Project Bismark
General Overview
Project Bismark is a collection of network analysis tools, designed for OpenWRT routers, which provide insight into low-level ISP operations.
Implementation overview
Router firmware. There's some C, and some python, perl, and bash scripts.
Version
0.1
Availability
Public, FLOSS
Openness
| Open Source or Free Software | Open Data | Open Methodologies |
|---|---|---|
| yes | yes | yes |
=== Is the data required for use public? ===
Yes.=== Is the data collected made public under a free license? ===
Yes.=== Is the data format that is used for publication easy to interact with? ===
Yes.Platform support
Project Bismark deploys tools for deployment on OpenWRT routers to monitor network statistics.
Intended impact
These tools were designed to increase awareness of ISP traffic manipulation, discrimination, and prioritization, and to give end-users tools which empower them to better understand their local networks.
Test methodology
Most of the actual testing code in Project Bismark comes from other related projects, such as D-ITG, netperf, iperf, DiffProbe, and ShaperProbe. Most of these tools use well-established and reviewed methodologies.
Reporting system
Does this tool offer an anonymous communications channel for submission?
The reporting system is non-anonymous, however, the user's privacy is clearly taken into account, and it is made quite clear that Project Bismark has the ability to tunnel into the router to run tests and collect results at any given time. It is also worth noting that user-generated traffic is never collected nor analysed during testing -- all traffic is resultant form either D-ITG (a traffic generation tool) or the test themselves.
==== If so, does it offer perspective pivoting? ====
Not applicable.
==== If so, does it offer dynamic confirmation of resources? ====
Not applicable.What impact or outcome is intended by using the tool or collecting data with this tool?
In addition to user's gaining a better understanding of their network, Project Bismark's tools offer packet-level insight into the the operations of various ISPs, which can be used to hold them accountable to the public.
Check list
| Open Source or Free Software | Open Data | Open Methodologies | Used by users | User education | Collects sensitive information |
|---|---|---|---|---|---|
| yes | somewhat | yes | yes | yes | yes/no...depends on your definition of sensitive![1] |
![1] Collects a database of APs and connected devices, which could count as sensitive information to some users.
Notes
bismark _server - management server _mserver - measurement server _ device - connected devices
server
scripts/
- bdm management script for server, include ssh tunnels and options, managing the device blacklist, opening a console on the server, and executing commands
- brsh restricted shell for uploading measurement results from /var/data and adding recovery tunnels though "$ bdm settunnel"
- clone_prod_db perl script...sigh mysqldumps to /var/tmp file
- csv_parser_airodump.py saves seen devices from and airodump .csv and stores in a mysqldb
- device_mon script which sends emails if a device hasn't sent a report recently
- events_parser.py parses mysqldb into a text file to be archived events include MEASUREMENTS TRACEROUTES TRACEROUTE_HOPS USERDEVICE WIFI_SCAN WIFI_ASSOC DHCP_LOGS ARP_LOGS EVENT_LOGS
- ...more boring parsing stuff
src/
- bdmd.c Bismark Device Manager Daemon waits for pings and messages containing information on devices, when recieved, writes to db
- udpproxy.c zomg it's in italian... "struttura per memorizzare la risoluzione del nome del server" well, now I now how to say "struct for pointers to the resolution of the server name" in Italian. that'll come in handy. multi-threaded multi-client UDP proxy server
mserver
-
Uses netperf for TCP/UDP benchmark testing http://www.netperf.org/svn/netperf2/trunk/
-
Uses iperf for measuring maximum TCP/UDP bandwidth benchmarks, delay jitter, and datagram loss http://sourceforge.net/projects/iperf/files/
-
Uses D-ITG to generate traffic http://www.grid.unina.it/software/ITG/
"D-ITG (Distributed Internet Traffic Generator) is a platform capable to produce traffic at packet level accurately replicating appropriate stochastic processes for both IDT (Inter Departure Time) and PS (Packet Size) random variables (exponential, uniform, cauchy, normal, pareto, ...). D-ITG supports both IPv4 and IPv6 traffic generation and it is capable to generate traffic at network, transport, and application layer."
-
measures RTT to Berkeley, Napoli, and GAtech and makes pretty graphs for uses to see: http://networkdashboard.org/device/
-
uses Diffprobe to detect ISP priority-based scheduling, discriminatory packet buffer management, and traffic rate limiting based on service http://www.cc.gatech.edu/~partha/diffprobe/
The same university and department released a similar tool, ShaperProbe, to detect traffic shaping. http://www.cc.gatech.edu/~partha/diffprobe/shaperprobe.html