verinec.importer.analysis
Class AnalysisThread

java.lang.Object
  java.lang.Thread
      verinec.importer.analysis.AnalysisThread

All Implemented Interfaces:

Runnable

public class AnalysisThread
extends Thread

A thread to run sniffing, traceroute and portscans from

Author:

david.buchmann at unifr.ch, martial.seifriz at unifr.ch

Nested Class Summary

class

AnalysisThread.AnalyserStatus This Klass allows the store the actual state of the sniffing, traceroutes, host lookups and the scanning.

Nested classes/interfaces inherited from class java.lang.Thread

Thread.State, Thread.UncaughtExceptionHandler

Field Summary

protected AnalysisThread.AnalyserStatus	analysisState The object which store the state of the tasks
protected Logger	log For logging.
private StartLookUpHost	lookUpHosts The starter of the loolups for the host names
private int	lookUpHostsMaxSynchronousThread The number of maximum synchronous host look ups
private long	numUnknownHosts this variable is needed to destinquish unknown hosts and to number them
private AnalysisConfigPanel	panel Reference to the panel holding the configuration.
private HostCommRenderer	root The root, ie the host where this application is running
private Hashtable	sniffingResult Map of host information: ip->HostCommRenderer.
private Hashtable	studioResult The Nodes which are allready in the Studio
(package private) Hashtable	trResult The same structure to save the traces like it is used to save the host form the sniffing

Fields inherited from class java.lang.Thread

MAX_PRIORITY, MIN_PRIORITY, NORM_PRIORITY

Constructor Summary

AnalysisThread(AnalysisConfigPanel panel)

Method Summary

private int	calcNifPos(HostCommRenderer r, HostCommRenderer c) Compute the position of a network interface.
private PCNode	createPCNode(HostCommRenderer host) Convert the data of a HostCommRenderer to a PCNode.
AnalysisThread.AnalyserStatus	getAnalysisState() Fetch the object, where the actual analysis state is stored.
private NwInterface	getClientNetworkInterface(String ip, PCNode pc) Get the network inteface which was detected by the traceroute
private NwInterface	getNetworkInterfaceFormPCNode(String ip, PCNode pc) Get a network interface (NwInterface) with a specified ip form a PCNode.
protected AnalysisConfigPanel	getPanel() Fetch the main panel of the importer dialog.
HostCommRenderer	getRoot() Fetch the root, i.e. the host where verinec is running.
private NwInterface	getRootNetworkInterface(String ip, PCNode pc) Get the network inteface which wasn't detected by the traceroute
private VerinecStudio	getStudio() Fetch the verinec studio.
private void	initPositionsForStudio() This method starts the computation of the postions for the nodes in the studion.
void	lookUpHostName(HostCommRenderer host) Look up the host name of a HostCommRenderer.
void	lookUpHostUpdate(int tasksCount, int finishedTasks) Update the state the look ups for the host names.
void	printMessage(String m) Print a message.
private PCNode	return2Analyser_createNodes(HostCommRenderer r, Element nodes) This method returns the found hosts to the studio if the traceroutes where used.
private void	return2Analyser() This method returns the found hosts to the studio.
void	run() Check settings and run sniffing, traceroute and portscans.
void	scanUpdateState() Update the status of the scans.
private void	setPositionsForStudio(HostCommRenderer r, int radius, double alpha, double sector, int parentX, int parentY) The computation of a node's postion in the stuido.
void	sniffingAddToResult(String ip, HostCommRenderer host) Add a host to the sniffing result.
HostCommRenderer	sniffingGetHost(String ip) Get the host renderer for an ip.
Hashtable	sniffingGetResult() Fetch the result of the sniffing.
void	sniffingInitState(int id, int mode, long count) Initialize the state for the sniffing.
void	sniffingPrintResult() Print all the results of the sniffing, ie every host which was found.
void	sniffingUpdateState(int id) Update the actual state of the sniffing.
protected void	sniffStep()
private void	sortTreeData(HostCommRenderer r) Sort a subtree, i.e. this methode arrange the childs of a node in a way, so that a child with a lot of children is followed by one with only a few.
PCNode	studioGetHost(String ip) Try to get the HostCommRenderer of an ip from the studio result.
Element	studioGetHostFromReprository(HostCommRenderer host) This method makes a lookup of a host in the reprository of the studio, to test if this one was allready found and safed in the studio.
Hashtable	studioGetResult() Fetch the result of the studio, ie the pcnodes which are in the gui.
private void	studioInitResult() Load and save the Nodes from the Studio to provide fast and easy access for tests.
boolean	studioIsHostInStudio(HostCommRenderer host) Tests if a host is found in the studio.
static boolean	testAccessRights() This method tests if the user has sufficent rights for capturing, that is if he can set the device into promiscious mode.
protected void	traceStep() Perform the trace step.
void	trAddToResult(String ip, HostCommRenderer host) Add a new host to the traceroute result.
void	trAddToResult(Vector hops, HostCommRenderer target) Add a vector of ips to the traceroute result and create the tree structure.
HostCommRenderer	trGetHost(String ip) Try to get the HostCommRenderer of an ip from the traceroute result.
void	trPrintResult() Print the whole result form the traceroutes to the standart output
void	trUpdateState() Update the state of the Traceroutes.
private boolean	trWasExecuted() It tests if the traceroutes where executed.
void	updateState() Update the display of the actual analysis state.

Methods inherited from class java.lang.Thread

activeCount, checkAccess, countStackFrames, currentThread, destroy, dumpStack, enumerate, getAllStackTraces, getContextClassLoader, getDefaultUncaughtExceptionHandler, getId, getName, getPriority, getStackTrace, getState, getThreadGroup, getUncaughtExceptionHandler, holdsLock, interrupt, interrupted, isAlive, isDaemon, isInterrupted, join, join, join, resume, setContextClassLoader, setDaemon, setDefaultUncaughtExceptionHandler, setName, setPriority, setUncaughtExceptionHandler, sleep, sleep, start, stop, stop, suspend, toString, yield

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

log

protected Logger log

For logging.

analysisState

protected AnalysisThread.AnalyserStatus analysisState

The object which store the state of the tasks

panel

private final AnalysisConfigPanel panel

Reference to the panel holding the configuration.

sniffingResult

private Hashtable sniffingResult

Map of host information: ip->HostCommRenderer. Must be a thread save implementation. Use sniffingGetHost(java.lang.String) to report found hosts.

trResult

Hashtable trResult

The same structure to save the traces like it is used to save the host form the sniffing

studioResult

private Hashtable studioResult

The Nodes which are allready in the Studio

lookUpHostsMaxSynchronousThread

private int lookUpHostsMaxSynchronousThread

The number of maximum synchronous host look ups

root

private HostCommRenderer root

The root, ie the host where this application is running

lookUpHosts

private StartLookUpHost lookUpHosts

The starter of the loolups for the host names

numUnknownHosts

private long numUnknownHosts

this variable is needed to destinquish unknown hosts and to number them

Constructor Detail

AnalysisThread

public AnalysisThread(AnalysisConfigPanel panel)

Parameters:

panel - The configuration panel instance.

Method Detail

run

public void run()

Check settings and run sniffing, traceroute and portscans.

Performed when the run button is clicked:

• update settings of the devices from form
• check for correctness
• run sniffing, traceroute, portscan

Specified by:

run in interface Runnable

Overrides:

run in class Thread

sniffStep

protected void sniffStep()

sniffingGetHost

public HostCommRenderer sniffingGetHost(String ip)

Get the host renderer for an ip. fixme: how to create a new one? no more createRenderer

Parameters:

ip - The ip in string representation.

Returns:

The instance or null if there is none for this ip.

sniffingGetResult

public Hashtable sniffingGetResult()

Fetch the result of the sniffing.

Returns:

The sniffing result structure.

sniffingAddToResult

public void sniffingAddToResult(String ip,
                                HostCommRenderer host)

Add a host to the sniffing result.

Parameters:

ip - The ip of the host.

host - The HostCommRenderer which was created by the sniffer.

sniffingUpdateState

public void sniffingUpdateState(int id)

Update the actual state of the sniffing.

Parameters:

id - The id of the task, which progressed.

sniffingInitState

public void sniffingInitState(int id,
                              int mode,
                              long count)

Initialize the state for the sniffing.

Parameters:

id - The id of the task.

mode - The mode of sniffing, eg TIME

count - The number of packages or the time period in sec.

sniffingPrintResult

public void sniffingPrintResult()

Print all the results of the sniffing, ie every host which was found.

lookUpHostUpdate

public void lookUpHostUpdate(int tasksCount,
                             int finishedTasks)

Update the state the look ups for the host names.

Parameters:

tasksCount - The number of all tasks which were started.

finishedTasks - The number of finished look ups.

lookUpHostName

public void lookUpHostName(HostCommRenderer host)

Look up the host name of a HostCommRenderer. The result is stored in the HostCommRenderer.

Parameters:

host - The host, whose name shoul be resolved.

traceStep

protected void traceStep()
                  throws TraceRouteException

Perform the trace step.

Throws:

TraceRouteException - if something fails.

trGetHost

public HostCommRenderer trGetHost(String ip)

Try to get the HostCommRenderer of an ip from the traceroute result.

Parameters:

ip - The ip of the desired host

Returns:

The HostCommRenderer of the host. If nothing is found then null is returned.

trAddToResult

public void trAddToResult(String ip,
                          HostCommRenderer host)

Add a new host to the traceroute result.

Parameters:

ip - The ip of the new host.

host - The HostCommRenderer of the new host.

studioInitResult

private void studioInitResult()

Load and save the Nodes from the Studio to provide fast and easy access for tests.

studioGetResult

public Hashtable studioGetResult()

Fetch the result of the studio, ie the pcnodes which are in the gui.

Returns:

The studio results.

studioGetHost

public PCNode studioGetHost(String ip)

Try to get the HostCommRenderer of an ip from the studio result.

