Skip to content
/ ABS Public

Non-intrusive access monitoring from attribute based signatures

7 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Mamietti/ABS

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
ABSClient.py
ABSClient.py
 
 
ABSSentinel.py
ABSSentinel.py
 
 
ABSSetup.py
ABSSetup.py
 
 
MathABS.py
MathABS.py
 
 
README.md
README.md
 
 

Repository files navigation

ABS

Non-intrusive access monitoring scenario using attribute based signatures.

Requirements

  • Python 3.6 (verified to work) or possibly newer (untested) with the included base libraries
  • Libraries charm-crypto, netfilterqueue and scapy and their respective requirements

Usage

  1. Configure addons by editing ABSSetup.py (JSON support may come later)
  2. Run $ sudo iptables -A OUTPUT -p tcp -j NFQUEUE to send packets to the NFQUEUE handler.
  3. Start the server process via $ sudo python3.6 ABSSentinel.py which gives you the port number (host is the IP of the machine running it).
  4. Start the client process as $ sudo python3.6 ABSClient.py serverhost serverport networkalias where:
  • serverhost and serverport are self-explanatory.
  • networkalias is the IP address representing the client in the packets sent to/from the client. This is for enabling NAT support.
  1. When finished, stop the processes via Ctrl-C and run $ sudo iptables -D OUTPUT -p tcp -j NFQUEUE to stop the packet handler

About

Non-intrusive access monitoring from attribute based signatures

Resources

Readme
Activity

Stars

7 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages