| blob | 6c7a707af0bf3248f677da721033d0148c75441d |
1 Projects
2 ////////
4 Open projects for the netsniff-ng toolkit are listed here. However, those are
5 current ideas for projects that came to our mind. We are also open for blue-sky
6 proposals that are not included in this list. If you are interested in
7 participation, let us know! We are always looking forward to get help in
8 improving the toolkit:
11 - Better protocol support for netsniff-ng's dissector: Until now, netsniff-ng
12 only supports a small subsets of protocols with rather low-level information
13 output. The aim is to improve currently supported protocols and add new
14 important protocols that should be shipped with netsniff-ng.
15 - Tool: netsniff-ng
16 - Required skills: C, Protocols
17 - Difficulty: Easy - Medium
20 - Extensive testing (with eventual code fixing) and performance evaluation:
21 The three more complex projects of the toolkit need a throughout evaluation
22 of all their features, if they work stable under stress, if the features do
23 what they should do. In error cases, code must be fixed of course. Also,
24 the three tools should be evaluated and reviewed regarding performance (pps),
25 if optimizations can be made in the critical path. Optimizations should be
26 compared in regard to packets per second before and after the change.
27 - Tool: netsniff-ng, trafgen (both with Jumbo frames), curvetun
28 - Required skills: Testing, C
29 - Difficulty: Easy - Hard
32 - Reduce general code size, refactor, improve code (i.e. rewrite parsers):
33 Some of the toolkit's code is quite messy and some code totally unused.
34 The aim is to find such code sections and improve them in order to reduce
35 overall code size, and improve readability and software design without
36 introducing a decrease of performance.
37 - Tool: all
38 - Required skills: C
39 - Difficulty: Easy - Hard
42 - Improve manpages, write a user's guide, maybe technical paper: Until now,
43 the focus on the toolkit was the implementation, but not that intensively
44 on the documentation. The latter is even more important for potential users.
45 Hence, manpages should be improved in depth, examples should be given and
46 a more complex documentation or technical paper should be written in LaTeX.
47 - Tool: all
48 - Required skills: POD, Manpages, LaTeX
49 - Difficulty: Easy - Medium
52 - TPACKETv2 (TPACKETv3) support: Right now, the toolkit uses the TPACKETv1
53 API for the RX_RING and TX_RING of the Linux kernel. We would like to know
54 if there's a potential benefit of migrating the code to TPACKETv2 or
55 TPACKETv3 (if released). If so, then the current code should be migrated
56 to the more up-to-date TPACKET version including a review of a potential
57 performance benefit or degradation.
58 - Tool: netsniff-ng, trafgen
59 - Required skills: C
60 - Difficulty: Easy - Medium
63 - PCAP anonymization support: Similar to scrub-tcpdump, we would like to see
64 a possibility for packet anonymization in netsniff-ng. This means, that the
65 resulting pcap file can be used for collaboration or released without
66 corrupting anonymity of the network represented by the capture flow.
67 (http://scrub-tcpdump.sourceforge.net/index.php)
68 - Tool: netsniff-ng
69 - Required skills: C
70 - Difficulty: Easy - Medium
73 - Improve ifpps with things like 'Gnuplot support', 'Power usage / temperature',
74 'Colorized output': ifpps is a useful tool to monitor the system and
75 especially the network subsystem. It could be even more useful if it has
76 features like exporting data into Gnuplot or RRD files, like adding more
77 sensor data output like power states or temperature values, and additionally
78 it could also have a colored output just like flowtop.
79 - Tool: ifpps
80 - Required skills: C, Gnuplot, Procfs
81 - Difficulty: Easy - Medium
84 - Add IPv6 support: ashunt and flowtop have been implemented in IPv4 with
85 stubs for IPv6 code. IPv6 support should be implemented and tested
86 intensively. Possibly, existing code needs to be improved and refactored
87 for IPv6 integration. IPv6 support in curvetun already exists. However,
88 it still needs throughout testing.
