I've been brushing up on my protocol knowledge these last few days and as a result have found myself staring at raw packet data for hours on end.
It then occured to me that I would really like a couple of simple tools to help me understand parts of the data... the most pressing need was for a utility that would convert a NetBIOS name (windows name) to its first level encoded equivalent (the EOGBGPCACACACACACACACA nonsense you see whenever you capture packets on a Windows network) and convert the other way around as well. I also wanted a tool that would let me type in a string of text and then see its equivalent in hex.
So after an hours coding, I came up with these three tiny tools :
- Type in a NetBIOS name and it will give you its first level encoded equivalent (EBFACACACACACA).
- The opposite of the above.. give it an encoded NetBIOS name and it will tell you what its human readable equivalent is (very useful when you see a netbios broadcast and want to know the name of the machine sending it).
- You input a string and it will display its equivalent in hexadecimal, hex editor style. I've often wanted a quick tool that did this.
Dump then in your windows directory or somewhere in your path so you can call them from the run box.
Anyway, those should be useful to the network admin who knows the value of a diverse toolkit. Chris is considering the development of an official Firewall.cx suite of useful networking tools that will be a lost snazzier than these quick command line hacks of mine.
If theres some little tool you've always wanted but don't have, drop me a line and if I think its useful enough I'll code it. Im contemplating an intelligent command line IP subnet calculator for Windows..
Hope you find these useful.. if you want the source, PM me.
Tom, whats the best way to validate the way users input a string ? For example, I need them to input a string, but I don't know how long the string is going to be so I have to statically define the size of the buffer (char buffer), I can't malloc for the memory as I don't know how much they're going to be inputting.
Basically I want to avoid a buffer overflow condition and my rural development skills can't figure out what to do. Coming from Perl with its nifty string handling, this is a bit new to me.
There are various ways to get input such as gets, getch,getchar, and scanf. With getch and getchar, you would need to move the characters into the string yourself and then append a null byte. Gets and scanf don't check size of string, so the best way to handle that would be to use a very large buffer and then move the result into your string. Scanf also has some issues. You especially need to make sure you don't intermix scanf with gets because of the issues with scanf which will give you unexpected results.
The other way would be to use fgets. This takes the buffer size as a parameter. I am including a piece of code from one of my books. the reason you need to put the null byte at the end is that the function puts a '\n' (newline) at the end of the string, so you need to replace it with a null byte.