...making Linux just a little more fun!
Amit Kumar Saha [amitsaha.in at gmail.com]
Hi list Any insights into how i can go about designing a SMTP protocol monkey or any protocol monkey for that matter.
What exactly does RFC 2975 (The Infinite Monkey Protocol Suite (IMPS) mean? Any simple *plain text* explanation?
Martin J Hooper [martinjh at blueyonder.co.uk]
Amit Kumar Saha wrote:
> Hi list > Any insights into how i can go about designing a SMTP protocol monkey > or any protocol monkey for that matter. > > What exactly does RFC 2975 (The Infinite Monkey Protocol Suite (IMPS) > mean? Any simple *plain text* explanation?
No idea but is it along the same lines as the RFC for TCP/IP over avian carriers is it?
Lew Pitcher [lpitcher at sympatico.ca]
Amit Kumar Saha wrote:
> Hi list > Any insights into how i can go about designing a SMTP protocol monkey > or any protocol monkey for that matter.
Sorry, but I don't know. This is the first time in my 30+ years in IT that I've ever heard of the term "protocol monkey". It is certainly not something in the mainstream, although it /might/ be an up-and-coming technology for all I know.
> What exactly does RFC 2975 (The Infinite Monkey Protocol Suite (IMPS) > mean? Any simple *plain text* explanation?
It probably means that you've been had. RFC2975 is "Introduction to Accounting Management" (see ftp://ftp.rfc-editor.org/in-notes/rfc2975.txt), not "Infinite Monkey Protocol Suite".
Otoh, RFC2795 is "Infinite Monkey Protocol Suite", written by S. Christey of MonkeySeeDoo Inc, on April 1, 2000 (see ftp://ftp.rfc-editor.org/in-notes/rfc2795.txt). The date and author indicates that you have been the unwitting butt of a late April Fools joke.
HTH
-- Lew
Kapil Hari Paranjape [kapil at imsc.res.in]
On Mon, 05 Mar 2007, Martin J Hooper wrote:
> Amit Kumar Saha wrote: > > What exactly does RFC 2975 (The Infinite Monkey Protocol Suite (IMPS) > > mean? Any simple *plain text* explanation? > > No idea but is it along the same lines as the RFC for TCP/IP over avian > carriers is it?
Good one.
Regarding the original query. I don't think RFC 2975 is about monkeys or flying monkeys even in Oz.
Perhaps what is meant by a protocol monkey is an algorithm that has a way of intervening in a network protocol without the two endpoints noticing. The reference is to the Panchatantra story about the monkey and the two cats.
That's enough animal references for now.
Regards,
Kapil. --
Amit Kumar Saha [amitsaha.in at gmail.com]
> Perhaps what is meant by a protocol monkey is an algorithm that has a > way of intervening in a network protocol without the two endpoints > noticing. The reference is to the Panchatantra story about the monkey > and the two cats.
How can we design one?
Amit Kumar Saha [amitsaha.in at gmail.com]
> Sorry, but I don't know. This is the first time in my 30+ years in IT that > I've ever heard of the term "protocol monkey". It is certainly not something > in the mainstream, although it /might/ be an up-and-coming technology for > all I know.
Its a project suggested by a Prof in Southern Illinois Univ
Kapil Hari Paranjape [kapil at imsc.res.in]
On Mon, 05 Mar 2007, Amit Kumar Saha wrote:
> > Perhaps what is meant by a protocol monkey is an algorithm that has a > > way of intervening in a network protocol without the two endpoints > > noticing. The reference is to the Panchatantra story about the monkey > > and the two cats. > > How can we design one?
Depends on the protocol. Here is how the one for SSH works.
1. Client tries to connect to the server. The monkey intercepts and relays.
2. The server sends its host key. The monkey intercepts and sents its own host key instead.
3. The user gets asked by the client "Are you sure this is the right key?" and a not-so-careful one accepts the monkey's host key in place of the server's host key.
4. From this point on all conversation between the client and host passes through the monkey who decrypts/modifies every bit.[*]
Of course, for the monkey to work it needs to ensure that all network traffic between the client and server passes through it.
Regards,
Kapil.
[*] In case the user/server are using password-based authentication. When key-based logins are used the monkey can do much less.
--
Amit Kumar Saha [amitsaha.in at gmail.com]
> Of course, for the monkey to work it needs to ensure that all > network traffic between the client and server passes through it. > >This means that the monkey sits on a device between the client & the server such that all traffic pass through it and thus giving it the ability to change / intercept the data.
What are the possible devices on which a monkey can be set up?
