Internet EventServer Copyright 2002 (c) Ron Bessems Description: This is the replacement for the old TCPIP server. Features: * passwords are sent encrypted over the network * sniffing connection is useless as the encryption cookie changes every time * abuse protection * subnet matching * MAC address matching * hostname matching * all host allow Configuration of the server: - Open the settings dialog - Go to the hardware tab - Select the Internet Eventserver - If the Internet Evenserver isn't checked, check it now, and press apply. - If needed reselect the Internet Eventserver - Press settings Now the settings dialog of the eventserver is open. If this computer is connected to the internet we first want to deselect "Allow All" and only allow certain trusted hosts. See below the part about "Allowed Hosts" Now we want to set the Password and the port number, be sure to choose something different from the default :-) If you don't care about the abuse protection or are experimenting you can turn it off. What the abuse protection does is it prevent hosts that are guessing the password from doing this fast. If the hosts that just tried a incorrect password connects again within 5 seconds it will get no special error it will look as if the password it gave was incorrect. If it keeps trying the time before the next allowed login grows linear with the number of tries. This prevents people from brute force guessing the password that you use on your server. Configuration: Allowed Hosts In the hostname box you can type the name of the host that you want to allow. The program expects the following convention: * Match single IP address : #.#.#.# For example 131.155.1.1 * Match range of IP addresses: #.#.#.#/# The first 4 number are as always the IP address number, the last is the subnet mask, this can be 0,8,16,24 or 32. It signifies what part of the hostname should be compared to the incoming connection for example: You want to allow you whole local network to access the server, you local network has ip address in the range 131.155.#.# so you'd type 131.155.0.0/16, now every ip that begins with 131.155 will match. If you have a subnet that has 131.155.224.# as the range you'd type 131.155.224.0/24. Taking this all the way if you only want to allow 1 host you could type 131.155.224.29/32. This is the same as leaving the /32 out. Now if you want to allow the whole internet to share in the fun, you'd type 0.0.0.0/0 Needless to say this is not recomended. * Match Hostname To match a single hostname type /, the slash in front is very important, the program detects this and applies the correct matching routines. For example you want to allow girder.nl access, now you would type /girder.nl * Match MAC address. The MAC address is the hardware address of the network card. Windows keeps a list of these in its cache, however it does not see them from all over the internet, so this will only work on your local network, before the router kicks in. You can check if the MAC address is in the hostcache by typing "arp -a". If the number isn't in there too bad the matching won't work. #:#:#:#:#:# where the # are hexadecimal numbers. You can find the MAC address of your network card through winipcfg (win9x) or ipconfig -all ( win2k). Configuration of the Girder Client First make sure that the Internet Event Server client is enabled in the settings dialog and that the Internet Server is configured properly and enabled. - Open the settings window - Go to the action plugin tab - Check the Internet Server Client - Press apply. Now add a command, select this and go to the plugin tab. Select the Internet Event client and press settings. A dialog will popup prompting you for the hostname, port, password and eventstring. Carefully fill these in. With this client you can connect to a Girder Internet Event server on a different computer, thus controlling Girder from a different computer. Configuration of the console client Well there isn't much to configure just open a dos box and type "ieventc " of course replace the stuff with the real values Configuration of the php client Just upload and use it, it is meant as an example, you can take the function "SendEventString" out of this php file and use it in your own projects. Description of the Protocol The protocol for the Internet Event server was designed with security in mind. As such I took a good look at the APOP protocol and based the protocol on this. This is how it works: * The client connects to the server * The client sends "quintessence\n" to wake the server up. the reason for this is to prevent portscanning from finding out that this is a Girder internet event server easily. * The server will respond with a cookie, this is a 4 character hexadecimal number that you will use next * With the cookie we are now going to create the encrypted response - first make a string : for example the cookie was 6c2f and the password is NewDefPWD the string would be "6c2f:NewDefPWD" (don't use the quotes) - Pass this string to a MD5 digest calculator, this gives you a string like this b1aa58f5050feb6f3643cf737088dac6 Send this to the server. * If the digest was correct the server will respond with a "accept\n" * Now you are allowed to send any string as long as it ends with a "\n". So sending "hello\n" will result in an eventstring of "hello" * To close the connection you can send "close\n" and close the connection. ( This also means that close cannot be used as an eventstring ) * If the server closes the connection it will also send "close\n" * Sending of payloads is also possible, to send a playload send this string before the actual event. "payload \n". The first payload will be pld2. You can also send multiple payloads. Simply keep sending the "payload \n" commands. ( the second payload will get name pld3 and so on. ). * prohibited eventstrings: "close","payload" Troubleshooting If the server doesn't want to load or behaves strangely and you are running Windows 95 please upgrade your winsock. http://www.microsoft.com/windows95/downloads/contents/wuadmintools/s_wunetworkingtools/w95sockets2/ If none of the events are coming in also check your firewall. Warning / Disclaimer Internet servers are inherently dangerous, there is always the possibility of abuse. Although I have been very carefull to design the protocol as safe as possible I cannot garantuee anything, so please use with care. I'm not responsible for any damage that occured because you used this plugin.