I have this project for my classes i'm currently workin' on. here it is:
WebPage client for Telnet not on standard ports, with ability to choose a port and connect
I have machines with telnet servers on them, just waiting for connection.
So my idea was to set up a nodeJS with express server on a dedicated machine. This would handle connections through telnet and host a page for clients, that would use socket.io to exchange information with server side.
But as i'm new to such technologies (telecommunications student) i wonder if it is possible. I spotted something like this - jsterm.com by Peter Nitsch, but i see there are some massive gaps in code and the demo does not really work so i don't know if it actually works. Did anyone try this?
My other problem is - when i send information to nodeJS server through websockets, which seems achievable for me, what do i do with this information? Do i just set up another websocket to pass the same data i got from client websocket directly to the telnet port?
Can sockets connect directly to specific port, without any websocket waiting on the other side?
If my idea is wrong, could anyone help me - maybe there exists some nice solution - i was thinking about Anyterm for example but i see that it requires an apache server and runs completely different technologies...
Just to be clear, WebSocket connections are not raw TCP socket connections. They have extra header information in each packet, browser to server data is masked using a running XOR, etc.
In order for the browser to communicate with a normal TCP server (e.g. a telnet server) you will need some sort of bridge service. It just so happens that such a thing already exists. websockify is a server that accepts WebSocket connections and bridges them to a raw TCP server.
In fact, the websockify project already includes a working telnet client as an example application. However, note that one limitation of websockify (for security reasons) is that the client cannot pick an arbitrary server address/port to connect to. The target address(es) must be predefined, either as a single target specified on the command line for websockify, or as multiple targets specified in a configuration file (and selected via a token in the WebSocket connect string).
There are multiple implementations of websockify in different languages (python, C, node, ruby, Clojure) however, only the python version currently supports multiple targets via a configuration file.
Disclaimer: I created websockify.
Related
I am using MySQL workbench on windows, which I want to connect to a Node-Red running on the IBM cloud. Since I don't run them on the same server the host 127.0.0.1 and port 3306 does not seem to work. What permissions should I give?
I'm going to make a LOT of assumptions here, because there really isn't enough information in your question.
First assumption, by "running on IBM" you mean that Node-RED is running on the IBM Cloud hosting service.
The short answer is you can not do what you want.
The longer version is that you probably could actually make this work but doing it is a REALLY bad idea.
Second assumption, you are doing this from home (even if you are doing it from a office location the same problems are likely to apply). This means you are connected to a local LAN using RFC 1918 address range (e.g. 192.168.0.x), this means you are behind a router that is performing NAT (Network Address Translation). This means you are going to need to set up portforwarding on the router so that when traffic arrives at the router it will send it on to your Windows machine. How you do this will depend on your router.
Next problem, your broadband probably doesn't have a static IP address which means it will change every time your connection drops. There are work arounds for this using things like Dynamic DNS. But that's too complicated to get into here.
Assuming you get all of that sorted out you still have the problem that you have now exposed your mysql database to the internet, so you need to make sure you have enabled all the right security measures to prevent people logging in and at best seeing all your data.
There are 2 much better solutions to this
Run Node-RED on the same machine or at least on the same local network as the database.
Use one of IBM Clouds hosted database solutions, these are a lot easier to connect to a IBM Cloud instance of Node-RED.
If you do not want to open ports to your network I recommend using a free MYSQL remote server
A simple website is https://remotemysql.com
Just take the screenshot of the credentials of your database after registration.
Keep in mind if your database is empty it will get deleted after some time.
I already have a server with port and want to write a web app to get the information form the port. Will this be possible with WebPorts?
The Client doesn't even need to talk back to the server, which is the whole point of websockets I would imagine, but since I already have the ports setup, I might be easier and cleaner to just connect and get the info without having to refresh.
WebSockets are not intended as clear TCP channels over which other existing protocols can be implemented.
WebSockets are designed to allow messages to be sent between a client and server, where an event is raised each time a message is received.
Hence a WebSocket client cannot simply connect to an existing TCP server - that server also has to speak the WebSocket protocol.
You could of course write a WebSocket-based server that does nothing but act as a proxy to existing network services.
I think you want websockify which is a WebSocket to plain TCP socket bridge/proxy. It also allows sending and receiving of binary data with the older version of the WebSocket protocol which hadn't yet added direct binary data support.
Disclaimer: I created websockify.
I have a testapp consisting of an HTML5/WebSocket client and an HTTP/WS server. Both servers are in C#; the HTTP server is my own simple thing and the WS server is also homebrew based on concepts from http://nugget.codeplex.com/. HTTP server is listening on 0.0.0.0:5959 and WS server on 0.0.0.0:5960 (accept connections from any client, but on different ports).
My index.html includes some JavaScript that opens a WebSocket to 'ws://'+document.location.hostname+':5960/' (that is, to the same IP address that the webpage came from, but on port 5960). The WS server sends sample data every 100ms. All in all, it's a pretty straightforward demo.
I'm using Chrome 12.0 on Windows7.
I've found that the HTTP server works from any client, either a browser on my machine pointed to 127.0.0.1:5959 or localhost:5959, AND it works when any machine (mine or a remote machine... "remote" being a different PC on my desk :) hits my server machine's work-internal 10-net address 10.122.0.159:5959. Everything works as expected in HTTP land.
