Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove references to WhoTheFAreU? from replay server/client code #9

Closed
nkinkade opened this issue Mar 23, 2023 · 4 comments · Fixed by #13
Closed

Remove references to WhoTheFAreU? from replay server/client code #9

nkinkade opened this issue Mar 23, 2023 · 4 comments · Fixed by #13

Comments

@nkinkade
Copy link
Contributor

This message show up a few times in the code:

The message was probably meant to be amusing or funny when it was added a long time ago, and surely almost nobody will ever encounter it. However, recently an M-Lab site host actually shut down and entire M-Lab site because they thought that the servers were compromised and had been defaced. It would probably be better to change that message to something slightly more benign, possibly with a link to a page about what Wehe is.
@nkinkade nkinkade changed the title Remove references to WhoTheFAreU? from replay_server code Remove references to WhoTheFAreU? from replay server/client code Mar 23, 2023
@zeinabshmeis
Copy link
Collaborator

I have changed this message to SuspiciousClientIP! in the branch remove-ambiguous-references. The following change requires changing the client side as well.

@nkinkade do you have an idea how we can reproduce this event? Do we have logs or something that shows what triggered this event?

@drchoffnes
Copy link
Contributor

I believe it's when you establish a TCP connection on an unexpected port and/or send unexpected data on that port---all without have a sidechannel estblished.

@zeinabshmeis
Copy link
Collaborator

zeinabshmeis commented May 8, 2023
edited
Loading

Okey, I have been trying to test this, but I seem to keep failing to re-create such incident.

Things I tried:

  • modify source IP of incoming packets so that the replay packets have different IP from the side channel packets. Results is that the socket closes and replay is not performed.
  • modify the replayTrace file so that the payload size and/or content is different. For the size, the socket just closes because of TO for not receiving anything. For the content, the replay continues successfully.

I guess we can for now just change the message to "SuspiciousClientIP!" and be optimistic that nothing break. In worst case scenario I would expect the replay to simply just fail without affecting the server.

Changes are in the attached branch, and ready to be merged.

@drchoffnes
Copy link
Contributor

drchoffnes commented May 8, 2023 via email

@zeinabshmeis zeinabshmeis linked a pull request May 8, 2023 that will close this issue
Change message 'WhoTheFAreU?' to 'SuspiciousClientIP!' #13
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Change message 'WhoTheFAreU?' to 'SuspiciousClientIP!' NEU-SNS/wehe-py3
3 participants
@drchoffnes @nkinkade @zeinabshmeis