wjy + tcp   71

Eternal Terminal
Eternal Terminal (ET) is a remote shell that automatically reconnects without interrupting the session. Learn how to install and use it here.
terminal  shell  tools  tcp  cool 
december 2019 by wjy
TCP/IP stack fingerprinting - Wikipedia
TCP/IP stack fingerprinting is the passive collection of configuration attributes from a remote device during standard layer 4 network communications. The combination of parameters may then be used to infer the remote machine's operating system (aka, OS fingerprinting), or incorporated into a device fingerprint.
tcp  security  fingerprints  wikipedia  scanner  privacy 
june 2019 by wjy
substack/tcp-bind: allocate a file descriptor to listen on a port later
allocate a file descriptor to listen on a port later

This is handy if you want to run a server on a low port but want to drop privileges as soon as possible.
node.js  nodejs  tcp  server  linux 
january 2018 by wjy
RSocket is a binary protocol for use on byte stream transports such as TCP, WebSockets, and Aeron.

It enables the following symmetric interaction models via async message passing over a single connection:

request/response (stream of 1)
request/stream (finite stream of many)
fire-and-forget (no response)
channel (bi-directional streams)
It supports session resumption, to allow resuming long-lived streams across different transport connections. This is particularly useful for mobile<->server communication when network connections drop, switch, and reconnect frequently.

Detailed information can be found in these documents:
networking  protocol  stream  streaming  tcp  websockets 
december 2017 by wjy
Your State is Not Mine: A Closer Look at Evading Stateful Internet Censorship
Understanding the behaviors of, and evading state-level Internet-
scale censorship systems such as the Great Firewall (GFW) of China,
has emerged as a research problem of great interest. One line of eva-
sion is the development of techniques that leverage the possibility
that the TCP state maintained on the GFW may not represent the
state at end-hosts. In this paper we undertake, arguably, the most ex-
tensive measurement study on TCP-level GFW evasion techniques,
with several vantage points within and outside China, and with
clients subscribed to multiple ISPs. We find that the state-of-the
art evasion techniques are no longer very effective on the GFW.
Our study further reveals that the primary reason that causes these
failures is the evolution of GFW over time. In addition, other factors
such as the presence of middleboxes on the route from the client to
the server also contribute to previously unexpected behaviors.
Our measurement study leads us to new understandings of the
GFW and new evasion techniques. Evaluations of our new eva-
sion strategies show that our new techniques provide much higher
success rates of (compared to prior schemes) ≈ 90 % or higher.
Our results further validate our new understandings of the GFW’s
evolved behaviors. We also develop a measurement-driven tool
INTANG, that systematically looks for and finds the best strategy
that works with a server and network path. Our measurements
show that INTANG can yield near perfect evasion rates and is ex-
tremely effective in aiding various protocols such as HTTP, DNS
over TCP, and Tor in evading the GFW
gfw  paper  tcp  networking 
november 2017 by wjy
mrschyte/socksmon: Monitor arbitrary TCP traffic using your HTTP interception proxy of choice
Monitor arbitrary TCP traffic using your HTTP interception proxy of choice
proxy  tcp  socks  python  mitm 
september 2017 by wjy
novnc/websockify: Websockify is a WebSocket to TCP proxy/bridge. This allows a browser to connect to any application/server/service. Implementations in Python, C, Node.js and Ruby.
Websockify is a WebSocket to TCP proxy/bridge. This allows a browser to connect to any application/server/service. Implementations in Python, C, Node.js and Ruby.
websocket  websockets  tcp  proxy  socks5  bridge 
august 2017 by wjy
SG :: Linux Broadband Tweaks
The TCP/IP parameters for tweaking a Linux-based machine for fast internet connections are located in /proc/sys/net/... (assuming 2.1+ kernel). This location is volatile, and changes are reset at reboot. There are a couple of methods for reapplying the changes at boot time, ilustrated below.
tcp  linux  sysadmin  tweak  networking 
january 2017 by wjy
This open source distribution contains documentation, scripts, and
other materials related to the BBR congestion control algorithm.

