Snoopy – a basic packet sniffer for Windows

(this is a guest post by Tenox)

A few days ago I wrote a basic packet sniffer / analyzer for Windows for fun. I was working with raw sockets for another application and out of curiosity winged a small packet sniffer in just 200 lines of code. I actually used it already several times to resolve some firewall port blocking issues, instead of spinning up Wireshark, so I decided to release it to public.

The good:

  • Portable, a single, tiny exe
  • Easy to use
  • Doesn’t install any driver like libpcap
  • Extensible, just 200 lines of simple code

The bad:

  • It’s very basic and doesn’t allow anything outside of simple unicast TCP, UDP and ICMP, most importantly layer 2, broadcasts, multicasts, etc are out of question
  • Currently it doesn’t directly support filtering, however you can just pipe it to findstr to filter for anything you want

Raw socket limitations are possibly the biggest issue, but if you just want to find out simple stuff like traffic going to a given port or ip address it’s a perfect little handy dandy tool to carry around.

To use snoopy you specific IP address of the interface on which you want to listen:

snoopy1There also is a verbose mode which shows some more detailed protocol information:

snoopy2Today I decode ICMP message types, TCP flags, sequence, ack and window numbers and DSCP, ECN, TTL and Dont Fragment flags for IP. I’m thinking of embedding /etc/protocols and /etc/services in a .h file to resolve them on the fly.

Bug reports and suggestions most welcome!

Available here: http://www.tenox.net/out#snoopy

 

OpenNT – Windows NT 4.5

(This is a guest post from Tenox)

Just stumbled across this: someone has forked Windows NT 4.0 and created an open source version of it. But wait, forked what? Windows source code doesn’t live on Github. Is it ReactOS? No! Upon some digging, it was apparently born from the leaked source code of NT4.0, some W2K bits and 2003 WRK.

Enter NT version 4.5:

NT45Test-2015-04-27-18-20-37More screenshots here: http://www.opennt.net/projects/opennt/wiki/Screenshots

The main project site: http://www.opennt.net/

Looking at activity the project seems to be alive and well. There is some background information and discussion going on BetaArchive for those interested.

I wonder what Microsoft has to say about this 🙂

NVIDIA GRID – GPU Virtualization under Windows

(this is a guest post by Tenox)

I spent a day evaluating NVIDIA GRID K1 card, which is a GPU for high end, graphics intensive desktop virtualization (VDI) deployments. Otherwise called vGPU. What does it actually mean?

gridk1As you can see on the stock photo, the card doesn’t have VGA, HDMI, DVI, DP or any video output port what so ever. The output happens purely through Remote Desktop Protocol (RDP) extension called RemoteFX. On VMware and Citrix it works little bit different but I will be covering Windows / Hyper-v installation only.

The GRID K1 is somewhat similar to Quadro card so the driver is not your usual GeForce package, but the experience is quite similar nevertheless. Upon installation you see 4 different physical GPUs in Device manager:

grid1This works similarly to having multiple CPU cores that show up as separate processors in the OS. Here is a first fun fact: you can’t actually use any of these directly, as they simply have no output port and can’t display any graphics… Instead, you have to use Hyper-v with RemoteFX extension:

grid2Then for each guest machine, you add a RemoteFX graphics card as hardware:

grid3In order to use RemoteFX you need to Remote Desktop (RDP) to the guest machine. The protocol is fortunately available since version 7.1 so even Windows 7 can use it. However only Enterprise editions of Windows support it.

Inside the guest VM you see a virtual RemoteFX Display Adapter in the Device Manager:

grid4And as you can see Direct3D is available and enabled. Note that this is over RDP to a VM! The VM’s console curiously displays following message:

grid5Hard to show on static screenshots, but I have to say that RemoteFX user experience is noticeably better compared to a regular RDP. Everything works smoother and faster, scrolling pages, moving windows is a snap. You can play videos / YouTube, etc. But I was more interested in real use case which are high end 3D applications. So I proceeded to install Steam…

remotefx2Yes! this is GTA V running over Remote Desktop in a VM!

remotefx3The frame rate sucks quite considerably, even in safe mode, but it was playable and quite responsive (no lag). I actually spent couple of hours going through it and except for low FPS had no issues.

I also spun up this Wyse Thin Client terminal:

20151111_215651146_iOSdisconnected my RDP session and reconnected from the terminal… poof the game was still going:

20151111_232610662_iOSI even got sound out of the little thing.

I suspect that the low FPS is rather to do with small GPU horse power and vRAM assigned rather that with remote viewing or NVIDIA itself. Unfortunately in Hyper-v it’s impossible to control or fine tune assignment of GPU resources to a particular VM beyond simple on/off switch. The K1 card supports 32 users, so I was only getting 1/32th power and RAM. Perhaps I could have spawned 32 VMs with GTA. Or Call Of Duty multiplayer….

In ending notes I have to conclude that this is a rather interesting technology. According to NVIDIA, Cloud is future of Gaming. In fact they already have cloud game streaming service:

http://shield.nvidia.com/game-streaming-with-geforce-now

Beware of campers who now will be able to disconnect from online games for months at a time.

 

QNX Updates

(this is a guest post by Tenox)

A few interesting things have happened in QNX area in a last month or so.

First of all, there is a QNX BSP for Raspberry PI:

qnxrpiIt’s an early developer release, not fully complete, but it does boot and work. It adds an interesting os beside RISC OS and Plan9 to the Pi family. The BSP is available from SHC Products. They have a binary and source code version.

