-house solution to the Internet is a good idea.

If you were me, what approach do you prefer? Why? Details can be clarified if needed and allowed.

I really appreciate any comments and answers.

Does an attacker need to guess or brute-force a password for TCP spoofing?

From my understanding, TCP spoofing can be carried out if the attacker can correctly guess the sequence numbers from the response packets (to mimic the real client). The attacker may even obtain this sequence of numbers via sniffing. Furthermore, a trusted connection must already exist between the target client and the server in order for the attacker to intercept/spoof

However, I was a bit unclear as to whether the attacker would need to gain initial access to the system or network (by guessing or brute-forcing their password). In order to send the sequence numbers from response packets to the server, does the attacker need to have access to it? I am not sure whether this attacker can just send the SYN packets to the server without any access to the system/network. My concept of these things is a bit blurry right now and I would greatly appreciate some advice.

Thank you!

maximum concurrent tcp connection per minute

Hi,

How can we set maximum concurrent tcp connection per second using iptables?

If someone is ddos layer 7 with http connection if we … | Read the rest of https://www.webhostingtalk.com/showthread.php?t=1821806&goto=newpost

TCP traffic not going over VPN tunnel

I am facing issue with strongswan on Android (version 8/10).
my custom vpn is able to connect successfully with the server and is establishing tunnel.

Routes corresponding to this tunnel
ip route show table 0
172.5.0.16 dev tun1 table 1181 proto static scope link
192.168.120.0/24 dev tun1 table 1181 proto static scope link
default via 10.118.198.1 dev rmnet0 table 1003 proto static

ifconfig tun
tun1 Link encap:UNSPEC
inet addr:172.5.0.16 P-t-P:172.5.0.16 Mask:255.255.255.255
UP POINTOPOINT RUNNING MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:0 TX bytes:0

If I do ping to 192.168.120.100, it works well. Wireshark capture shows ESP request/response packets.

However, if I open TCP connection for remote address as 192.168.120.100 port 6000, TCP packets are not going over tunnel interface, rather they go over wifi interface and I can see destination of SYN packet as 192.168.120.100 and source as wifi interface address.

netstat
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program Name
tcp 0 0 0.0.0.0:1467 0.0.0.0:* LISTEN –
tcp 0 0 100.83.59.59:40979 216.239.36.135:443 ESTABLISHED –
tcp 0 1 100.83.59.59:40642 192.168.120.100:6000 SYN_SENT –

No SYN ACK since packets are going directly on wifi interface.
I also tried to bind TCP socket to my TUN interface IP but still same issue – SYN packet going directly out on the wifi interface.
netstat shows
tcp6 0 1 ::ffff:172.5.0.16:6002 ::ffff:192.168.120:6000 SYN_SENT –

Andriod version 10 and tried on 8. Tried with emulator and Samsung Galaxy 10.
I am not using root mode.

Please let me know what could be the possible issue.

operating systems – PSH flag in TCP header send a singal to the receiver process?

we know that when TCP data is received with PSH set, it will immediately transfer the received data to the application.and let’s when pushed data arrives the receiver side and the receiver application is not reading any data(busy with other tasks). then how does the receiver pass the data to its application process since the receiver’s process is not even reading data?is a signal sth like SIGXXX triggered and sent to receiver process to notify it that pushed data has arrived and you need to process it immediately?

python – How Can I Prevent Hackers From Spoofing TCP messages onto my server?

I have a Python client and server communicating over a TCP socket – they send and receive a certain set of standardized string commands to each other.

How can I prevent a hacker from creating their own client that sends the same kind of string commands (but with their own values) to the server?

Is it right that I can assume the hacker has access to the TCP messages being transmitted/received, but not the individual code that is being executed (if I only give them the executable)?

I’m new to network security and wanted to decide how best to design my network communication scheme.

Idea – I was imagining that I could possibly encrypt the messages before sending and decrypt on the server (assuming the hacker can’t find any of the keys in the source code?). Is this a secure way of going about it and am I on the right track?

networking – Serializing game information over TCP connection

I’m trying to write a Unity client with C++ game server with TCP socket. When I’m sending game data back and forth with client and server, I’d want to serialize it in someway that can be deserialized on both ends.

Is xml appropriate for this or is there a better method of doing this?

sharepoint online – Ngrok. Error “reconnecting (read tcp 192.168.1.80:50223->18.188.49.161:443: i/o timeout) ”

I want to debug a remote event receiver, so i am trying to run ngrok but it is failing.

I try to run the following command inside Ngrok command line window:-

ngrok http --host-header=rewrite  57269

but i got the following error:-

reconnecting (x509: certificate signed by unknown authority)

last week everything was working well.. Any Advice?

lightning network – Problem with the first Initialization of my LN node, dial tcp my-external-ip:9735: connect: connection timed out

Background

I was following 402 Payment Required’s LN video over here (https://www.youtube.com/watch?v=q0siLF9zmWo) and everything was good so far, until the moment of the first Initialization of my LN node, I got an (dial tcp my-external-ip:9735: connect: connection timed out) error.

