February 16th, 2010
It occurs to me that I’ve never actually talked about my dissertation software project which in September I completed for my Masters degree in Computer Security.
First a little background information. There exists a program called Nmap which primarily functions as a network mapper and security scanner, it is able to scan ports and help administrators determine possible holes in their system. It is popular and in some ways is the de facto standard to use for analysing network security nowadays.
An auxiliary feature of this program is the ability for it to send around a dozen carefully crafted probe packets to a remote host, analyse the responses (if any), then match these responses to a database to determine the operating system used and by extension the hardware in some cases. These specific responses are called a fingerprint. This analysis technique is called operating system fingerprinting and the methods used are detailed here. All sorts of tests are performed, from simple ones such as whether the host responds, checking certain fields are filled with the correct data etc, to more complex ones such as analysing the randomness of sequence values.
The aim of my project was to determine how much these results can be skewed to our advantage. The motivation for this is to prevent any system information from being revealed to a malicious user and thereby allowing them to use a system-specific exploit against us, such as the recently discovered method of remotely BSODing a Windows Vista/7 machine (which has thankfully been patched now).
To defend against this two separate programs were created. The first was a user-level program written in C# whose job it was to parse the Nmap fingerprint database to create a list of usable fingerprints. This information is displayed in a GUI and when one is selected it is processed and stored as registry values for use by the second program.
The second program works at the kernel-level as a driver written in C. It uses the Windows Filtering Platform API, this allows it to analyse incoming packets for probe packets, drop them then construct raw outgoing packets as responses. It drops the incoming packets to prevent Windows itself or any applications from replying and influencing the results. Raw packets (i.e. packets which we have complete control over) can’t ordinarily be constructed from within Windows, but kernel-level programs receive special privileges in that regard.
This solution enabled standard communication to still occur between the computer and outside networks as only detected probe packets would be dropped, though there is always the possibility that a regular packet would be incorrectly identified as a probe packet this is unlikely as there is usually no payload data in probe packets.
I’ll leave it there for now as this post has gotten a bit long. I’ll talk about it more soon.
Posted in MSc | No Comments »
February 13th, 2010
I’ve Just updated the website from 2.8.4 to 2.9.1 and updated all the plug-ins too. I also updated the contact page with some links to public profiles.
People have been poking me to update this website more regularly so I’m trying to think of things to write about. Projects have kind of gone on hold again since I’ve moved and started work, will hopefully get on with some soon. In the meantime I’m considering just writing about some general programming tips/tricks/oddities I’ve come across.
In light of that here’s a random code snippet I read recently. Also I want to test this new formatting plug-in I installed. 
1
2
3
4
5
6
7
8
9
10
| #include <stdio.h>
int main()
{
int x = 10;
while( x-->0 ) // x goes to 0
{
printf("%d ", x);
}
} |
Output: 9 8 7 6 5 4 3 2 1 0
It’s a little neat way of using “-->” as a “go down to” operator. In reality it’s not a single operator obviously, it’s just syntactically equivalent to ((x--) > 0). Pretty nice all the same though. 
Anyway that’s all for now. Will try to think of something else (possibly less random) to post soon.
Posted in Programming, Website | No Comments »
October 15th, 2009
The (more-or-less) final design is up! There may be some small changes with positioning, sizes and fonts of elements to differentiate it more from the default wordpress theme but generally I’m quite happy with it as it is.
Incidentally I think Inkscape is a great rool for coming up with website designs. Check it out!
Posted in Website | 2 Comments »
October 9th, 2009
Wow, been a long time since the last update. Sorry! A quick update: Finished uni and got a job offer. There, now you’re up to speed. (whoever you are…)
Anyway I’m going to be writing a new theme and revamping the site a bit while I’ve got some free time before the new job starts.
Watch this space.
Posted in General, Website | No Comments »
March 1st, 2009
I’ve been very busy recently. These last two weeks have been chock-full of essay writing and job applications/interviews, I just have one essay left for Network Security on 4th March though so will hopefully have a bit of time to do work on my own projects after that.
Till then…
*Goes off to research ways to prevent phishing attacks*
Posted in General, University | No Comments »
February 14th, 2009
Note to self: From now on do not use the automatic update feature of WordPress.
Doing this broke my theme and thus my site, as it decided to overwrite it with the default one. My custom theme was a heavily modified version of the default and I never bothered making a new directory for it so I guess it was entirely my fault. All the background code and design changes I had made meant that the “updated” theme files broke the layout entirely and resulted in some sort of strange love-child between this site and the default WordPress theme. Luckily the nice people at my webhost company had an automatic backup from two days ago so they found my theme and gave it back to me. Thank you Register1! *kisses*
To be honest I’ve been thinking about changing my theme for a while now anyway, there are a few design problems with it. I’ve tried tweaking it a lot to make it so the text is more readable on a blueish background but I can never get a high contrast without changing the font colour to white, which I am not going to do. I’m thinking of incorporating more design elements from my “Vote Campaign” design that I made a while back (it’s on my projects page) seeing as he never actually used it in the end. Specifically I want to change the colour scheme so the main text is on a white background, though more changes may be included. Only problem is that I should probably remove the “Vote Campaign” design from my portfolio if I make it too similar to this site!
