Details are included in the preliminary document. In short, we would like someone to create a prototype using one of several cheap microdevices (listed in document) that can be attached in-line to an existing device with an Ethernet connection and "share" the connection as well as secure (and re-route) specific types of communications. There are good reasons why a micro-VPN is not what we would like and this is NOT for a man-in-the-middle attack (otherwise, we'd just purchase a bunch of packet-squirrels), this, as explained in the document and which I am happy to explain further, so that we can secure legacy devices which for a number of reasons we cannot update and for which VPN appliances are impractical and/or not desired.
NOTE: If you are able to meet most or all of the functional requirements by simply setting up bridge and/or tunnel interfaces and setting up the appropriate ebtables or iptables rules (which should be possible), we would still like s prototype which can reasonably be configured, preferably by a program (c, c++, Python, etc.) and not a series of bash scripts.
Language is not important, but the ability to understand Ethernet transport layer and TCP/IP and UDP is.
Part one is JUST the portion that allows for sharing the Ethernet connection (IP address and MAC) of the attached device. If I can connect the SECBOX to DEV and NET, have it behave as a transparent bridge except for the communications with specific interface:source:dest combinations and if I can have a process on SECBOX send and receive communication to and from those special addresses using the MAC and IP of the DEV. That's all for part one.
I think that this can mostly be done by setting up a bridge, possibly a tun device (depending on how you want to do it, I don't really care), some ebtables/iptables rules and some routing rules.
Delivery is just what is needed to set this up on any Linux device (not just OpenWRT, of pfSense, for example) and something that shows we can send and receive to special addresses without those packets/frames getting to DEV.
Bonus: Show that SECBOX can make a DNS request without making it impossible for DEV to make a DNS request.
I have a few working prototypes:
One in pure c
One in pure python
One using python to configure iptables/ebtables with bridge/tunnel setup
The pure python/c ones worked well and did almost everything, but outside of kernel space, so they drop/miss packets and can't do the kernel based routing.
The ebtables/iptables version is not working any more and I don't want to debug / figure this out.
Parts TWO and THREE are the more involved implementations with the mini-firewall setup, and reconfiguration [login to view URL] then NAT puch-through and rendezvous capabilities both of which are further down the road. After having some back and forth with some colleague and my adviser on Freelancer, I think I need to write them (parts two and three) out as separate bids. I may even be posting them as time and material.
NOTE: The intention is to eventually take this to a custom SOC implementation with the "link sharing" portion being FPGA programmed in and the rest (SPROC(s) in the doc) running on an ARM with a mcro linux kernel.
origintal: oldbox-----Internet new: oldbox---SECBOX---internet I can develop this in my office I have a free linux server with multiple nics to use for development (dellrc200) to use as SECBOX-DEV . I will us Mai multe
10 freelanceri licitează în medie 1547$ pentru acest proiect
Hi, I am an Electronics and computer science engineer, I have experience working with various prototyping boards, Raspberry Pi, Arduino, mbed (ARM proto board)... as well as developing custom PCBs, you can find some Mai multe
Dear sir, I am Tuan Tran in Vietnam, I have 12 year in Software Industry . I have experience in PHP (laravel, ci, yii ..)) , nodejs, angularjs, react (js and native), J2EE,and mobile applications. (android and iOS) Mai multe
Hi there, I have checked the details I have great experience with Computer Security, Linux, Network Administration, Python. Please start the chat so we can discuss this job more in detail. Thanks
Hello! I am very interested in your post project. i have rich experience on it. I think this project is very suitable for me and i am sure i can give you good result . I can help you if you'd like looking forwar Mai multe
hello,how are you. i read your bid carefully. i am c/c++, python expert and have full experience for 10 years. c/c++, python is my top skill and i can convert from python to c language with your compresssion algorith Mai multe
hello,how are you. i read your bid carefully. i am c/c++, ethernet app expert and have full experience for 10 years. c++ language is my top skill. i can provide most quality and high speed. if you want to success, Mai multe
Hi my name is DongJun. I am an experienced web developer. I have read the project requirements and I am very interested in your project. I can start work right now. I will make your website look very nice, modern and Mai multe
Hello, I am quite intrigued by your project posting and would like to be a part of this. Do let me know what are the next steps to get ourselves considered for the project. Looking forward to hearing from you so Mai multe
Hi As I see your application you need a small secure bridge working on those secureboxes which are attached for device and internet and which have firewall to ensure security. I advice you to use Nexx as it sup Mai multe