Previous posts of this article series.
1. Developing A Network Monitoring Tool Using CISCO NetFlow : Part 1
2. Developing A Network Monitoring Tool Using CISCO NetFlow: 2 – Analysis and Design
3. Developing A Network Monitoring Tool Using CISCO NetFlow: 3 – Implementation 1
4. Developing A Network Monitoring Tool Using CISCO NetFlow: 4 – Implementation 2
Implementation of The Remote Logging and Administration System
When the user enters an IP address of the local network, the tool checks whether the host is up or not using ICMP echo request. If it is reachable, the tool opens a TCP socket connection to the client and send a message to open a new TCP connection to the server. The new TCP connection is used to get access for remote logging system.
The client captures the screen for every 50 milliseconds and sends it to the server to display the client screen, through an opened TCP socket connection. Increasing the time period will reduce the bandwidth usage, but the quality of service remote desktop view may low.
Controlling the mouse and the keyboard of the client was a real challenge. The author chose a number of mouse and keyboard actions. Numbers and related action combinations as follows.
- 1 for mouse press
- 2 for mouse release
- 3 for a keypress
- 4 for a key release
- 5 for mouse movement
Mouse movements use X and Y coordinate to relocate mouse pointer. When the user from the server-side does actions as mentioned above, the tool will send related values to the client and adjust the mouse or keyboard of the client accordingly using the Java Robot class. For example, if the user moves mouse for (50, 40) location, the tool sends values of 5 (for mouse movement action) 50 (for the X-axis) and 40 (for the Y-axis) to the client.
Problems, limitations and Solutions
When the author coding this increment, the major problem was to handle the mouse and the keyboard remotely. The solution was to use methods of Java Robot class such as mousePress, mouseMove, mouseRelease, keyPress, keyRelease etc.
Possible Future Developments
This increment was completed as in the project proposal, in a given time period. But using more time period, following future increments can be done.
- Remote Alerting System
- If there is any prohibited activity doing on the remote client, the server user/system admin can warn the user by sending the alert messages. Because this tool can use to see remote desktop and monitoring processes are doing in the meantime. This development can be done easily. Because there is already established TCP socket connection to the client, the tool can send alert messages using the same connection.
- Chatting system
- The process of the coating system is also achieved the same as above.