QueSO determines a remote OS by sending simple TCP packets and analysing

the result.
svn path=/head/; revision=14169
1998-10-24 23:31:27 +00:00 · 1998-10-24 23:31:27 +00:00 · 0d9972514b · 2021-03-31 03:12:20 +00:00
commit 0d9972514b
parent 70364f181b
7 changed files with 164 additions and 0 deletions
--- a/net/queso/Makefile
+++ b/net/queso/Makefile
@ -0,0 +1,37 @@
+# ex:ts=8
+# Ports collection makefile for:  Queso
+# Version required:		  980922
+# Date created:			  13 Oct 1998
+# Whom:				  Wu Ching-hong <woju@freebsd.ee.ntu.edu.tw>
+# 				  and David O'Brien (obrien@NUXI.com)
+#
+# $Id: Makefile,v 1.2 1997/01/25 18:08:40 obrien Exp $
+#
+
+DISTNAME=	queso-980922
+CATEGORIES=	net security
+MASTER_SITES=	ftp://apostols.org/AposTools/snapshots/  \
+		ftp://ftp.ee.lbl.gov/  \
+		ftp://freebsd.ntu.edu.tw/freebsd/_distfiles/
+DISTFILES=	queso-980922.tar.gz
+
+MAINTAINER=	woju@freebsd.ee.ntu.edu.tw
+
+OSVERSION!=	sysctl -n kern.osreldate
+GNU_CONFIGURE=  yes
+
+.if ${OSVERSION} < 300004
+DISTFILES+=	libpcap-0.4.tar.Z
+post-patch:
+	@cd ${WRKSRC}/../libpcap-0.4/; ./configure; make
+.endif
+
+post-install:
+	#${INSTALL_PROGRAM} ${WRKSRC}/queso ${PREFIX}/sbin
+	#${INSTALL_DATA} ${WRKSRC}/queso.conf ${PREFIX}/etc
+.if !defined(NOPORTDOCS)
+	@${MKDIR} ${PREFIX}/share/doc/queso
+	${INSTALL_DATA} ${WRKSRC}/Documentation.txt ${PREFIX}/share/doc/queso
+.endif
+
+.include <bsd.port.mk>
--- a/net/queso/distinfo
+++ b/net/queso/distinfo
@ -0,0 +1,2 @@
+MD5 (queso-980922.tar.gz) = bb679333867765de866d89d3fcba8a20
+MD5 (libpcap-0.4.tar.Z) = 3e0025a24218d327b152075c70a578e9
--- a/net/queso/files/patch-01
+++ b/net/queso/files/patch-01
@ -0,0 +1,81 @@
+--- tcpip.c.orig	Tue Sep 22 13:35:43 1998
+++ tcpip.c	Sat Oct 24 11:46:58 1998
+@@ -25,6 +25,12 @@
+ #include <stdarg.h>
+ #include <net/if.h>
+ 
+#if defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__NetBSD__) || defined(__bsdi__)
+#include <err.h>
+#include <errno.h>
+#include <sysexits.h>
+#endif
+
+ #include "tcpip.h"
+ 
+ /*-- LINUX routilng TABLES */
+@@ -333,7 +339,64 @@
+         }
+     }
+ 
+-#else /* !LINUX ---------------------------------------------- OTHER --*/
+/*------------------------------- FreeBSD / OpenBSD / NetBSD / BSDI --*/
+#elif defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__NetBSD__) || defined(__bsdi__)
+/* 
+        FreeBSD Ref: /usr/share/examples/find_interface/ 
+*/
+        struct sockaddr_in local, remote;
+        int s, rv, namelen;
+
+        remote.sin_addr.s_addr = dest;
+        remote.sin_port = htons(60000);
+        remote.sin_family = AF_INET;
+        remote.sin_len = sizeof remote;
+
+        local.sin_addr.s_addr = htonl(INADDR_ANY);
+        local.sin_port = htons(60000);
+        local.sin_family = AF_INET;
+        local.sin_len = sizeof local;
+
+        s = socket(PF_INET, SOCK_DGRAM, 0);
+        if (s < 0)
+          err(EX_OSERR, "socket");
+
+        do 
+	  {
+            rv = bind(s, (struct sockaddr *)&local, sizeof local);
+            local.sin_port = htons(ntohs(local.sin_port) + 1);
+          } while(rv < 0 && errno == EADDRINUSE);
+
+        if (rv < 0)
+          err(EX_OSERR, "bind");
+
+        do
+	  {
+            rv = connect(s, (struct sockaddr *)&remote, sizeof remote);
+            remote.sin_port = htons(ntohs(remote.sin_port) + 1);
+          } while(rv < 0 && errno == EADDRINUSE);
+
+        if (rv < 0)
+          err(EX_OSERR, "bind");
+
+        do
+	  {
+            rv = connect(s, (struct sockaddr *)&remote, sizeof remote);
+            remote.sin_port = htons(ntohs(remote.sin_port) + 1);
+          } while(rv < 0 && errno == EADDRINUSE);
+
+        if (rv < 0)
+          err(EX_OSERR, "connect");
+
+        namelen = sizeof local;
+        rv = getsockname(s, (struct sockaddr *)&local, &namelen);
+
+        if (rv < 0)
+          err(EX_OSERR, "getsockname");
+
+	return local.sin_addr;
+
+#else /* !LINUX && !BSD ---------------------------------- OTHER --*/
+   struct sockaddr_in sin; 
+   char myname[80];
+   
--- a/net/queso/files/patch-02
+++ b/net/queso/files/patch-02
@ -0,0 +1,19 @@
+--- configure.orig	Tue Sep 22 13:42:29 1998
+++ configure	Sat Oct 24 11:56:57 1998
+@@ -1110,6 +1110,16 @@
+             ;;
+        esac
+        ;;
+FreeBSD)
+       PCAP=1
+       case "`uname -m`" in
+       i386)
+            unset NEEDS_HTONS_IP_LEN
+            ;;
+       alpha)
+            ;;
+       esac
+       ;;
+     *)
+        PCAP=1
+        ;;
--- a/net/queso/pkg-comment
+++ b/net/queso/pkg-comment
@ -0,0 +1 @@
+Determine the remote OS using simple tcp packets
--- a/net/queso/pkg-descr
+++ b/net/queso/pkg-descr
@ -0,0 +1,21 @@
+QueSO homepage -- http://www.apostols.org/projectz/queso/
+
+How we can determine the remote OS using simple tcp packets?  Well,
+it's easy, they're packets that don't make any sense, so the RFCs
+don't clearly state what to answer in these kind of situations.
+Facing this ambiguous, each TCP/IP stack takes a different approach
+to the problem, and this way, we get a different response.  In some
+cases (like Linux, to name one) some programming mistakes make the OS
+detectable.
+
+QueSO sends:
+
+        0 SYN           * THIS IS VALID, used to verify LISTEN
+        1 SYN+ACK       
+        2 FIN
+        3 FIN+ACK
+        4 SYN+FIN
+        5 PSH
+        6 SYN+XXX+YYY   * XXX & YYY are unused TCP flags
+
+All packets have a random seq_num and a 0x0 ack_num.
--- a/net/queso/pkg-plist
+++ b/net/queso/pkg-plist
@ -0,0 +1,3 @@
+sbin/queso
+etc/queso.conf
+share/doc/queso/Documentation.txt
				`@ -0,0 +1 @@`
				`Determine the remote OS using simple tcp packets`