Parameters:

ip - The ip of the desired host

Returns:

The HostCommRenderer of the host. If nothing is found then null is returned.

trAddToResult

public void trAddToResult(Vector hops,
                          HostCommRenderer target)

Add a vector of ips to the traceroute result and create the tree structure.

Parameters:

hops - A Vector of ips as string representation.

target - The target host, which was found by the sniffer.

trUpdateState

public void trUpdateState()

Update the state of the Traceroutes.

trWasExecuted

private boolean trWasExecuted()

It tests if the traceroutes where executed.

Returns:

True if at least one traceroute was executed

trPrintResult

public void trPrintResult()

Print the whole result form the traceroutes to the standart output

scanUpdateState

public void scanUpdateState()

Update the status of the scans.

return2Analyser

private void return2Analyser()

This method returns the found hosts to the studio. If AnalysisConfigPanel.DEBUG is true, creates a file in java.io.tmpdir named scan_results.xml for debugging purposes.

return2Analyser_createNodes

private PCNode return2Analyser_createNodes(HostCommRenderer r,
                                           Element nodes)

This method returns the found hosts to the studio if the traceroutes where used.

Parameters:

r - The renderer to return

nodes - The parent element for the node

Returns:

The newly created PCNode.

getRootNetworkInterface

private NwInterface getRootNetworkInterface(String ip,
                                            PCNode pc)

Get the network inteface which wasn't detected by the traceroute

Parameters:

ip - The ip of the desired network inteface.

pc - The owner host.

Returns:

The desited network inteface.

getClientNetworkInterface

private NwInterface getClientNetworkInterface(String ip,
                                              PCNode pc)

Get the network inteface which was detected by the traceroute

Parameters:

ip - The ip of the desired network inteface.

pc - The owner host.

Returns:

The desited network inteface.

getNetworkInterfaceFormPCNode

private NwInterface getNetworkInterfaceFormPCNode(String ip,
                                                  PCNode pc)

Get a network interface (NwInterface) with a specified ip form a PCNode.

Parameters:

ip - The desired ip.

pc - The PCNode which may own the desired network interface.

Returns:

The desired network interface (NwInterface) or null.

createPCNode

private PCNode createPCNode(HostCommRenderer host)

Convert the data of a HostCommRenderer to a PCNode.

Parameters:

host - A HostCommRenderer with host data to be converted to XML.

Returns:

The created node. It is already registered into the GUI.

calcNifPos

private int calcNifPos(HostCommRenderer r,
                       HostCommRenderer c)

Compute the position of a network interface.

Parameters:

r - The parent Node, i.e. this node is closer to the root than the other.

c - The child Node.

Returns:

The position of the network interface.

initPositionsForStudio

private void initPositionsForStudio()

This method starts the computation of the postions for the nodes in the studion.

setPositionsForStudio

private void setPositionsForStudio(HostCommRenderer r,
                                   int radius,
                                   double alpha,
                                   double sector,
                                   int parentX,
                                   int parentY)

The computation of a node's postion in the stuido.

Parameters:

r - The node, which postion should be computed.

radius - The actual radius of the circle.

alpha - The actual start angle.

sector - The sector which can be used to place the node.

parentX - The x positon of the parent node.

parentY - The y positon of the parent node.

sortTreeData

private void sortTreeData(HostCommRenderer r)

Sort a subtree, i.e. this methode arrange the childs of a node in a way, so that a child with a lot of children is followed by one with only a few.

Parameters:

r - The root node of the subtree, which should be sorted.

getStudio

private VerinecStudio getStudio()

Fetch the verinec studio.

Returns:

The studio.

studioIsHostInStudio

public boolean studioIsHostInStudio(HostCommRenderer host)

Tests if a host is found in the studio.

Parameters:

host - The host, which should be locked up.

Returns:

True if the host was found in the stuio, else false.

studioGetHostFromReprository

public Element studioGetHostFromReprository(HostCommRenderer host)

This method makes a lookup of a host in the reprository of the studio, to test if this one was allready found and safed in the studio.

Parameters:

host - The host, which should be locked up.

Returns:

The XML definition of the host if it was found, else null.

testAccessRights

public static boolean testAccessRights()

This method tests if the user has sufficent rights for capturing, that is if he can set the device into promiscious mode. todo: we could do this on a per-device basis.

Returns:

True if user has admin rights.

getRoot

public HostCommRenderer getRoot()

Fetch the root, i.e. the host where verinec is running.

Returns:

The desired host.

getPanel

protected AnalysisConfigPanel getPanel()

Fetch the main panel of the importer dialog.

Returns:

The desired panel.

getAnalysisState

public AnalysisThread.AnalyserStatus getAnalysisState()

Fetch the object, where the actual analysis state is stored.

Returns:

The actual analysis state.

updateState

public void updateState()

Update the display of the actual analysis state.

printMessage

public void printMessage(String m)

Print a message. This is done by passing the message to the stuido

Parameters:

m - The message to desplay.