However, the WebSocket only works on 127.0.0.1 and localhost; remote machines can successfully fetch HTML from 10.122.0.159:5959 but the WebSocket will NOT connect to 10.122.0.159:5960. In fact, when I point my local browser to it's own 10-net address (10.122.0.159:5959) I get the same result - HTML loads but WebSocket does not connect.
Any ideas as to why this might be happening?
Does CORS require that the WS be using the same port as the HTTP request originated from? If so, is there a special exception to the rule for 127.0.0.1?
Many thanks,
-Dave
Update
It seems to be caused by a proxy server blocking ws:// requests. Our company employs a proxy server for content filtering and all the usual stuff, and our browsers are configured to use it.Chrome uses IE's proxy settings, and IE's default settings are for localhost to not use a proxy server. When I check the box to have local connections also use the proxy server, my ws:// requests to localhost get blocked. Conversely, when I uncheck the "use proxy server" box my server does rx the WS request. Similarly with the remote machine, if I turn off the proxy on the remote machine my server does rx the ws:// request.
So it's a proxy thing, not a CORS or socket thing, and now I'm off to explore proxy settings with our IT folks.
There is no WebSocket limitation on cross-origin except what is governed by the CORS security in the handshake.
It sounds like something is wrong with your WebSocket server and it is only listening on localhost for connections. I would add some debug output to the OnClientConnect routine in Nugget (WebSocketServer.cs) so you can see when socket connections happen. If you really think it isn't a problem with the server then I would suggest using wireshark and comparing the localhost connection to the remote connection.
Also, if you are using the SilverLight WebSocket prototype (README) in IE 9, then you are restricted to ports 4502-4534 for WebSocket connections. It's possible that for localhost this restriction is lifted.
It is/was indeed a proxy thing.
Rather than asking our IT folks to make changes (good luck with that, eh?) I simply turned off proxy for 10.122.0.159 ([Howto for IE/Chrome][1]). I briefly experimented with turning it off for the ws:// protocol but couldn't get it to work, so for now just opening that one IP address does the trick.
Since our shared hosting server doesn't allow us to setup Tomcat I decided to install it on our local machine. The local Tomcat server allows us to listen to a certain port for Bancnet transactions which will then be processed and written to the remote site.
Question:
Is it safe for me to set the local PHP application to connect directly to the remote mySQL server? Any suggestions on how to make the connection secure. BTW, I have a self-signed certificate installed in the localhost but not sure how this applies to remote mySQL connection.
You could create a ssh tunnel between MySQL server and client. For more resiliency, use autossh.
If you don't connect over SSL or some other encrypted tunnel, I would absolutely assume that anything you send or receive from MySQL is done so in clear text that can be intercepted and used for malicious purposes from any link along the way. This might be fine for testing purposes with dummy data, but before you put this in production use or pull down live user data for testing, you really should either make arrangements for the data to be stored local to the web app or for there to be an encrypted connection.
Giving you a full overview of how to set up SSL connections to MySQL is beyond the scope of Stack Overflow and it's a bit complicated, but if you want to proceed, check out the documentation and do some research, there are some good informational resources out there.
I'm a bit confused as to the architecture you are trying to describe. What's running where?
If you can't install Tomcat then you probably won't be able to install anything like VPN software on the box.
MySQL can encrypt using SSL provided it has been enabled at compile time and at run time.
Alternatively, it should be fairly trivial to build a webservices tier on top of the remote database.
I would recommend switching to a VPS or managed host though.
Currently the major means of connecting Flash AS2/AS3 to a MySQL database are:
Flash > PHP > MySQL -- "secure code" in PHP Scripts
Flash Asql or Assql > MySQL -- "secure code" in MySQL Stored Procedures
The second approach is newer, but directly connects to a MySQL DB using binary sockets and ByteArrays.
In which case would the "secure code" be less accessible and therefore more secure?
I'm assuming stored procedures cannot be accessed via FTP so that might be harder to break into?
Stored procedures can only be accessed by someone with the correct database credentials so they will be secure assuming no one cracks your Data Base password. You know it might actually be that the PHP code is more secure as you can hold the Data Base password on the server instead of in the host app.
I suppose you can always decompile flash and try to locate the password in the host app because with asql the password will be stored in the host app, instead of on the server hidden behind PHP
I'm not sure asql would work for users behind the proxy, so I wouldn't use it for website. Approach with PHP in the middle seems to be better and you can (and should) model api for your application that is different from your DB structure.
It appears that both assql and binary sockets are synchronous links that use a socket connection to the database. Which might be great for an AIR application, but for a browser app might be highly problematical. Is this for sure what you want? Your question about access through stored procedures gives me the idea you aren't too sure about this stuff.
In fact, using PHP properly will likely be easier for building a solid abstraction and security indirection barrier between your app (and its host) and the database.
EDIT:
Web clients and servers use the http protocol to communicate. This is called a "stateless" and "connectionless" (which is only kinda true) protocol because the connection between the two only lasts as long as it takes for the client to request everything and the server to send back everything. The obvious benefit is that the server only knows about each client for a very brief period of time.
A socket (in the sense these two protocols use one) is a permanently established connection between the client and server that persists until one end or the other closes it (connection-based); and both sides know the state of the connection (open or closed). So they tie up a lot of host resources per client for a long time, and things get wacky when the connection breaks. Big difference, and it can't be run through the ports supporting web pages - another port needs to be provided (sometimes two) on the host and the client to support the socket.