The first public release of BBR was here, in September 2016:


Test results, performance evaluations, feedback, and BBR-related
discussions are very welcome in the public e-mail list for BBR:


This is not an official Google product.
tcp  congestioncontrol  algorithm  google  optimization 
october 2016 by wjy
mTCP - Scalable User-level TCP Stack
mTCP is a high-performance user-level TCP stack for multicore systems. Scaling the performance of short TCP connections is fundamentally challenging due to inefficiencies in the kernel. mTCP addresses these inefficiencies from the ground up - from packet I/O and TCP connection management all the way to the application interface.
tcp  tcpstack  userspace  performance  networking  linux 
march 2016 by wjy
Let's code a TCP/IP stack, 1: Ethernet & ARP
Writing your own TCP/IP stack may seem like a daunting task. Indeed, TCP has accumulated many specifications over its lifetime of more than thirty years. The core specification, however, is seemingly compact1 - the important parts being TCP header parsing, the state machine, congestion control and retransmission timeout computation. The most common layer 2 and layer 3 protocols, Ethernet and IP respectively, pale in comparison to TCP’s complexity. In this blog series, we will implement a minimal userspace TCP/IP stack for Linux. The purpose of these posts and the resulting software is purely educational - to learn network and system programming at a deeper level.
programming  tcp  networking  tutorial  arp  demo  tun/tap 
march 2016 by wjy
lwIP - A Lightweight TCP/IP stack - Summary [Savannah]
This project is not part of the GNU Project. lwIP is a small independent implementation of the TCP/IP protocol suite that has been initially developed by Adam Dunkels and is now continued here. The focus of the lwIP TCP/IP implementation is to reduce resource usage while still having a full scale TCP. This makes lwIP suitable for use in embedded systems with tens of kilobytes of free RAM and room for around 40 kilobytes of code ROM. Main features include: - Protocols: IP, ICMP, UDP, TCP, IGMP, ARP, PPPoS, PPPoE - DHCP client, DNS client, AutoIP/APIPA (Zeroconf), SNMP agent (private MIB support) - APIs: specialized APIs for enhanced performance, optional Berkeley-alike socket API - Extended features: IP forwarding over multiple network interfaces, TCP congestion control, RTT estimation and fast recovery/fast retransmit - Addon applications: HTTP server, SNTP client, SMTP client, ping, NetBIOS nameserver
tcp  tcpip  stack  network  embedded 
august 2015 by wjy
TCP timestamps - ForensicsWiki
TCP timestamps are used to provide protection against wrapped sequence numbers. It is possible to calculate system uptime (and boot time) by analyzing TCP timestamps (see below). These calculated uptimes (and boot times) can help in detecting hidden network-enabled operating systems (see TrueCrypt), linking spoofed IP and MAC addresses together, linking IP addresses with Ad-Hoc wireless APs, etc.
tcp  timestamp  uptime 
july 2015 by wjy
Kyle Isom: S/Channel
This library was born out of a need to set up a secure channel over a TCP/IP network without the overhead of TLS. It uses NaCl for security, and follows the guidelines for secure channels outlined in Cryptography Engineering. A secure channel has the following properties: A bi-directional channel has separate keys for each direction. The channel has send and receive counters to prevent replayed messages; these message counters will be reset whenever the keys are rotated. A regressed message counter is considered a decryption failure. The channel transmits discrete messages, and doesn’t operate as a stream. New keys are generated for each channel. An eavesdropper can still perform traffic analysis to note when and how often the two sides communicate, and will be able to observe the size of the messages. There are three different types of keys that are used in this system; users of this system need only worry about one of them.
nacl  tcp  crypto  secure  cryptography 
july 2015 by wjy
C++ packet sniffing and crafting library
libtins is a high-level, multiplatform C++ network packet sniffing and crafting library. Its main purpose is to provide the C++ developer an easy, efficient, platform and endianess-independent way to create tools which need to send, receive and manipulate network packets. It uses a BSD-2 license and it's hosted at github.
c++  cpp  tcp  library  packet  sniffer  libtins  networking  programming 
april 2015 by wjy
CapLoader - Handles Big Data PCAP files
CapLoader is a Windows tool designed to handle large amounts of captured network traffic. CapLoader performs indexing of PCAP/PcapNG files and visualizes their contents as a list of TCP and UDP flows. Users can select the flows of interest and quickly filter out those packets from the loaded PCAP files. Sending the selected flows/packets to a packet analyzer tool like Wireshark or NetworkMiner is then just a mouse click away. CapLoader is the ideal tool to use when handling big data PCAP files in sizes up to many gigabytes (GB). The contents of individual flows can be exported to tools like Wireshark and NetworkMiner in just a matter of seconds.
software  tools  windows  network  packets  pcap  tcp  udp  netresec 
april 2015 by wjy
ssldump home page
