RDP client- implementation time - c++

I need to start my new challenge, write my own RDP client for Linux (full protocol implementation based on 7.1). Most of you will suggest to search on the web for free RDP client....but in my case I have to write from scratch the application.
Is there anybody with RDP experience in C/C++ under Linux? I am not looking for technical information. At this stage I only need to evaluate how long it would take to write the application. I do not have any experiences with RDP. Roughly how long would it take for one person full time? There are many "variables" to consider....but just an estimation would be enough.
Thank you.
Luke

I have some experience because my company did some work with the RDP protocol. These are some select things you'll face should you go through it:
You'll have to work out different the compression algorithms. Mostly run-length encoding.
Encryption. The older versions of RDP used RC4 and RC5 if I recall correctly.
Authentication. NTLM and CredSSP are popular methods.
It would probably take you a month just to get something working assuming you'd write your client non-stop.
Also as Duck has pointed out in the comments there are many little things. Just for example: how will you handle ROP3 drawing? Will you implement a few codes or all of them? This is a little problem but will probably take you some time.
If your goal is to have a graphical remote access protocol, you'd be better off with VNC which is many times easier. After you've seen what it takes to implement such a protocol, you'd see what the typical pitfalls are.

Related

Desktop SCADA Application - Reading and Writing to PLCs through C++

I did my best to search all topics regarding to SCADA and developing your own C++ desktop application to communicate with PLCs, but could not find any recent, or in my opinion, relevant topics that fit what I needed. If I missed them, a link to them would be very much appreciated. If I also happened to post this in the wrong section, or you can think of a better section for me to post this in, I will take it there.
With that said, I thank you in advance for taking the time to read my questions, and appreciate any input you have to offer.
A little bit about what I'm doing
I'm currently in school for electromechanical engineering, and for my final year project I am developing a desktop application in C++ to monitor PLCs we have located within one of our labs.
Within this lab, I have a pre-existing ethernet network connecting all PLCs to single point, which I am tying into with a PC, and will be doing all my work from there.
I will be developing the application in Qt for an easy way to design the GUI, and giving me access to the QNetworkInterface as well as QTcpSocket.
With that said, I wouldn't go as far as saying I'm an experienced programmer, but I have been fooling around with a few languages (i.e.: python, c++, c, php) for quite a few years, and am still learning, considering the learning NEVER stops.
My questions
Is there any reference material I can read, that you can suggest, on the subject to more easily understand what sort of process I need to go through to receive information (i.e.: individual I/Os, status bits, tags, logs, etc...) from the PLCs directly, and not through an OPC server?
If an OPC server is required, I've never dealt with OPC links other than using Rockwell Automations RSLinx to grab tags and display their values within excel (I had created a prototype using that exact method to start, but would like to move away from excel, and if possible, the OPC server (RSLinx) as well). What would you suggest to someone who knows nothing about the subject of OPC servers, or to my knowledge, OPC in general?
Have any of you previously written your own application to do something similar, if not of the same nature to what I'm trying to accomplish?
What advice or suggestions would you give for someone who is attempting this type of project?
PS: As a start for this project, I would initially just want to get the reading of the I/Os (tags or addresses) to view what their current values are (closed or open for inputs, energized or not for outputs). But eventually I would also like to be able to write values to tags on the PLCs I'm monitoring based on the values I've received from them.
PSS: I would like to note again, that I am still a student, and am still learning about this subject in it's entirety. I would just like to ask for your patience, as I may not grasp things completely the first time!
If I've missed any information you feel is pertinent to be able to provide an answer, please let me know! I will do my best to come up with said information in a timely manner!
Thank you!
EDIT #1: Added in another question, and altered my first question slightly
EDIT #2: Fixed up question 2
IMHO a SCADA program should have as a minimum requirement to be able to connect to an OPC server. OPC is used for most commercial PLCs.
Strictly speaking there is no need to have an OPC server/client approach but it gives you flexibility and gives you an abstraction model. If you want to directly connect to PLCs using a protocol then that is of course possible as well. You then need to know more details about the protocols and their various versions.
Yes I worked for a few years in a team that developed a commercial SCADA application.
It is very easy to get lost in details in such a project so try to keep things as simple as possible. By using OPC you will save time instead of fiddling directly with the protocols. You could add the ability to add custom-drivers for other protocols - depending on your timeframe. Try to model up your project before you start coding to a birdsview of the model and avoid getting lost in the details.
I would stay well away from looking to write your own code to connect directly
to an AB PLC - there are products out there that you can use in your application:
http://www.rtaautomation.com/software/ethernetip/client/tagc/ControlWin.html
http://www.automatedsolutions.com/products/dotnet/ascomm/
You would be better to use OPC - you can write you own OPC client if you want and follow examples you find here:
http://www.opcconnect.com/source.php#freesource
According to this http://www.control.com/thread/1026173407 you should be able to get source code of Kepwares OPC Quick Client.
It would probably be easier to just use a library as in this example (RSLogix,C#):
http://www.mesta-automation.com/opc-client-with-c-an-how-to-video/
You might find this of use:
http://www.rockwellautomation.co.kr/applications/gs/ap/GSKR.nsf/files/rslinxsdk_ma_eng.pdf/$file/rslinxsdk_ma_eng.pdf
Some resources:
http://www.opcconnect.com/ ,
http://www.mesta-automation.com/
Answer to question #4 - realize that your lab technically could contain ANY manufacturer's PLCs in the future. If you ever took a Data Communications class, you realize that for N different PLC types, you would have to write N different communication drivers for your PLC client.
This is where standards are helpful. Without the use of a standard protocol, scaling your lab could become more time consuming and less manageable. This is why communications standards exist.
HOWEVER, not all PLCs necessarily support the standard(s) you may decide upon.
The best choice is OPC/UA. Many PLCs have server drivers readily available. That means that your client just needs to understand 1 protocol (OPC/UA), and then it can "easily" be connected to any PLC that has a driver for that standard.
After that, there is OPC. After that, Modbus (TCP and RTU flavors), a relatively simple industry standard that is supported by most PLCs. EtherNet/IP is also a possible choice, although not all PLCs support it in a "server" role (many do support it as a client, but that is not what you need).
have a look at pycomm in github or pylogix at github which are Python written drivers to link to clx plc.

