summaryrefslogtreecommitdiff
Unidiff
Diffstat (more/less context) (ignore whitespace changes)
-rw-r--r--noncore/net/wellenreiter/docs/specification23
1 files changed, 22 insertions, 1 deletions
diff --git a/noncore/net/wellenreiter/docs/specification b/noncore/net/wellenreiter/docs/specification
index d833451..0766ef4 100644
--- a/noncore/net/wellenreiter/docs/specification
+++ b/noncore/net/wellenreiter/docs/specification
@@ -1,119 +1,140 @@
1 1
2-[ Design of wellenreiter ]- 2-[ Design of wellenreiter ]-
3 3
4written by: Martin J. Muench <mjm@codito.de> 4written by: Martin J. Muench <mjm@codito.de>
5 5
6-[ Introduction 6-[ Introduction
7 7
8This is just a short overview of the new design of wellenreiter. 8This is just a short overview of the new design of wellenreiter.
9There will for sure be some changes and most parts will be specified 9There will for sure be some changes and most parts will be specified
10in more detail. 10in more detail.
11 11
12 12
13-[ Program 13-[ Program
14 14
15wellenreiter 1.7 15wellenreiter 1.7
16(will be named 2.0 after all the functions are implemented and the code 16(will be named 2.0 after all the functions are implemented and the code
17is cleaned up and audited) 17is cleaned up and audited)
18 18
19 19
20-[ Short description 20-[ Short description
21 21
22Wellenreiter is a wireless sniffing tool like netstumbler, kismet et al. 22Wellenreiter is a wireless sniffing tool like netstumbler, kismet et al.
23It discovers Access Points and Ad-Hoc networks and displays all available 23It discovers Access Points and Ad-Hoc networks and displays all available
24information about them so that you can simply join unencrypted network 24information about them so that you can simply join unencrypted network
25(without access restrictions) with the given informations. 25(without access restrictions) with the given informations.
26For the latest version of wellenreiter look at: 26For the latest version of wellenreiter look at:
27http://wellenreiter.sourceforge.net. 27http://wellenreiter.sourceforge.net.
28 28
29 29
30-[ Overview 30-[ Overview
31 31
32The software is divided into 2 sections, the daemon and the GUI. 32The software is divided into 2 sections, the daemon and the GUI.
33The daemon does the active sniffing, analying stuff etc.pp. and 33The daemon does the active sniffing, analying stuff etc.pp. and
34sends the informations to the GUI which displays the results. 34sends the informations to the GUI which displays the results.
35 35
36 36
37-[ Configuration 37-[ Configuration
38 38
39The configuration is done by both, the GUI and the daemon so that the 39The configuration is done by both, the GUI and the daemon so that the
40GUI only provides the graphical interface to the configuration library 40GUI only provides the graphical interface to the configuration library
41of the daemon. That means that the daemon loads the config file on 41of the daemon. That means that the daemon loads the config file on
42startup and sends the informations to the GUI. The GUI contains an option 42startup and sends the informations to the GUI. The GUI contains an option
43"configure" where the settings can be changed. They will be sent to the 43"configure" where the settings can be changed. They will be sent to the
44daemon which actually changes the configuration file. 44daemon which actually changes the configuration file.
45The configuration file is placed in /usr/local/etc/wellenreiter.conf. 45The configuration file is placed in /usr/local/etc/wellenreiter.conf.
46The whole content of this file cannot be specified yet. 46The whole content of this file cannot be specified yet.
47 47
48OPIE specific: Opie contains a bunch of high-level configuration classes,
49which are used by most Opie applications. It should be discussed whether
50to use this structure / API (preferred) or use a proprietary one.
51
48 52
49-[ Interaction GUI<->daemon 53-[ Interaction GUI<->daemon
50 54
51The GUI and the daemon will talk actively with eachother, meaning that 55The GUI and the daemon will talk actively with eachother, meaning that
52everyside who has informations for the other part will send it and not 56everyside who has informations for the other part will send it and not
53wait for the other part to poll. 57wait for the other part to poll.
54For example the sniffing function of the daemon is startet when a 58For example the sniffing function of the daemon is startet when a
55"start_sniff" from the GUI arrived. And when the daemon found a network 59"start_sniff" from the GUI arrived. And when the daemon found a network
56it will be directly send to the GUI to be able to sniff in realtime. 60it will be directly send to the GUI to be able to sniff in realtime.
57 61
58 62
59-[ Communication GUI<->daemon 63-[ Communication GUI<->daemon
60 64
61Not yet specified. 65The GUI and the daemon run as threads within one process, where the GUI
66thread will be the main thread. Both the daemon and the GUI thread are
67(mostly) "free-running". Once the GUI thread is started and has finished
68its initializations, it jumps into the Qt event loop ( QApplication::exec() ).