I was starting the Initialization by the following way

lnd –externalip=X.X.X.X

And I’ve my lnd configuration file with the following attributes

alias=
debuglevel=debug
bitcoin.active=1
bitcoin.mainnet=1
bitcoin.node=bitcoind

I created the file (before) I started the Initialization.

Your environment

version of lnd: I don't know, I guess it's the latest version.
which operating system (uname -a on *Nix): Ubuntu 18.04
version of btcd, bitcoind, or other backend: bitcoind 0.19.1
any other relevant environment details: My Ubuntu is running on a VM machine with a (bridged) internet connection

Steps to reproduce

I don’t know how to reproduce the problem but here is a log with my issue

2020-08-14 20:33:16.008 (INF) BTCN: Server listening on (::):9735

2020-08-14 20:33:16.009 (INF) SRVR: Initializing peer network bootstrappers!

2020-08-14 20:33:16.009 (INF) SRVR: Creating DNS peer bootstrapper with seeds: ((nodes.lightning.directory soa.nodes.lightning.directory) (lseed.bitcoinstats.com ))

2020-08-14 20:33:16.010 (INF) DISC: Attempting to bootstrap with: Authenticated Channel Graph

2020-08-14 20:33:16.022 (INF) DISC: Attempting to bootstrap with: BOLT-0010 DNS Seed: ((nodes.lightning.directory soa.nodes.lightning.directory) (lseed.bitcoinstats.com ))

2020-08-14 20:33:16.426 (INF) DISC: Obtained 1 addrs to bootstrap network with

2020-08-14 20:33:19.428 (DBG) SRVR: Waiting 2s before trying to locate bootstrap peers (attempt #1)

2020-08-14 20:33:21.428 (INF) DISC: Attempting to bootstrap with: BOLT-0010 DNS Seed: ((nodes.lightning.directory soa.nodes.lightning.directory) (lseed.bitcoinstats.com ))

2020-08-14 20:33:21.463 (INF) DISC: Attempting to bootstrap with: Authenticated Channel Graph

2020-08-14 20:33:21.464 (ERR) SRVR: Unable to retrieve initial bootstrap peers: no addresses found

2020-08-14 20:33:21.464 (DBG) SRVR: Waiting 4s before trying to locate bootstrap peers (attempt #2)

2020-08-14 20:33:25.464 (INF) DISC: Attempting to bootstrap with: BOLT-0010 DNS Seed: ((nodes.lightning.directory soa.nodes.lightning.directory) (lseed.bitcoinstats.com ))

2020-08-14 20:33:25.504 (INF) DISC: Attempting to bootstrap with: Authenticated Channel Graph

2020-08-14 20:33:25.504 (ERR) SRVR: Unable to retrieve initial bootstrap peers: no addresses found

2020-08-14 20:33:25.504 (DBG) SRVR: Waiting 8s before trying to locate bootstrap peers (attempt #3)

2020-08-14 20:33:33.504 (INF) DISC: Attempting to bootstrap with: BOLT-0010 DNS Seed:
((nodes.lightning.directory soa.nodes.lightning.directory) (lseed.bitcoinstats.com ))

2020-08-14 20:33:33.539 (INF) DISC: Attempting to bootstrap with: Authenticated Channel Graph

2020-08-14 20:33:33.539 (ERR) SRVR: Unable to retrieve initial bootstrap peers: no addresses found

2020-08-14 20:33:33.539 (DBG) SRVR: Waiting 16s before trying to locate bootstrap peers (attempt #4)

2020-08-14 20:33:49.540 (INF) DISC: Attempting to bootstrap with: Authenticated Channel Graph

2020-08-14 20:33:49.540 (INF) DISC: Attempting to bootstrap with: BOLT-0010 DNS Seed: ((nodes.lightning.directory soa.nodes.lightning.directory) (lseed.bitcoinstats.com ))

2020-08-14 20:33:49.578 (ERR) SRVR: Unable to retrieve initial bootstrap peers: no addresses found

2020-08-14 20:33:49.578 (DBG) SRVR: Waiting 32s before trying to locate bootstrap peers (attempt #5)

2020-08-14 20:34:21.579 (INF) DISC: Attempting to bootstrap with: Authenticated Channel Graph

2020-08-14 20:34:21.580 (INF) DISC: Attempting to bootstrap with: BOLT-0010 DNS Seed: ((nodes.lightning.directory soa.nodes.lightning.directory) (lseed.bitcoinstats.com ))

2020-08-14 20:34:21.735 (ERR) SRVR: Unable to retrieve initial bootstrap peers: no addresses found

2020-08-14 20:34:21.735 (DBG) SRVR: Waiting 1m0s before trying to locate bootstrap peers (attempt #6)

2020-08-14 20:35:21.736 (INF) DISC: Attempting to bootstrap with: Authenticated Channel Graph

