weblog

list of entries

"free" as in "actually free"

hfnj.es/t/ URL shortener

guestbook

some of my favorite sites

quantification of bitstring randomess

specialized POST account retrieval system

the parse interpreted algorithm language

recent updates

telnet server with sockets and multithreading

tor hidden service

working with brainfuck

[view all entries]

telnet server with sockets and multithreading

Telnet, a text-oriented network protocol, offers many opportunities for learning to program and operate sockets (see RFC 854 for specifications about the Telnet protocol).

This project was created with the intention of better understanding sockets and the Telnet protocol itself. It also offers a way to create a honeypot system for bot detection and logging. Socket-based programming also offers many opportunities to practice developing multithread programs wherein threads could theoretically comprise individual client connections, allowing for the development of a multiuser communication system.

A Telnet server program was created that incorporates both of these concepts, the use of sockets and multithreading. It was created for the purpose of education of these concepts as well as the education of the Python language itself.

The program accepts clients from the main thread and creates a new thread for each connection that is established. A socket is created as the object for each client thread.

Human users—and often robots—are able to connect and type in commands. Many robots have attempted to log in and run shell commands—although there is no login required, and most of the shell commands robots attempt have not been implemented.

Robots, as part of a botnet, will connect and run commands such as root or sh to attempt to log in as root and execute the shell respectively. In order to reduce botnet traffic, I have implemented an automatic IP address ban whenever a suspected robot enters one of these commands.

Although this currently offers few user abilities and little resemblance to a real command-line, this could easily be expanded and modified to more effectively simulate an unprotected shell server. Most work on this project has been placed on the fundamental interface, specifically in the handling of characters sent to the server and the appropriate response to be made, such as a backspace sequence or a previously entered command.

Much more work will have to be made to develop a directory system, but active users can be viewed and could be allowed to interact with a little more development.

www.000webhost.com