69
70If the daemon thread is actively working and -
71for instance - has acquired interesting data for the GUI thread to display,
72it calls a special reentrant method of the GUI thread ( QApplication::postEvent )
73either transmitting the whole data structure or saying "Hey, there's interesting data
74for you", which the GUI thread then retrieves.
75To enable a free running daemon thread to actually receive messages from the
76GUI thread, it's useful to to include a non-blocking check-for-messages-function
77within the daemon main loop <since it is waiting for messages from a GUI thread,
78this function has not be called very often>. If applicable, the daemon thread must
79not call this function but only monitor some guarded variables from time to time
80which the GUI thread can modify to alter the behaviour of the daemon thread.
81
82IMHO this is a much more leightweight design than to use a proprietary udp-socket protocol.
62 83
63 84
64-[ Setting card modes 85-[ Setting card modes
65 86
66One of the most interesting parts is the switching of the wirelesscards to 87One of the most interesting parts is the switching of the wirelesscards to
67different channels, to monitor mode and so on. In the older versions this 88different channels, to monitor mode and so on. In the older versions this
68actions were done by the calling of external programs, that is now obsolete. 89actions were done by the calling of external programs, that is now obsolete.
69We will use the API of the wireless drivers to set it up. 90We will use the API of the wireless drivers to set it up.
70 91
71 92
72-[ Sniffing 93-[ Sniffing
73 94
74The sniffing will be done by capturing and analyzing all packets using the 95The sniffing will be done by capturing and analyzing all packets using the
75pcap library. The sniffer itself will be a function of the daemon which will 96pcap library. The sniffer itself will be a function of the daemon which will
76probably be threaded so that this function is non-blocking. 97probably be threaded so that this function is non-blocking.
77If a packet is found the sniffer sends it to an analyzer function which 98If a packet is found the sniffer sends it to an analyzer function which
78analyzes the packets, strips the results and sends it to the GUI. 99analyzes the packets, strips the results and sends it to the GUI.
79 100
80 101
81-[ Logging 102-[ Logging
82 103
83The GUI should not need to log that much so it logs to STDERR. The daemon 104The GUI should not need to log that much so it logs to STDERR. The daemon
84will be able to run in foreground and log to STDERR and syslog but normally 105will be able to run in foreground and log to STDERR and syslog but normally
85it will only log to syslog (INFO/ERR). 106it will only log to syslog (INFO/ERR).
86Logging of found networks, packets and so on will also be done by the daemon 107Logging of found networks, packets and so on will also be done by the daemon
87but set up by the GUI. 108but set up by the GUI.
88 109
89 110
90-[ GPS 111-[ GPS
91 112
92The gps daemon software will be used, hopefully by their API if they provide 113The gps daemon software will be used, hopefully by their API if they provide
93that. If not, we have to use system() calls, hope we do not. 114that. If not, we have to use system() calls, hope we do not.
94 115
95 116
96-[ Security 117-[ Security
97 118
98The programm and the daemon will have to run with SUID privileges for being 119The programm and the daemon will have to run with SUID privileges for being
99able to change card modes etc. so the code has to be audited several times. 120able to change card modes etc. so the code has to be audited several times.
100Setuid 0 will only be called when really needing the privileges and dropped 121Setuid 0 will only be called when really needing the privileges and dropped
101directly after every single systemcall. 122directly after every single systemcall.
102The daemon will implement an access control list where it specifies which 123The daemon will implement an access control list where it specifies which
103IPs or network interfaces will have access to it. 124IPs or network interfaces will have access to it.
104The configuration file will be chmod'ed 0400, for writing the configuration 125The configuration file will be chmod'ed 0400, for writing the configuration
105library will change the mode. Of course the file will be locked during 126library will change the mode. Of course the file will be locked during
106writing so no race conditions can occur. 127writing so no race conditions can occur.
107 128
108 129
109-[ Documentation 130-[ Documentation
110 131
111Wellenreiter will have it's own wellenreiter(8) manpage with most parts of 132Wellenreiter will have it's own wellenreiter(8) manpage with most parts of
112the README file in there. 133the README file in there.
113Also we will provide general documentation about wireless scanning, security 134Also we will provide general documentation about wireless scanning, security
114risks with wireless devices and so on. 135risks with wireless devices and so on.
115Most documentation will be intern like this one. The GUI and the daemon 136Most documentation will be intern like this one. The GUI and the daemon
116should have a non-technical documentation and a developers version so we 137should have a non-technical documentation and a developers version so we
117can easily develope with other peoples code without having to read it 138can easily develope with other peoples code without having to read it
118completely. 139completely.
119 140