Kapil Hari Paranjape [kapil at imsc.res.in]
Hello,
On Tue, 06 Mar 2007, Amit Kumar Saha wrote:
> This means that the monkey sits on a device between the client & the > server such that all traffic pass through it and thus giving it the > ability to change / intercept the data. > > What are the possible devices on which a monkey can be set up?
Can't say. A router/bridge/gateway.
Note that the monkey might not be one but a tribe(!). One monkey actually sits on the device relaying data to/from a smarter monkey (GNU/Linux box of course!) which does the actual mangling of the protocol.
Usually, for a (network) protocol to be considered insecure it is enough to describe the monkey algorithmically so I haven't actually coded one. Have a look at "dsniff" for a real Monkey program.
Regards,
Kapil. --
Lew Pitcher [lpitcher at sympatico.ca]
Amit Kumar Saha wrote:
>> Sorry, but I don't know. This is the first time in my 30+ years in IT that >> I've ever heard of the term "protocol monkey". It is certainly not something >> in the mainstream, although it /might/ be an up-and-coming technology for >> all I know. > > Its a project suggested by a Prof in Southern Illinois Univ
Well, I can think of two courses of action:
1) Go talk to the prof and ask for some clarification. The RFC you pointed out was meant to be a joke; if the prof has some serious purpose for this project, perhaps he can shed some light on the meaning /to your project/ of the joke RFC.
2) A non-frivolous interpretation of the "IMPS" RFC suggests that a program (or suite of programs) could exercise any given protocol by throwing random data at it. The more randomness and the more data generated, the likelier that acceptable traffic for that protocol would be generated. This could be one way to test the robustness of a protocol (albeit, a very expensive and time consuming way). Again, the prof should be able to shed some light on it.
In any case, your "protocol monkey" isn't accepted practice. Either your prof is trying to get you to think, or he's playing a joke on you.
HTH
-- Lew
Amit Kumar Saha [amitsaha.in at gmail.com]
Hi kapil
Can't say. A router/bridge/gateway.
> > Note that the monkey might not be one but a tribe(!). One monkey > actually sits on the device relaying data to/from a smarter monkey > (GNU/Linux box of course!) which does the actual mangling of the > protocol. > > Usually, for a (network) protocol to be considered insecure it is > enough to describe the monkey algorithmically so I haven't actually > coded one. Have a look at "dsniff" for a real Monkey program.
Thanks for the info Will try out "dsniff"
Ben Okopnik [ben at linuxgazette.net]
On Mon, Mar 05, 2007 at 10:09:57AM -0800, Kapil Hari Paranjape wrote:
> On Mon, 05 Mar 2007, Martin J Hooper wrote: > > Amit Kumar Saha wrote: > > > What exactly does RFC 2975 (The Infinite Monkey Protocol Suite (IMPS) > > > mean? Any simple *plain text* explanation? > > > > No idea but is it along the same lines as the RFC for TCP/IP over avian > > carriers is it? > > Good one. > > Regarding the original query. I don't think RFC 2975 is about > monkeys or flying monkeys even in Oz. > > Perhaps what is meant by a protocol monkey is an algorithm that has a > way of intervening in a network protocol without the two endpoints > noticing. The reference is to the Panchatantra story about the monkey > and the two cats. > > That's enough animal references for now.
Oh, what a tease! 
Kapil, I've looked around on the Web, and the best I could find was 'http://www.panchatantra.chourishi.in/' - and even there, no mention of a monkey and two cats. Would you happen to have a better pointer?
Incidentally, the Panchatantra stories reminded me very strongly of the tales of Krylov (who had clearly cribbed his plots from Aesop, but wrapped them in beautiful, poetic Russian.)
http://www.kirjasto.sci.fi/krylov.htm
-- * Ben Okopnik * Editor-in-Chief, Linux Gazette * http://LinuxGazette.NET *
Kapil Hari Paranjape [kapil at imsc.res.in]
On Tue, 06 Mar 2007, Ben Okopnik wrote:
> On Mon, Mar 05, 2007 at 10:09:57AM -0800, Kapil Hari Paranjape wrote: > > Perhaps what is meant by a protocol monkey is an algorithm that has a > > way of intervening in a network protocol without the two endpoints > > noticing. The reference is to the Panchatantra story about the monkey > > and the two cats. > > > > That's enough animal references for now. > > Oh, what a tease!
Sorry, it wasn't meant to be be! I am also not sure that this is actually the monkey whose tail (oops) tale inspired the phrase "monkey-in-the-middle". I amy also be wrong about this being Panchatantra---that is the generic title I give to stories I was told when I was a kid.
> Kapil, I've looked around on the Web, and the best I could find was > 'http://www.panchatantra.chourishi.in/' - and even there, no mention of > a monkey and two cats. Would you happen to have a better pointer?
