Home Explore Help
Sign In
tobias.wach
/
CCats
mirror of https://git.rwth-aachen.de/tobias.wach/ccats
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

Combingin READMEs

Jonas Pflanzer 4 years ago
parent
08aca1da2c
commit
49e7453d3f
2 changed files with 65 additions and 65 deletions
Split View Show Diff Stats
  1. 0 63
      daemon/Daemon-Config-Reference.md
  2. 65 2
      daemon/README.md

+ 0 - 63
daemon/Daemon-Config-Reference.md
View File 

@@ -1,63 +0,0 @@
 
-# Daemon configuration
 
-
 
-The daemon is configurable by config.txt.
 
-The config file must be in the same directory from where you run the binary. If the file does not exist, the server will exit immediately.
 
-
 
-## General Configuration Values
 
-`port`: The port where the server listens for clients. Must be a valid port<br/>
 
-`userdatabase`: The file where userdata is stored in format: user;password<br/>
 
-`deleteAllowed`: Says if a client is allowed to delete files from its file directory<br/>
 
-`filedirectory`: The directory where files from the clients will be stored and read from<br/>
 
-`SSLenabled`: When set to true, the server will only use and accept SSL connections from clients. Set to false to disable this<br/>
 
-`SSLcertificate`: The certificate file to use for SSL connections<br/>
 
-`SSLprivatekey`: The private key file to use for SSL connections<br/>
 
-`SSLdhparams`: The diffie-hellman file to use for SSL connections<br/>
 
-
 
-### Notes about SSL
 
-To use SSL, certificates, keys and diffie-hellman parameters are required. To generate these, a convenience script `createsslfiles.sh` is provided.
 
-The names of the output files are controlled with variables at the top of the script, modify these if desired.
 
-Assuming default names, place the `user.crt`, `user.key` and `dh2048.pem` files somewhere convenient and configure the server accordingly.
 
-Place the `rootca.crt` certificate in the directory you intend to run the client from.
 
-
 
-If you get an error about SSL related files not being found despite them existing, shorten the names of the files.
 
-If you cannot connect and the server prints a error related to TLSv1, ensure your version of boost and OpenSSL are up to date.
 
-
 
-### Covert Channel Modes
 
-There are several covert channel modes which will transmit data in other ways. If you do not set this to any of the values below, the server will not have covert channel sending and recieving capabilities, but still answer to requests from clients. In this case, no superuser permissions will be required, as no network interfaces are touched directly.
 
-`forward`: no data transmission<br/>
 
-`tcpurgency`: uses the TCP urgency pointer<br/>
 
-`tcpoptiontimestamp`: uses the TCP option Timestamp to transmit data. WARNING: most OSs use the timestamp so you should not use this option unless you are sure that the communication does not depend on it.<br/>
 
-`tcpappend`: appends the data to the payload of a TCP packet<br/>
 
-`tcpoptioncustom`: writes data in a custom option field<br/>
 
-
 
-### General Covert Channel options
 
-`covertChannelMode`: Sets the covert channel mode. To deactivate don't set it or set it to none or false.<br/>
 
-`innerInterface`: The interface of your inner network<br/>
 
-`outerInterface`: The interface of your outer network<br/>
 
-
 
-##### Covert Channel Mode `forward`
 
-No further config is needed. Forward should work out of the box.<br/>
 
-
 
-##### Covert Channel Modes `tcpurgency`, `tcpoptiontimestamp`, `tcpappend`, `tcpoptioncustom`
 
-`targetIP`: IP of the target server<br/>
 
-`targetPort`: Port of the target server<br/>
 
-`passiveMode`: true - server only reacts to incoming channel | false - server initiates channel<br/>
 
-
 
-## Example for config.txt
 
-```
 
-covertChannelMode=tcpurgency
 
-deleteAllowed=false
 
-filedirectory=./files/
 
-innerInterface=eth0
 
-outerInterface=eth1
 
-passiveMode=false
 
-port=1234
 
-SSLcertificate=user.crt
 
-SSLdhparams=dh2048.pem
 
-SSLenabled=true
 
-SSLprivatekey=user.key
 
-targetIP=1.2.3.4
 
-targetPort=443
 
-userdatabase=userStorage.txt
 
-
 
-```

+ 65 - 2
daemon/README.md
View File 

@@ -16,9 +16,9 @@ make
 
 ```
 
 
 ## Run
 
-Currently the first argument is the network interface for the sniffer.
 
+You must create a [config.txt](## Daemon configuration) before running the server.
 
