Rui Paulo’s blog

YAFB! Yet Another FreeBSD Blog

Initial SoC work

with 2 comments

I’ve been busy with college assignments, but I’ve been doing some SoC work on my spare time. tcpad is my SoC project for this year and it’s basically a pcap-based TCP session anomaly detector. The basic principle is that, whenever something “strange” happens with a TCP connection, we will dump a pcap file containing the most important packets (TCP FSM transitions and the last 100 packets that arrived prior to the problem).
The current version of tcpad can track only the 3WHS, yet, but more code is to be written as college assignments are all done now.

Written by Rui Paulo

May 14th, 2008 at 9:47 pm

Posted in Summer of Code

Tagged with

« First entry
TCP projects »

2 Responses to 'Initial SoC work'

Subscribe to comments with RSS or TrackBack to 'Initial SoC work'.

  1. Hey Rui,

    Is tcpad available to public? I can’t find the link to the project. Thanks.

    C.S.Lee

    15 May 08 at 4:24 am

  2. C. S. Lee., tcpad is being developed on the FreeBSD Perforce repository:
    The path is //depot/projects/soc2008/rpaulo-tcpad/

    See:
    http://p4web.freebsd.org/@md=d&cd=//&c=Whu@//depot/projects/soc2008/rpaulo-tcpad/?ac=83

    Unfortunately, the p4 repo is not publicly available. You can follow the development via web or I’m planning to create some tarballs for public consumption.

    Thanks,
    Rui

    rpaulo

    15 May 08 at 9:03 am

Leave a Reply