2020-08-14 20:35:21.736 (INF) DISC: Attempting to bootstrap with: BOLT-0010 DNS Seed: ((nodes.lightning.directory soa.nodes.lightning.directory) (lseed.bitcoinstats.com ))

2020-08-14 20:35:22.280 (ERR) SRVR: Unable to retrieve initial bootstrap peers: no addresses found

2020-08-14 20:35:22.280 (DBG) SRVR: Waiting 1m0s before trying to locate bootstrap peers (attempt #7)

2020-08-14 20:35:27.316 (ERR) SRVR: Unable to connect to ##################################################################@my-external-ip:9735: dial tcp my-external-ip:9735: connect: connection timed out

2020-08-14 20:36:22.280 (INF) DISC: Attempting to bootstrap with: BOLT-0010 DNS Seed:
((nodes.lightning.directory soa.nodes.lightning.directory) (lseed.bitcoinstats.com ))

2020-08-14 20:36:22.347 (INF) CRTR: Pruning channel graph using block 0000000000000000000f09423cef42338b27f29244a99deed77411cf2e6edb57 (height=643720)

2020-08-14 20:36:22.349 (INF) CRTR: Block 0000000000000000000f09423cef42338b27f29244a99deed77411cf2e6edb57 (height=643720) closed 0 channels

2020-08-14 20:36:22.461 (DBG) NTFN: Filtering 3178 txns for 0 spend requests at height 643720

2020-08-14 20:36:22.523 (INF) NTFN: New block: height=643720, sha=0000000000000000000f09423cef42338b27f29244a99deed77411cf2e6edb57

2020-08-14 20:36:22.523 (DBG) SWPR: New block: height=643720, sha=0000000000000000000f09423cef42338b27f29244a99deed77411cf2e6edb57

2020-08-14 20:36:22.523 (INF) UTXN: Attempting to graduate height=643720: num_kids=0, num_babies=0

2020-08-14 20:36:22.524 (DBG) DISC: New block: height=643720, hash=0000000000000000000f09423cef42338b27f29244a99deed77411cf2e6edb57

2020-08-14 20:36:22.757 (INF) DISC: Attempting to bootstrap with: Authenticated Channel Graph

2020-08-14 20:36:22.758 (ERR) SRVR: Unable to retrieve initial bootstrap peers: no addresses found

2020-08-14 20:36:22.758 (DBG) SRVR: Waiting 1m0s before trying to locate bootstrap peers (attempt #8)

I tried dig nodes.lightning.directory and got the following output

; <<>> DiG 9.11.3-1ubuntu1.12-Ubuntu <<>> nodes.lightning.directory

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48349

;; flags: qr rd ra; QUERY: 1, ANSWER: 25, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:

; EDNS: version: 0, flags:; udp: 65494

;; QUESTION SECTION:

;nodes.lightning.directory. IN A

;; ANSWER SECTION:

nodes.lightning.directory. 60 IN A 93.46.54.4

nodes.lightning.directory. 60 IN A 82.1.254.100

nodes.lightning.directory. 60 IN A 83.162.151.227

nodes.lightning.directory. 60 IN A 163.158.202.112

nodes.lightning.directory. 60 IN A 212.47.254.6

nodes.lightning.directory. 60 IN A 3.12.163.140

nodes.lightning.directory. 60 IN A 178.128.165.102

nodes.lightning.directory. 60 IN A 51.83.41.129

nodes.lightning.directory. 60 IN A 193.194.163.53

nodes.lightning.directory. 60 IN A 35.229.93.213

nodes.lightning.directory. 60 IN A 52.38.99.14

nodes.lightning.directory. 60 IN A 3.16.193.211

nodes.lightning.directory. 60 IN A 73.147.115.80

nodes.lightning.directory. 60 IN A 176.122.101.230

nodes.lightning.directory. 60 IN A 173.249.48.168

nodes.lightning.directory. 60 IN A 18.223.138.245

nodes.lightning.directory. 60 IN A 203.118.186.226

nodes.lightning.directory. 60 IN A 104.248.111.88

nodes.lightning.directory. 60 IN A 46.59.13.35

nodes.lightning.directory. 60 IN A 185.228.141.6

nodes.lightning.directory. 60 IN A 98.210.161.137

nodes.lightning.directory. 60 IN A 86.176.78.2

nodes.lightning.directory. 60 IN A 152.32.173.177

nodes.lightning.directory. 60 IN A 176.74.136.237

nodes.lightning.directory. 60 IN A 45.77.156.146

;; Query time: 154 msec

;; SERVER: 127.0.0.53#53(127.0.0.53)

;; WHEN: Fri Aug 14 23:13:30 EET 2020

;; MSG SIZE rcvd: 454

Expected behavior

I expected the Initialization would work normally without any issues.

Actual behavior

The first Initialization of the LN node didn’t happen, stuck in the loop of trying to locate bootstrap peers