-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathTODO.txt
200 lines (163 loc) · 6.95 KB
/
TODO.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
###########################
# add an "interface" between the .html map and IPRadar2
# in order to have a smooth update of infos on the browser
# e.g. INTERACTIVE MAP (as we did in old IPRadar):
# * select line and show infos (RX, TX bytes, timestampt)... Labels on the map
# * select host on GUI after selection on maps
# * set/unset BAD directly on browser or in the list (manually)
# * etc.
# Take a look here:
# https://github.com/python-visualization/folium/issues/906
# https://discuss.streamlit.io/t/streamlit-folium-update-more-dynamic-maps/35149
###########################
###########################
# adapt code to fulfill PEP 8 with 120 characters width
# autopep8 --in-place --recursive [path/to/directory]
# or
# autopep8 --in-place autopep8 --in-place --aggressive --aggressive --recursive [path/to/directory]
###########################
###########################
# add IPv6 support
# for now, to cover "all" network traffic you need to deactivate IPv6 on your network interface.
###########################
###########################
# correct BUG: sometimes connections or nodes are not shown on the map
###########################
###########################
# filter "Show selected countries", similar to "Show selected owners"
###########################
###########################
# IGNORE IPs in a predefined netmask
# e.g. to avoid processing specific subnetworks, when connected over SSH, which are otherwise considered to be global IPs (?)
###########################
###########################
# OFFLINE Mode: with local geoIP-DB and previously stored files with host information
###########################
###########################
# add a progress bar when opening files?...it may take some time until the tool reacts
###########################
###########################
# use rx_kB and tx_kB instead of rx and tx in nodes
# add defines for paths like IPRadar2/Output/
###########################
###########################
# peaks of MEMORY usage sometimes:
# e.g. when zomming in and out on a "live" map file!
# workaround for this case: copy .html file and open it separately
# is memory then "garbage-collected"?
# find out if we need to manually call gc and exactly when, or use another solution
# e.g. avoid using big lists or dicts, use __mutex consistently.
###########################
###########################
# implement kill beyond bandwidth
# see killSetting() in mainWindow.py
###########################
###########################
# implement MAX_RX_KILOBYTES, similar to MAX_TX_KILOBYTES
# RX on a remote host could mean that "we" are transmitting too much information to it
###########################
##################
# show current connections that are:
# waiting/listening also with a symbol on the side towards corresponding IP
##################
##################
# implement "distance rings" to make it look more like a radar console
##################
##################
# show TRACERT results on the map (as we did in the original IPRadar)
##################
##################
# show HEATMAP
##################
###########################
# if possible, reduce the size of the generated executable file
# e.g. last step: use of pyinstaller with a different/smaller virtual environment?
###########################
###########################
# remove WORKAROUND in processor.py:
# no GeodesicPolyLine() drawn when too short - currently solved with the WORKARDOUND to first check if we actually need geodesics or not
###########################
###########################
# use DbIpCity.get(self.public) to get own geolocation when settings MY_CITY, etc. in config.ini are empty
###########################
###########################
# search in IPs - or SORT - use Table
###########################
###########################
# use "".join([..]) instead of string concatenation with "+"
# check e.g. logging.debug(), logging.error()
# search for "+ str, + ", "+,..."
###########################
#########################################
# clean up code:
# check TODOs
# rename functions and variables
# remove trick to avoid "circular imports" ?
# remove obsolete code
# remove deprecated counters for failed-past, resol-past on GUI (hidden below):
# statusHostsRequested, statusHostsFailed, statusHostsFailedOld, statusHostsResolvedOld
# add further ToolTips
#########################################
#################
# check if we can use playsound() as root to play different sounds "at the same time"
# now we get the following error when trying to play the same sound from different threads simultaneously:
# AL lib: (EE) ALCplaybackAlsa_open: Could not open playback device 'default': Device or resource busy
#################
#################
# implement live capture on/off
#################
###########################
# when asking if we want to Kill, show also the affected process(es), ports, etc.
###########################
###########################
# USE_DOUBLE_BUFFER (queues A, B) based on a configuration option
###########################
###########################
# bocking rule of a RANGE of IPs, extracted from infos obtained with whois
###########################
###########################
# check against sanitized_ip:
# check/remove workaround in processor.py
###########################
###########################
# out to console & file "simultaneously"
# > pipe ? script ?
# fork stdout and stderr both to file and to shell ?
###########################
###########################
# replace lists with dicts
# to avoid for [] + for [] every time..
###########################
###########################
# set Labels for known IPs "manually"
# and then store in file
###########################
###########################
# when blocking consider also additional critria like time-window,
# network protocol, port number, etc.
###########################
###########################
# add-blocking-rule-to-firewall:
# not only adding rule when host resolved, but also later if re-enabled
###########################
###########################
# PORTS SCANNER e.g. on suspicious nodes
# what for? which ports? too mucho noise/visibility?
# or to show attacker that we've seen him...but a ping may be enough
###########################
########################
# killed-IPs get lost when reading log_DATE.pcapng alone...
# the information killed=True is in the corresponding report_DATE.txt, it can be parsed from there,
# or store these infos better somewhere else, e.g. in a killed.txt/npy file.
########################
##################
# add IPs detected with netstat which are NOT in node_dict...e.g. connections established "before" running IPRadar2
##################
##################
# integrate the tool with snort, suricata, ...but how exactly?
##################
##################
# load under "extreme conditions":
# some IPs are missed e.g. when doing a "speedtest" while opening other tabs on the browser
# -> too much traffic?...bottleneck in pyshark or in IPRadar2 ?
##################