From 0d9972514bca048aeb0c88a899d352ca50351f53 Mon Sep 17 00:00:00 2001 From: "David E. O'Brien" Date: Sat, 24 Oct 1998 23:31:27 +0000 Subject: [PATCH] QueSO determines a remote OS by sending simple TCP packets and analysing the result. --- net/queso/Makefile | 37 ++++++++++++++++++ net/queso/distinfo | 2 + net/queso/files/patch-01 | 81 ++++++++++++++++++++++++++++++++++++++++ net/queso/files/patch-02 | 19 ++++++++++ net/queso/pkg-comment | 1 + net/queso/pkg-descr | 21 +++++++++++ net/queso/pkg-plist | 3 ++ 7 files changed, 164 insertions(+) create mode 100644 net/queso/Makefile create mode 100644 net/queso/distinfo create mode 100644 net/queso/files/patch-01 create mode 100644 net/queso/files/patch-02 create mode 100644 net/queso/pkg-comment create mode 100644 net/queso/pkg-descr create mode 100644 net/queso/pkg-plist diff --git a/net/queso/Makefile b/net/queso/Makefile new file mode 100644 index 000000000000..93fce753d6a2 --- /dev/null +++ b/net/queso/Makefile @@ -0,0 +1,37 @@ +# ex:ts=8 +# Ports collection makefile for: Queso +# Version required: 980922 +# Date created: 13 Oct 1998 +# Whom: Wu Ching-hong +# and David O'Brien (obrien@NUXI.com) +# +# $Id: Makefile,v 1.2 1997/01/25 18:08:40 obrien Exp $ +# + +DISTNAME= queso-980922 +CATEGORIES= net security +MASTER_SITES= ftp://apostols.org/AposTools/snapshots/ \ + ftp://ftp.ee.lbl.gov/ \ + ftp://freebsd.ntu.edu.tw/freebsd/_distfiles/ +DISTFILES= queso-980922.tar.gz + +MAINTAINER= woju@freebsd.ee.ntu.edu.tw + +OSVERSION!= sysctl -n kern.osreldate +GNU_CONFIGURE= yes + +.if ${OSVERSION} < 300004 +DISTFILES+= libpcap-0.4.tar.Z +post-patch: + @cd ${WRKSRC}/../libpcap-0.4/; ./configure; make +.endif + +post-install: + #${INSTALL_PROGRAM} ${WRKSRC}/queso ${PREFIX}/sbin + #${INSTALL_DATA} ${WRKSRC}/queso.conf ${PREFIX}/etc +.if !defined(NOPORTDOCS) + @${MKDIR} ${PREFIX}/share/doc/queso + ${INSTALL_DATA} ${WRKSRC}/Documentation.txt ${PREFIX}/share/doc/queso +.endif + +.include diff --git a/net/queso/distinfo b/net/queso/distinfo new file mode 100644 index 000000000000..8b1115d66eb2 --- /dev/null +++ b/net/queso/distinfo @@ -0,0 +1,2 @@ +MD5 (queso-980922.tar.gz) = bb679333867765de866d89d3fcba8a20 +MD5 (libpcap-0.4.tar.Z) = 3e0025a24218d327b152075c70a578e9 diff --git a/net/queso/files/patch-01 b/net/queso/files/patch-01 new file mode 100644 index 000000000000..b36efff5619f --- /dev/null +++ b/net/queso/files/patch-01 @@ -0,0 +1,81 @@ +--- tcpip.c.orig Tue Sep 22 13:35:43 1998 ++++ tcpip.c Sat Oct 24 11:46:58 1998 +@@ -25,6 +25,12 @@ + #include + #include + ++#if defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__NetBSD__) || defined(__bsdi__) ++#include ++#include ++#include ++#endif ++ + #include "tcpip.h" + + /*-- LINUX routilng TABLES */ +@@ -333,7 +339,64 @@ + } + } + +-#else /* !LINUX ---------------------------------------------- OTHER --*/ ++/*------------------------------- FreeBSD / OpenBSD / NetBSD / BSDI --*/ ++#elif defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__NetBSD__) || defined(__bsdi__) ++/* ++ FreeBSD Ref: /usr/share/examples/find_interface/ ++*/ ++ struct sockaddr_in