Secondly, in the archaeology department, this has surfaced:

qnx12bootqnx12c

But even more interestingly I’ve found a beta / preliminary release v0.4 of QNX:

qunixCan’t wait to get the disk images 🙂

 

You can run VxWorks too!

(this is a guest post from Tenox)

VxWorks is an embedded operating system that typically runs on things like Mars probes, Boeing 787 or Apache helicopters, but today you can run it too! WindRiver has an evaluation target that you can run on an Intel CPU, meaning you can spin it up on your favorite hypervisor at home.

Go to this page: http://www.windriver.com/evaluations/bsp/ register, download the two ZIP files and follow the instructions.

VxWorks running on VMwareVxWorks comes with two shell modes C and admin. In C shell you execute C code and you can write simple programs or even patch existing running code like they did on Mars Pathfinder. This is the default one with -> prompt. You can enter to admin shell by typing “cmd”. If you are familiar with KSH “vi” mode you can use it for history and editing command line.

The evaluation target is very basic and limited. If you want to do and learn more stuff, you need to download evaluation of VxWorks Platform and spin up the VxWorks Simulator, or build your own target. This is a picture of a slightly older version running on Windows:

vxworks-emulatorThe operating system was also recently featured in Forbes

 

A/UX Documentation Update

(this is a guest post from Tenox)

I have recently received a large box with Apple Unix 3.0 documentation. Scanned and published here: http://www.tenox.net/docs/

The latest additions are these documents:

  • Apple A/UX 3.0 Essentials
  • Apple A/UX 3.0 Installation Guide
  • Apple A/UX 3.0 MacX User Guide
  • Apple A/UX 3.0 Networking Essentials
  • Apple A/UX 3.0 Programming Languages and Tools Vol 1
  • Apple A/UX 3.0 Programming Languages and Tools Vol 2
  • Apple A/UX 3.0 Roadmap to A/UX
  • Apple A/UX 3.0 Setting up Accounts and Peripherals for A/UX
  • Apple A/UX 3.0 Toolbox: Mac ROM Interface
  • Apple A/UX 3.0 X11 User’s Guide for A/UX

 

To my knowledge only 2.0 version of these were floating around.

This should go nicely with the latest release of Shoebill Emulator.

WYSE Unix Virtualized

(this is a guest post from Tenox)

wyseunix

WYSE Unix Virtualization Challenge has been officially won by Mihai Gaitos of hawk.ro. He received $100 prize via PayPal. Congratulations!

WYSE Unix has now been virtualized and can run in Qemu via Curses mode, or modified Bochs due to character map issues and vanilla VirtualBox!

wyse_on_bochswyse_on_vboxMihai has posted some gory details of the installation challenges on his website.

Ready to run image with modified Bochs binary for Linux is available here.
VirtualBox OVA file available here.

For hard core fanatics, the system comes with SLIP/slattach so you should be able to network it much like Dell Unix.

Special thanks to:
Andrew Gong for finding a tape image on eBay
Al Kossow of bitsavers.org for recovering the tape image
Michal Necasek for patching up the original floppy disk image

 

Virtualization Challenge Part II – WYSE Unix

(this is a guest post from Tenox)

The second virtualization contest is now on! Similar to the previous one, the winner receives $100 via Paypal and the submission is posted on this blog! Hopefully this one will be little bit more challenging. 🙂

The subject is the rarest of the rare WYSE Unix!

The progress so far: A few years ago I came in to possession of a set of floppy disks pictured here:

Wyse UnixThanks to Al Kossow from bitsavers.org the floppy disk content has been recovered. Michal Necasek of OS/2 museum successfully converted them in to an usable format and made some modifications to get them to boot on VirtualBox:

Wyse Unix in VirtualBoxCouple of years later, thanks to Andrew Gong, a WYSE Unix tape has been found on eBay:

wyseunixMore recently Al Kossow was able to read the tape in to an image, which now I have uploaded to my web server: wyseunix321a.zip

The next step is yours! Install the whole system on to a hypervisor of your choice, document the process and supply a vanilla boot image or VM.

The winner shall be the person who will first post a comment declaring success including a screenshot and can further prove it by emailing emailing me the submission shortly after. If the comment gets blocked by spam filter, don’t worry the original submission time will of course count. Oh and almost forgot: I also need aclock binary for it, however if there is no compiler and the standard SysV binary works fine, you are exempt from the requirement.

The catch? Looks like floppy disk trouble. The boot disk is fine after it has been fixed up by Michal. The Base floppy looks like has same content as boot. Copy Tools is very small. Looks like it may be truncated. Hopefully not, but if yes I count on your creativity. Remember that Dell Unix is an exactly save release of SystemV/386 and did not have or needed copy tools to install.

Good Luck!

Update: Looks like the contest has been won by Mihai! Congratulations!

VenturComm Venix/86 on PCem

(this is a guest post by Tenox)

This is a step by step guide on how to install Venix/86 on PCem, by runner up of Venix/86 Virtualization Challenge – Mihai Gaitos of hawk.ro. Thanks for a great work!

Rebuilding Venix for PCEM:

First, in order to avoid problems with weird HDD parameters I chose a reasonable hdd geometry – 512 cylinders, 8 heads, 17 sectors (most drives back then had 17 sectors).

HDD geometry:
pcemven1

BIOS Autodetect:
pcemven2(answer “Y” here)

The obvious approach of Booting the XFER.IMG and then switching to BACKUPn.IMG doesn’t work, failing with “Soft error”:
pcemven3 Continue reading