 ```
 
-bin/ccats lo
 
+bin/ccats
 
 ```
 
 
 ### Tests
 
@@ -47,3 +47,66 @@ and start it
 
 ```
 
 sudo systemctl start ccats.service
 
 ```
 
+
 
+## Daemon configuration
 
+
 
+The daemon is configurable by config.txt.
 
+The config file must be in the same directory from where you run the binary. If the file does not exist, the server will exit immediately.
 
+
 
+### General Configuration Values
 
+`port`: The port where the server listens for clients. Must be a valid port<br/>
 
+`userdatabase`: The file where userdata is stored in format: user;password<br/>
 
+`deleteAllowed`: Says if a client is allowed to delete files from its file directory<br/>
 
+`filedirectory`: The directory where files from the clients will be stored and read from<br/>
 
+`SSLenabled`: When set to true, the server will only use and accept SSL connections from clients. Set to false to disable this<br/>
 
+`SSLcertificate`: The certificate file to use for SSL connections<br/>
 
+`SSLprivatekey`: The private key file to use for SSL connections<br/>
 
+`SSLdhparams`: The diffie-hellman file to use for SSL connections<br/>
 
+
 
+#### Notes about SSL
 
+To use SSL, certificates, keys and diffie-hellman parameters are required. To generate these, a convenience script `createsslfiles.sh` is provided.
 
+The names of the output files are controlled with variables at the top of the script, modify these if desired.
 
+Assuming default names, place the `user.crt`, `user.key` and `dh2048.pem` files somewhere convenient and configure the server accordingly.
 
+Place the `rootca.crt` certificate in the directory you intend to run the client from.
 
+
 
+If you get an error about SSL related files not being found despite them existing, shorten the names of the files.
 
+If you cannot connect and the server prints a error related to TLSv1, ensure your version of boost and OpenSSL are up to date.
 
+
 
+#### Covert Channel Modes
 
+There are several covert channel modes which will transmit data in other ways. If you do not set this to any of the values below, the server will not have covert channel sending and recieving capabilities, but still answer to requests from clients. In this case, no superuser permissions will be required, as no network interfaces are touched directly.
 
+`forward`: no data transmission<br/>
 
+`tcpurgency`: uses the TCP urgency pointer<br/>
 
+`tcpoptiontimestamp`: uses the TCP option Timestamp to transmit data. WARNING: most OSs use the timestamp so you should not use this option unless you are sure that the communication does not depend on it.<br/>
 
+`tcpappend`: appends the data to the payload of a TCP packet<br/>
 
+`tcpoptioncustom`: writes data in a custom option field<br/>
 
+
 
+#### General Covert Channel options
 
+`covertChannelMode`: Sets the covert channel mode. To deactivate don't set it or set it to none or false.<br/>
 
+`innerInterface`: The interface of your inner network<br/>
 
+`outerInterface`: The interface of your outer network<br/>
 
+
 
+###### Covert Channel Mode `forward`
 
+No further config is needed. Forward should work out of the box.<br/>
 
+
 
+###### Covert Channel Modes `tcpurgency`, `tcpoptiontimestamp`, `tcpappend`, `tcpoptioncustom`
 
+`targetIP`: IP of the target server<br/>
 
+`targetPort`: Port of the target server<br/>
 
+`passiveMode`: true - server only reacts to incoming channel | false - server initiates channel<br/>
 
+
 
+### Example for config.txt
 
+```
 
+covertChannelMode=tcpurgency
 
+deleteAllowed=false
 
+filedirectory=./files/
 
+innerInterface=eth0
 
+outerInterface=eth1
 
+passiveMode=false
 
+port=1234
 
+SSLcertificate=user.crt
 
+SSLdhparams=dh2048.pem
 
+SSLenabled=true
 
+SSLprivatekey=user.key
 
+targetIP=1.2.3.4
 
+targetPort=443
 
+userdatabase=userStorage.txt
 
+```