Anyway, we’ll see what happens. I’ll likely just work in the background on the next design until I’m happy enough with it to take the plunge and change over. This one works for now and I don’t exactly want to break anything.
Anything more that is.
-Thomas
Posted in Website | No Comments »
February 9th, 2009
It’s been a while since the last update, and unfortunately it’s likely to be a little while till the next one due to upcoming university coursework. I’ll still try to spend a couple of hours every few nights on this though if I can.
Anyway onto the update. Firstly I’ve fiddled about with the atmospheric settings to add a bit of a more “blinding” effect from looking at the sun, though I feel it might be overdone for when you’re not looking at the camera. Maybe something to add would be a modifier that increases based on how central the sun is to the screen.
Secondly I’ve added some planetary objects to the previously empty sky. There is now a sun which orbits the sky during the day and stars which become visible at night. Pictures below!
From inside the dome - Click to enlarge images
From outside the dome – Click to enlarge images
I have also been working on other parts of the engine. I added a modified version of my camera from “Blocks” with the physics interactions stripped out. I have also been learning how to use vertex/fragment shaders, I planned on converting the sky calculations to the graphics card but I may save that for another time now. In the more immediate future I plan on using shaders to add dynamic shadowing to the terrain, possibly using the shadow-mapping technique.
Posted in Graphics technology demo | No Comments »
February 1st, 2009
I’ve almost finished implementing the base for the sky, using the SkyDome technique. Instead of a skymap or a colour table I decided to use a simulation of how light actually scatters in our own atmosphere for a (hopefully) more realistic approach. This means that I also have a day/night cycle, albeit currently it takes a total of one minute to complete the cycle as opposed to 24 hours! Screenshots below.
Wireframe of the SkyDome
The sunrise (NB: the actual sun itself isn’t drawn yet)
I also had a few rather interesting glitches while implementing this. When I tried to first display it I put every colour value of the SkyDome’s vertices to red (um.. because it’s the standard sky colour…? Don’t ask me why!). However I made my colours were stored as RGBA and I was accidentally making the colour pointer read the values as RGB, this resulted in alternating between full red/green/blue colours due to incorrect offsets.
Glitch – Rainbow sky?
Not very realistic but interesting as far as glitches go!
My next steps with this sky will be to make it a bit more realistic, there are no planetary objects currently (sun, stars etc) so that would probably be a good next step. Clouds might be added too.
Posted in Graphics technology demo | No Comments »
January 29th, 2009
I’ve started a new project. I’ve decided to make something of a graphical tech demo, partly for you lovely potential employers out there but mainly because I simply want to expand my knowledge on the graphic side of things. I learnt a significant amount from my final year project “Blocks”, such as VBOs, multi-texturing, projective texturing (initially for a prototype flashlight but taken out as there was no need for it in the game), resource management etc. But while these are all important, they’re not very flashy. That’s where this project comes in.
I’m going to make a demo that displays a multitude of graphical techniques through an outdoor scene. Currently I have random terrain generation and rendering going on, I’m going to build on top of this. The goal is to add water rendering, skydomes, maybe atmospheric scattering, weather, foliage, HDR, and whatever other ideas may crop up down the line.
Latest screen:
Posted in Graphics technology demo | No Comments »
January 21st, 2009
I was scouring through my hard drive when I noticed some work that I completed around this time last year.
VRML Air Hockey
It’s an Air Hockey game made in VRML (that’s Virtual Reality Modelling Language), this was done for a third year university module called “Virtual Reality”. I really like this work for some reason, I think its partly because I actually had a bit of fun making it trying to adapt game programming concepts to an unfamiliar language with pretty different design methodologies to the norm.
Its a single player game with the other player controlled by a pretty capable CPU. Almost no logic such as collision detection, physics, scoring or AI is built-in to VRML so I had to implement all that myself. Same with the more complex models, textures (except the wooden floor, which I found online) and sounds.
Would I recommend VRML? Not for anything that you would want the mass public to see, even if you don’t intend on selling it commercially. Almost nobody has the required plugin installed, and even if they do different plugin implementations seem to have different results. Having said that it is good in certain aspects as it is relatively easy to make quick and dirty prototypes with it, and the learning experience doesn’t hurt either. I have heard that X3D has superseded VRML now though so you may want to look into that instead anyway.
I think I may upload this to my projects portfolio section later.
Posted in VRML Air Hockey | No Comments »
An auxiliary feature of this program is the ability for it to send around a dozen carefully crafted probe packets to a remote host, analyse the responses (if any), then match these responses to a database to determine the operating system used and by extension the hardware in some cases. These specific responses are called a fingerprint. This analysis technique is called operating system fingerprinting and the methods used are detailed here. All sorts of tests are performed, from simple ones such as whether the host responds, checking certain fields are filled with the correct data etc, to more complex ones such as analysing the randomness of sequence values.