Create a C++ program that processes incoming calls on a phone-line (land-line)

For some time now I've been tossing around what I think is am awesome idea: I want to write essentially a C++ phone server to handle all of my incoming calls on a land-line. I'll have a white-list (yay never having to worry about telemarketers ever again!), a black-list, and will be able to access my phone using my gaming headset, allowing me to make/answer calls while I'm gaming or whatever. In the future I'd also like to hook it up to a gui and make it have pop-ups and other cool features.
The problem is, I have no idea where to start. I'm familiar enough with C++, but have no idea how to go about doing anything with a phone-line. I can plug a phone-line into my computer, but I have no idea how to get my program to be able to use that connection. There's WinSock2 for being able to use my ethernet connection, is there something similar I'd be able to use to use the phone line? As it's using the same ethernet jack, I wonder if it's even possible to use WinSock2 to use the phone-line?
I saw this post, which wasn't particularly helpful: stackoverflow link , which points out Dual-tone multi-frequency signaling. I stumbled across this site: link, but isn't really going to help me get started.
So I was wondering, is there some sort of library out there that would allow me to tap into a phone-line that's connected to my computer? Is there a standard somewhere out there concerning phone-lines and what the different combinations of tone's mean? Can anyone here help get me started? I realize it's somewhat of a big undertaking, so any push in the right direction would be greatly appreciated. Thanks.
[Update:]
I found this question, which is a step in the right direction, but I'm not sure yet if it helps me (I need to go to bed, and will take a look at it in the morning). I did see mention of a Microsoft Telephony API though, I'll try doing more research on that tomorrow.
If working with MS products is not an absolute necessity, you might also consider taking a shot at Asterisk. This is an open-source PBX (in software) that allows development on Linux, Windows (emulated) and Mac. At the company where I work, we use it for implementing small-scale exchanges, about a 100 lines or so. It also interfaces well with VoIP and allows a whole host of protocols. I have developed scripts and programs in C++ that work on voice packets in real-time, and so far, my experience has been good. As for your stated use-case of blocking telemarketers etc., this would be a very good fit. Check out further details here.
After doing more research, having one link lead to another link, and coming up with new search terms, I stumbled across this site that looks like it could kick me off using the Windows Telephony API in C++: link. This link includes open source c++ samples showing how to do the basics of what this question asks, I'll just have to test to see if they actually still work.
This is only the beginning of my research, so I'll keep you posted on any other findings. If anyone else is knowledgeable in this area, please still feel free to drop me information on what I want to accomplish.

What is the best way to sync computer time with an internet time server?

I need to get the current time from one of internet time server in my desktop application. I suppose I need something like a request string and a regular expression to get time from any site that user wants (may be with several predefined sites).
Or may be there are some free libraries exist?
Thanks.
This is what the Network Time Protocol was built for. But it's probably something best left to your operating system, lest you end up with duelling applications using different, not-quite-synchronised servers.
See the headings in the link above for UNIX and Windows implementations.
There are free libraries and specifications for how to retrieve time, and the format in which you receive it (so REs are generally unnecessary). You choice depends on the level of precision/accuracy you want.
RFC 868 gives time to the second, which is entirely adequate for a lot of people's purposes. If it's good enough, it's a lot simpler to implement than the others listed below.
RFC 5905 defines the Network Time Protocol. As long as you only want to get the time, not provide it for anybody else, NTP is probably overkill though.
RFC 4330 defines SNTP (Simple NTP), which is a simplified version of NTP for computers that act as "leaf nodes" -- i.e., they retrieve time from elsewhere, but nothing else retrieves the time from them.
The NTP project has free NTP libraries for a number of systems.
This feels like something the OS should do on its own...
There is a protocol on the internet called NTP that returns time from timeservers.
You might want to try looking for a library/class that can use NTP to retrieve time for you.
Or you could try looking at the source code for ntpclient.
Usually, most operating systems embeds such a functionality.
Both Windows and Linux can sync with NTP servers.
If really want to let the user change its timezone, you should look for OS specific API's instead of communicating directly with the time servers then changing the system time. This would be way nicer.
Maybe you can take a look at this code and get some inspiration:
http://web.abnormal.com/~thogard/ntp/ntpdate.c

