Is there a way to gather network/internet traffic statistics?

The end result is that I need to create a random number generator using some network stats as a random seed, so I need to pull information that is highly variable. Could be packet data (maybe sequence numbers), or traffic data such as the inter-packet gap. Something that changes often.

This number would then be used as a seed for the random number generator.

Any suggestions would be appreciated.

Thanks.

Jason

You can use (win)pcap to gather network data... it's probably a bit over-kill for your solution though.

If you're doing this on Linux, why not make use of /dev/random?
On Windows, why not use 'CryptGenRandom()'?

If you somehow don't want this, I think easier randomness can be obtained from mouse position/time between keystrokes etc. I believe this is even what Linux does, but don't pin me down on that.

Ok, I'll admit, this is for a school project. One of the requirements is to retrieve "randomness from the Internet". Basically I need to use network/Internet related traffic to generate a random seed.

I don't even know where/how to begin...

Thanks.

Jason

There is a ton of randomness on the internet. You could ping some known website(s) and record to RTT with micro-second precision (which is what most ping programs will give you). That should be random enough for any purpose. Similarly, you can initiate a TCP dump and record the IP packet's ID field of the "first" incoming packet. On a *nix machine, all you need to do is do a few system calls to "ping" or "tcpdump", and parse the output string or file redirection. That should be simple enough to do.

First, I should have mentioned this in my original post, this needs to be compiled and executed on Linux.

That said, I don't think Ping or tcpdump will really work because both need root access to run properly.

Don't use the ping command.
Create a socket to a remote server. Write some data to the socket.Check how much time it takes for the server to respond.
The time difference can be your seed

abhimanipal,

Ok, so I've got a client program created to go out and create a socket. I tested it with a server listener on my local host.

Now my questions are:

1) What port should I try to create a connection to on the Internet?
2) How do I go about timing the response?

Thanks.

Timing can be done using gettimeofday .
If you want to connect to the outside network you need to provide an address to connect to (localhost is 127.0.0.1, you dont want that). I'd suggest trying to use a connection to google at port 80 to download the search page.

Google may not be so random, try facebook :) Yes the HTTP protocol uses port 80.

Randomness, in this case, comes from the transaction times not the page content.

If you are going to run this on linux only, I think that the following should do the trick quite well (it works on my computer at least):

#include <stdio.h>

int main() {
  FILE* f_in = popen("ping www.google.com -D -c 4 | grep mdev", "r");

  int rs1 = 0;
  int rs2 = 0;
  fscanf(f_in,"rtt min/avg/max/mdev = %d.%d",&rs1,&rs2);

  pclose(f_in);

  printf("obtained the following seed: %d.%d\n", rs1, rs2);

  return 0;
};

I ran the code you had provided and it gave an error

$ ./test
ping: invalid option -- 'D'
Usage: ping [-LRUbdfnqrvVaA] [-c count] [-i interval] [-w deadline]
[-p pattern] [-s packetsize] [-t ttl] [-I interface or address]
[-M mtu discovery hint] [-S sndbuf]
[ -T timestamp option ] [ -Q tos ] [hop1 ...] destination
obtained the following seed: 0.0
$

popen execute a command for you. You can run the command by hand to see what the output will be. So, you can copy and paste "ping [url]www.google.com[/url] -D -c 4 | grep mdev" to a terminal and play with it until you get the desired effect.

We are not sitting at your computer, you will have to experiment a bit if things dont work exactly.

Ok, so I think I've got the seed based on the response times from the socket.

Now I just found out that rand(), at least by itself isn't enough.

I'll post under a new topic.

Thank you all for your help.

This question has already been answered. Start a new discussion instead.