local, remote; ++ int s, rv, namelen; ++ ++ remote.sin_addr.s_addr = dest; ++ remote.sin_port = htons(60000); ++ remote.sin_family = AF_INET; ++ remote.sin_len = sizeof remote; ++ ++ local.sin_addr.s_addr = htonl(INADDR_ANY); ++ local.sin_port = htons(60000); ++ local.sin_family = AF_INET; ++ local.sin_len = sizeof local; ++ ++ s = socket(PF_INET, SOCK_DGRAM, 0); ++ if (s < 0) ++ err(EX_OSERR, "socket"); ++ ++ do ++ { ++ rv = bind(s, (struct sockaddr *)&local, sizeof local); ++ local.sin_port = htons(ntohs(local.sin_port) + 1); ++ } while(rv < 0 && errno == EADDRINUSE); ++ ++ if (rv < 0) ++ err(EX_OSERR, "bind"); ++ ++ do ++ { ++ rv = connect(s, (struct sockaddr *)&remote, sizeof remote); ++ remote.sin_port = htons(ntohs(remote.sin_port) + 1); ++ } while(rv < 0 && errno == EADDRINUSE); ++ ++ if (rv < 0) ++ err(EX_OSERR, "bind"); ++ ++ do ++ { ++ rv = connect(s, (struct sockaddr *)&remote, sizeof remote); ++ remote.sin_port = htons(ntohs(remote.sin_port) + 1); ++ } while(rv < 0 && errno == EADDRINUSE); ++ ++ if (rv < 0) ++ err(EX_OSERR, "connect"); ++ ++ namelen = sizeof local; ++ rv = getsockname(s, (struct sockaddr *)&local, &namelen); ++ ++ if (rv < 0) ++ err(EX_OSERR, "getsockname"); ++ ++ return local.sin_addr; ++ ++#else /* !LINUX && !BSD ---------------------------------- OTHER --*/ + struct sockaddr_in sin; + char myname[80]; + diff --git a/net/queso/files/patch-02 b/net/queso/files/patch-02 new file mode 100644 index 000000000000..703293921f9d --- /dev/null +++ b/net/queso/files/patch-02 @@ -0,0 +1,19 @@ +--- configure.orig Tue Sep 22 13:42:29 1998 ++++ configure Sat Oct 24 11:56:57 1998 +@@ -1110,6 +1110,16 @@ + ;; + esac + ;; ++FreeBSD) ++ PCAP=1 ++ case "`uname -m`" in ++ i386) ++ unset NEEDS_HTONS_IP_LEN ++ ;; ++ alpha) ++ ;; ++ esac ++ ;; + *) + PCAP=1 + ;; diff --git a/net/queso/pkg-comment b/net/queso/pkg-comment new file mode 100644 index 000000000000..7558f5933700 --- /dev/null +++ b/net/queso/pkg-comment @@ -0,0 +1 @@ +Determine the remote OS using simple tcp packets diff --git a/net/queso/pkg-descr b/net/queso/pkg-descr new file mode 100644 index 000000000000..940786bb46c9 --- /dev/null +++ b/net/queso/pkg-descr @@ -0,0 +1,21 @@ +QueSO homepage -- http://www.apostols.org/projectz/queso/ + +How we can determine the remote OS using simple tcp packets? Well, +it's easy, they're packets that don't make any sense, so the RFCs +don't clearly state what to answer in these kind of situations. +Facing this ambiguous, each TCP/IP stack takes a different approach +to the problem, and this way, we get a different response. In some +cases (like Linux, to name one) some programming mistakes make the OS +detectable. + +QueSO sends: + + 0 SYN * THIS IS VALID, used to verify LISTEN + 1 SYN+ACK + 2 FIN + 3 FIN+ACK + 4 SYN+FIN + 5 PSH + 6 SYN+XXX+YYY * XXX & YYY are unused TCP flags + +All packets have a random seq_num and a 0x0 ack_num. diff --git a/net/queso/pkg-plist b/net/queso/pkg-plist new file mode 100644 index 000000000000..6d3c40796e6c --- /dev/null +++ b/net/queso/pkg-plist @@ -0,0 +1,3 @@ +sbin/queso +etc/queso.conf +share/doc/queso/Documentation.txt