89 - Tool: ashunt, flowtop, curvetun (testing)
90 - Required skills: C
91 - Difficulty: Medium
94 - Implement Packet departure timing models (i.e. exponential, uniform, cauchy,
95 normal, pareto distributed) and other packet scheduling behaviours (MB/s,
96 ...), ideally as a plugin architecture for trafgen. Until now, there are
97 only two working modes in trafgen: high-speed and a static inter-departure
98 timing gap. Hence, such features need to be added for a traffic generator.
99 - Tool: trafgen
100 - Required skills: C
101 - Difficulty: Medium - Hard
104 - Unit test preparation and integration for the whole toolkit: Right now, the
105 netsniff-ng toolkit does not have a suite with test cases, although
106 netsniff-ng highly needs a test suite. This project's intention is to
107 evaluate which test frameworks are appropriate for the toolkit, to integrate
108 those frameworks with an initial set of unit tests for each framework.
109 - Tool: all
110 - Required skills: C, Shell, Sharness?, Coccinelle?, CMake?
111 - Difficulty: Medium - Hard
114 - Interactive txf config generator with a set of supported protocols and
115 support for packet distribution models (IMIX, Cisco, ...): We would like
116 to see an interactive txf generator, so that a set of supported protocols
117 can be used to generate full packets in byte format. For instance,
118 protocols such as VLAN, MPLS, BPDU, IGMP, DNS, ARP, ICMP, HTTP, SIP,
119 IPv4 / IPv6, UDP, TCP. The Cisco-like libcli can be used for the UI.
120 It should be triggered by 'trafgen --generate' and write a txf file in the
121 end. Maybe there's something to reuse from the Mausezahn traffic generator
122 (http://www.perihel.at/sec/mz/)? (http://code.google.com/p/libcli/)
123 - Tool: trafgen
124 - Required skills: C, Protocols
125 - Difficulty: Hard
128 - PCAP-ng support: The PCAP-ng format is the next-generation of PCAP as
129 described in (http://wiki.wireshark.org/Development/PcapNg). We would like
130 to support both, the old PCAP and the new PCAP-ng format. Hence, we're
131 looking for PCAP-ng support in netsniff-ng. Design and implement it
132 appropriately, so that both formats can be used and that the source code
133 stays clear and doesn't introduce artificial software layers that can
134 cause a performance bottleneck.
135 - Tool: netsniff-ng
136 - Required skills: C
137 - Difficulty: Hard
140 - Better obfuscation method of curvetun's protocol to make it hard for DPIs
141 to detect curvetun: Right now, curvetun might be quite hard to detect, but
142 with a little effort, it is still possible for DPIs. Find a way to obfuscate
143 the protocol, so that _either_ it is not distinguishable from random byte
144 garbage _or_ find possible ways to use steganography, thus the encrypted
145 payload stream is hidden in real-world traffic.
146 - Tool: curvetun
147 - Required skills: C
148 - Difficulty: Very Hard
151 - Perform a security review of curvetun: The implementation of curvetun is
152 a proof-of-concept and the origin for the implementation was out of interest.
153 Since this tool is useful for real-world deployment, we need security reviews
154 to make sure that the deployment would be appropriate. Hence, this project
155 concentrates on code reviews and improvement regaring security of curvetun.
156 - Tool: curvetun
157 - Required skills: C, Crypto
158 - Difficulty: Very Hard
161 - Design and implement a high-level packet filtering language that compiles
162 to bpf code: Right now, filters for netsniff-ng needs to be implemented
163 with our bpfc compiler (language: http://netsniff-ng.org/bpf.pdf), or
164 generated with ``tcpdump -dd <filter>''. We would like a higher level
165 filter description language that transforms the resulting filter into
166 the bpf language that can be translated by our bpfc compiler.
167 - Tool: either inclusion in bpfc or a new one
168 - Required skills: Haskell or C
169 - Difficulty: Very Hard