Simple client/server, TCP/IP encrypting the message stream, SSL (C++)

Basically my question is the exact same one as this:
Simple client/server, TCP/IP encrypting the message stream, SSL
The difference is that I need this for pure C++, not .NET. I cannot use 3rd party libraries, so unless it's a Windows system component (like the above) I need something with source so I can get the generel idea and build it myself.
Thanks :)
Quoting the other question for reference:
"Writing a little TCP/IP client server
app. Basically it creates a server,
and then you can create several
different clients and set up a bit of
a chat session. What I am wondering is
there is any way to incorporate, using
standard .net libraries some form of
encryption?
m_mainSocket = new
Socket(AddressFamily.InterNetwork,
SocketType.Stream, ProtocolType.Tcp);
Is there any way of speficying tcp
using rsa?
Or would you (me that is) have to
write some custom libaries to do key
exchange and then encrypt the
subsequent chat messages? I have done
that before for uni but that was in
java but I know it would'nt be hard to
convert them. Just trying not to have
to reinvent the wheel...
Or what about utilising a ssl?
Thanks, Ron."
Have you considered using the ASIO library? think-async dot com/Asio/
There is an example specifically for an SSL based client/server. http://think-async.com/Asio/asio-1.4.1/doc/asio/examples.html#asio.examples.ssl
Its as "pure c++" as you can get.
You can always look at OpenSSL which is open source, but that would be like implement SSL yourself. I would suggest wrapping OpenSSL and use it. Or use the SSL tunnel application available in OpenSSL.
Writing your own encryption code is "not recommended". It's easy enough to make a simple mistake when using one of these libraries, let alone when you try to write one yourself.
What you really want to use is OpenSSL with Boost.ASIO on top of it. If you can't do that then your next best alternative is to use the Internet Explorer COM object. This isn't quite as flexible, but might work out fine depending on what your exact needs are. You can also explore the Win32 API. Last I looked there weren't enough crypto APIs widely available to do this. The final way of dealing with this is to wrap the .NET APIs so that you can make use of them from native C++.
Only if none of that works out for you should you even consider writing this yourself. You will make mistakes and your application will be less secure as a result. So, before you start trying to write your own crypto code you could also try to look at tunnelling SOCKS over SSH and use somebody else's SSH implementation. The next thing I would look at is to buy in the code rather than write it yourself. The code won't be as good as open source offerings as it will be less used so will have more security problems, but it will still be better than anything you would write on your first outing doing this.
Only if you've exhausted all of these options should you think about writing this yourself. Once you think about it you should try all of the other options again to make sure that you didn't miss getting one of them to work for you the first time around.
If you do still write your own implementation then throw it away and use one of the other options before putting it into production use as there will be mistakes that compromise the security to the extent where you probably may as well not have bothered.
Sorry to sound down on all of this, but getting these things right is really hard and not something you can do by just taking a quick look at somebody else's implementation.

How to get unique hardware/software signature from a windows pc in c/c++

I'm developing a small windows app using c++ and i would like to get some kind of fingerprint of the software/hardware on a pc so that i can allow the app to be run only on certain pc's.
I am aware that the app can be cracked but i'm really interested in implementing something like this.
Any ideas how could i achieve this?
It basically depends on how tight you want to couple your software to the underlying hardware. For example you could get some hardware information from the registry, read out the MAC address from the LAN card, retrieve the gfx manufacturer, the CPU id, etc. and hash all these data.
You could then use this hash as a challenge code which is sent to your company. The customer then receives the signed (with your private key) version of this hash.
Upon start up your application is able to check if the signature of the hash is good or bad (i.e. has been signed by your company).
This not only binds your software to a certain hardware configuration, but also forces the crackers to patch your application (because they would need to patch the public key from your executable and replace it in order to write a keygen). Many people consider twice installing a crack obtained from various sources in contrast to just entering a valid serial copied from a keygen.
Edit:
In order to check the signature of the hash, anything from RSA over DSA to ECC can be used. I can recommend Crypto++ or libTomCrypt for that.
There's no reliable way known to do this in a vanilla PC; people have been trying for years. The problem is that you might change any component at any time, including the CPU and the BIOS ROMs. The closest people have come is using a cryptographically protected "dongle" but that has proven both to be unsatisfactory in operation, and not very secure.
If you come up with something, patent it; it would be very valuable.
As the others have said there is nothing perfect for what you want. I made a half-hearted attempt for a similar issue and ended up with a mix of drive volume ID (not good because it can be reformatted) and the OS key (from windows).
In the end I didn't spend much time on it as if people really want to crack your software they'll probably be able to do it. I left the dinky licensing "protection", but it is pretty poor.
Spend the time/effort on making them want to buy it by making it outstanding.