In brief. Two cats get a piece of cake and want to share it. The monkey says it will help as it has a scale/balance. The monkey divides the cake in two and puts a piece on each side of the balance. Each time it bites of the heavier piece "just a bit" to make it smaller. At the end of the tale we have a contented monkey and two hungry cats.
> Incidentally, the Panchatantra stories reminded me very strongly of the > tales of Krylov (who had clearly cribbed his plots from Aesop, but > wrapped them in beautiful, poetic Russian.)
Yes the plots are quite similar to tales elsewhere. The great art is in the story-telling---a performing art that died somewhat after the printing press.
Regards,
Kapil. --
Amit Kumar Saha [amitsaha.in at gmail.com]
Hi kapil
Any pointers to how i can go about designing a SMTP monkey on a single machine?
Predrag Ivanovic [predivan at ptt.yu]
On Mon, 05 Mar 2007 13:44:10 -0500 Lew Pitcher wrote:
> 2) A non-frivolous interpretation of the "IMPS" RFC suggests that a program > (or suite of programs) could exercise any given protocol by throwing random > data at it. The more randomness and the more data generated, the likelier > that acceptable traffic for that protocol would be generated. This could be > one way to test the robustness of a protocol (albeit, a very expensive and > time consuming way). Again, the prof should be able to shed some light on it.
This sounds like fuzzing to me?
Ben Okopnik [ben at linuxgazette.net]
On Mon, Mar 05, 2007 at 10:38:14AM -0800, Kapil Hari Paranjape wrote:
> On Mon, 05 Mar 2007, Amit Kumar Saha wrote: > > > Perhaps what is meant by a protocol monkey is an algorithm that has a > > > way of intervening in a network protocol without the two endpoints > > > noticing. The reference is to the Panchatantra story about the monkey > > > and the two cats. > > > > How can we design one? > > Depends on the protocol. Here is how the one for SSH works. > > 1. Client tries to connect to the server. The monkey intercepts and > relays. > > 2. The server sends its host key. The monkey intercepts and sents its > own host key instead. > > 3. The user gets asked by the client "Are you sure this is the right > key?" and a not-so-careful one accepts the monkey's host key in place > of the server's host key. > > 4. From this point on all conversation between the client and host > passes through the monkey who decrypts/modifies every bit.[*] > > Of course, for the monkey to work it needs to ensure that all > network traffic between the client and server passes through it.
For more about this "monkey", as well as getting it off your back and monkey-attack prevention, google for "MITM" or "Man In The Middle Attack" - where you'll find out all about the lives of Alice, Bob, and Carl (or Carol, or Cathy - or even Mallory. Who says geeks aren't imaginative?)
Also, do note that the author of 'dsniff' "lives" at 'http://www.monkey.org/~dugsong/dsniff'. I wonder if that could be the source of the original "monkey" comment by the professor?
-- * Ben Okopnik * Editor-in-Chief, Linux Gazette * http://LinuxGazette.NET *
Ben Okopnik [ben at linuxgazette.net]
On Tue, Mar 06, 2007 at 10:01:17PM -0800, Kapil Hari Paranjape wrote:
> On Tue, 06 Mar 2007, Ben Okopnik wrote: > > On Mon, Mar 05, 2007 at 10:09:57AM -0800, Kapil Hari Paranjape wrote: > > > Perhaps what is meant by a protocol monkey is an algorithm that has a > > > way of intervening in a network protocol without the two endpoints > > > noticing. The reference is to the Panchatantra story about the monkey > > > and the two cats. > > > > > > That's enough animal references for now. > > > > Oh, what a tease!
Ah, Krylov's fox and two crows - although the fox does a visual comparison rather than using scales. Wonderful!
> > Incidentally, the Panchatantra stories reminded me very strongly of the > > tales of Krylov (who had clearly cribbed his plots from Aesop, but > > wrapped them in beautiful, poetic Russian.) > > Yes the plots are quite similar to tales elsewhere. The great art is > in the story-telling---a performing art that died somewhat after the > printing press.
McLuhan's "Understanding Media" mentions exactly that as an example of the things that we lose as we gain new technology. That's one that I definitely miss. On the other hand, there are now people who make a living at story-telling; I was lucky enough to hear one of them, Mark Lewis, after hours at Renaissance Fair (I was working the Fair myself); an amazing experience. He's not the only one, either. As long as appreciation for these arts exists, there will be people who are drawn to it as performers.
http://www.laughingmooninc.com/bio.htm
-- * Ben Okopnik * Editor-in-Chief, Linux Gazette * http://LinuxGazette.NET *