ssldump is an SSLv3/TLS network protocol analyzer. It identifies TCP connections on the chosen network interface and attempts to interpret them as SSLv3/TLS traffic. When it identifies SSLv3/TLS traffic, it decodes the records and displays them in a textual form to stdout. If provided with the appropriate keying material, it will also decrypt the connections and display the application data traffic.
ssldump  tcpdump  ssl  tls  networking  tools  tcp 
march 2015 by wjy
Tunnel TCP over a plain HTTP session
tcp  http  tunnel  golang 
february 2015 by wjy
锐速 - 专业的服务器加速软件
锐速加速器 2006 年开始在美国硅谷设计研发新一代的 TCP 加速引擎,一种只需单边部署就可以起到显著加速效果的 TCP 加速技术,是目前业界唯一的智能学习及自适应单边 TCP 加速技术。
tcp  accelerater  china 
january 2015 by wjy
Performance-oriented Congestion Control
PCC: Performance-oriented Congestion Control Dramatically higher performance data delivery with a flexible transport architecture
tcp  peformance  congestioncontrol  networking 
january 2015 by wjy
WinDivert 1.1: Windows Packet Divert
Windows Packet Divert (WinDivert) is a user-mode packet capture-and-divert package for Windows Vista, Windows 2008, Windows 7, Windows 8.
tcp  network  networking  divert  windows 
november 2014 by wjy
Index of /downloads/qperf
qperf measures bandwidth and latency between two nodes. It can work over TCP/IP as well as the RDMA transports. On one of the nodes, qperf is typically run with no arguments designating it the server node. One may then run qperf on a client node to obtain measurements such as bandwidth, latency and cpu utilization.
qperf  networking  bandwidth  latency  tcp  profiling 
september 2014 by wjy
MultiPath TCP - Linux Kernel implementation : Main - Home Page browse
MultiPath TCP (MPTCP) is an effort towards enabling the simultaneous use of several IP-addresses/interfaces by a modification of TCP that presents a regular TCP interface to applications, while in fact spreading data across several subflows. Benefits of this include better resource utilization, better throughput and smoother reaction to failures. Slides - explaining MultiPath TCP - are available in .pdf and .pptx format. You can also have a look at our Google Techtalk about MPTCP, or the MultiPath TCP tutorial from Olivier Bonaventure at the IETF87.
networking  mptcp  tcp  multipath 
september 2014 by wjy
TCP Westwood - Wikipedia, the free encyclopedia
TCP Westwood (TCPW) is a sender-side-only modification to TCP New Reno that is intended to better handle large bandwidth-delay product paths (large pipes), with potential packet loss due to transmission or other errors (leaky pipes), and with dynamic load (dynamic pipes).
tcp  wikipedia  tcpw 
august 2014 by wjy
mini-TCP stack in Python, for fun
python  tcp 
august 2014 by wjy
Scapy is a powerful interactive packet manipulation program. It is able to forge or decode packets of a wide number of protocols, send them on the wire, capture them, match requests and replies, and much more. It can easily handle most classical tasks like scanning, tracerouting, probing, unit tests, attacks or network discovery (it can replace hping, 85% of nmap, arpspoof, arp-sk, arping, tcpdump, tethereal, p0f, etc.). It also performs very well at a lot of other specific tasks that most other tools can't handle, like sending invalid frames, injecting your own 802.11 frames, combining technics (VLAN hopping+ARP cache poisoning, VOIP decoding on WEP encrypted channel, ...), etc.
python  networking  tools  programming  packet  security  network  libpcap  tcp  packages 
november 2013 by wjy
TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
hacking  tcp  nmap  network  scanner  tools  security  portscanner 
september 2013 by wjy
ZMap · The Internet Scanner
ZMap is an open-source network scanner that enables researchers to easily perform Internet-wide network studies. With a single machine and a well provisioned network uplink, ZMap is capable of performing a complete scan of the IPv4 address space in under 45 minutes, approaching the theoretical limit of gigabit Ethernet. ZMap can be used to study protocol adoption over time, monitor service availability, and help us better understand large systems distributed across the Internet.
zmap  udp  tool  opensource  tcp  security  internet  scanner 
august 2013 by wjy
mothran/mongol · GitHub
A simple python tool to pinpoint the IP addresses of machines working for the Great Firewall of China
tcp  python  gfw 
december 2012 by wjy
WebTCP is a SockJS/TCP bridge that allows browsers to interact with remote TCP servers and make HTTP requests to any servers bypassing same-origin policy.
websockets  websocket  sockjs  library  lib  browser  tcp  js  javascript 
november 2012 by wjy
NodeJS service to tail log files and relay the results to syslog.
log  logging  tcp  syslog  daemon  nodejs  node.js 
october 2012 by wjy
an online request replication tool, fit for online testing, stress testing, performance evaluation,etc
tcpcopy  performance  tcp  testing 
august 2012 by wjy
Hping - Active Network Security Tool
hping is a command-line oriented TCP/IP packet assembler/analyzer. The interface is inspired to the ping(8) unix command, but hping isn't only able to send ICMP echo requests. It supports TCP, UDP, ICMP and RAW-IP protocols, has a traceroute mode, the ability to send files between a covered channel, and many other features.
software  networking  linux  sysadmin  hping  tools  network  ping  ip  icmp  udp  tcp  traceroute 
june 2012 by wjy
Steinar H. Gunderson
TCP optimization for video streaming
streaming  scale  tcp  networking 
may 2012 by wjy
joshbuddy/tcplock - GitHub
TCPLock is a proxy layer that places a semaphore in front of an arbitrary TCP/IP service.

TCPLock queues up connections and proxies them in a FIFO order.

TCPLock provides hooks so that actions can be taken prior to accepting the next connection in the queue, e.g., restarting OpenOffice.
lock  tcp  nodejs  node  tcplock  node.js 
february 2012 by wjy

related tags

accelerater  algorithm  android  arp  article  attack  audio  bandwidth  bittorrent  bridge  browser  c++  china  chinese  cloudflare  communication  comparison  congestioncontrol  cool  cpp  crypto  cryptography  daemon  ddos  demo  divert  dns  embedded  fingerprints  firewall  framework  ftrace  fuzzing  gamedev  gfw  golang  google  hacking  hacks  hping  http  icmp  initcwnd  injection  internet  ip  iptables  java  javascript  js  kernel  latency  lib  libpcap  library  libtins  linux  lock  log  logging  mit  mitm  modem  mptcp  multipath  nacl  netresec  netsh  network  networking  nmap  node  node.js  nodejs  ocaml  opensource  optimization  optimizer  p2p  packages  packet  packets  paper  pcap  pdf  peformance  performance  perftools  ping  portscanner  poster  privacy  profiling  programming  protocol  proxy  python  qperf  quic  rawsockets  remy  research  resources  routing  scalability  scale  scanner  secure  security  server  shell  sniffer  socket  socket.io  sockets  sockjs  socks  socks5  software  sound  ssl  ssldump  stack  stream  streaming  syn  sysadmin  syslog  tcp  tcpcopy  tcpdump  tcpip  tcplock  tcpstack  tcpw  terminal  testing  timestamp  tips  tls  tool  tools  traceroute  tsunami  tun/tap  tuning  tunnel  tutorial  tweak  udp  ultrasonic  uptime  userspace  visualization  vpn  vulnerability  websockes  websocket  websockets  wifi  wikipedia  windows  wireshark  zmap 

Copy this bookmark: