Note: this program is in Beta version, I have been preoccupied lately, it may be several years before I decide to wrap up this program. Thanks.

Topsecret_Net (for Linux )

This is the home page mirror for the program "TOPSECRET_NET".

Down load the latest version (includes source code):
                               Down load Topsecret-Net (for Linux) v0.90 beta ; release04may01

This program is freely distributable and fully functional with no time limits;
Shareware registration is $10 for each client computer use.

---------------------------------------------------------------------------------------------------

What is Topsecret_Net ?
-----------------------
Topsecret_net is a network encryption program.
It allows you to transfer files across a lan or internet and
offers protection against electronic eavesdropping of data in transit.

If you are new to networks please see "New to networks?" section below.

Is it easy to eavesdrop on a network?
------------------------------------
The short answer is, yes.
-You can mechanically splice into a line somewhere in your building.
-You can remotely monitor electromagnetic signals.
-You can remotely monitor through software alone.

So in reality  passwords, fire walls and sensitive data
are very much at risk.

Will Topsecret_Net take care of ALL of my security needs?
------------------------------------------------------
No, you should never rely on a single program for all of your
security needs, especially if your data is highly sensitive.
But this program is a GREAT step in the right direction,
since the net is so vulnerable.

 It is also advisable to use encryption programs like "Topsecret"
(available on the net for Dos and Linux),  and others, so your data
can be scrambled with several algorithms even before it is scrambled
by Topsecret_Net.

Linux programs are ideal for security because both the operating
system and the program source codes are available for inspection.

How does Topsecret_Net secure data?
-----------------------------------
Each user maintains a three letter "xxx/" user directory and
a catalyst on both the  server and client machine.
( A catalyst is like a key.)
You have to have at least one catalyst in the user directory,
it must be identical in both the server and client machine.
Different sections of the catalyst are continuously changing for
each different file that is transported on the net.

 Even though the catalysts are continuously modified, depending
on your security needs, you should periodically replace them.
They should be fairly random and and their length should be,
your guess of the average length of the files transmitted.
Longer catalysts offer higher security for transmitting
large files, but will take a little more c.p.u. crunching time.

Usage topsnet (server)
----------------------
 The number of parameter inputs for the program may seem
intimidating at first, but once you understand the function
of each, and implement the proper directories and catalysts,
the program is fairly simple to use. The command line input
format is ideal for incorporating the client programs into
scripts.

Typical required ./topsnet server sub directories and data;

catalyst/xxx/data_catalyst_file
download/xxx/
upload/xxx/
 

Note: All of the following arguments are entered as a command
line with a single space between each parameter.

1)./topsnet
2) /root/topsnet/download/
3) /root/topsnet/upload/
4) /root/topsnet/catalyst/
5) password
6) 3

1) Starts server, and shows "topsnet accepting connections..."
  message when ready.

2) Download directory for server,
  Must start and end with "/".

3) Upload directory for server,
  Must start and end with "/".

4) Catalyst directory for server ,
  Must start and end with "/".

NOTE: All directories MUST have a three letter xxx/
sub directory for EACH (user id.,) on server storage device.

5) password, All clients must use this password. In addition
   to the catalyst the password is also used to encrypt data.

6) mode
mode-1-serve topsget
mode-2-serve topssend
mode-3-serve topsget and topssend

usage for topsget (client)
--------------------------

Typical required ./topsget client sub directories and data;

xxx/data_catalyst_file
upload/

Note: All of the following arguments are entered as a command
line input with a single space between each parameter.

1)./topsget
2) 192.168.1.2
3) remote_read_file
4) upload/local_write_file
5) xxx/data_catalyst_file
6) password
 

1) Starts topsget client.

  note: You must be start topsget from the root directory of xxx/
  on your client computer. That means that xxx/ must be
  a sub directory of your current directory.

2) I.P. address or domain name of server.

3) This is the name of the file on the server, located at e.g..;
  (topsnet/download/xxx/remote_read_file)

  do not put "/" in front or after parameter, in the middle is
  ok for multiple directory access within user id.

  xxx/ = user id. directory.

****************
If you ask for file "topsdir.txt",
you will get a directory listing for that directory.
****************

4) This is the file name you want to write locally.

5) This is the name of the catalyst to be used on server,
  located at e.g.,;
  (topsnet/catalyst/xxx/data_catalyst_file)

  do not put "/" in front or after parameter, in the middle is
  ok for multiple directory access within user id.

 Caution: The "Names" of the user (xxx), and data_catalyst_file
 are not encrypted. The server needs this information to
 find the key to use.

6) This is the password for server.
 

usage for topssend (client)
---------------------------

Typical required ./topssend client sub directories and data;

xxx/data_catalyst_file
download/

Note: All of the following arguments are entered as a command
line input with a single space between each parameter.

1)./topssend
2) 192.168.1.2
3) download/local_read_file
4) remote_write_file
5) xxx/data_catalyst_file
6) password
 

1) Starts topssend client.

  note: You must be start topssend from the root directory of xxx/
  on your client computer. That means that xxx/ must be a
  sub directory of your current directory.

2) I.P. address or domain name of server.

3) This is the local name of file to send.

4) This is the name you want to give on the server,
  file will go to dir. e.g..;
  (topsnet/upload/xxx/remote_write_file)

  do not put "/" in front or after parameter, in the middle is
  ok for multiple directory access within user id.

  xxx/ = user id. directory.

5) This is the name of the catalyst to be used on server,
   located at e.g.,;
   (topsnet/catalyst/xxx/data_catalyst_file)

  do not put "/" in front or after parameter, in the middle is
  ok for multiple directory access within user id.

 Caution: The "Names" of the user (xxx), and data_catalyst_file
 are not encrypted. The server needs this information to
 find the key to use.

6) This is the password for server.

Files created for use by program.
---------------------------------

-A scratch pad file with a "t" in front of the catalyst name.
 source code label = twodatacatalyst

-A lock flag file with "l" in front of the catalyst name.
 source code label = lkdatacatalyst

 The lock file TRIES to deny a second command from accessing the
same data catalyst while in use. But if the commands are only a
few mili seconds apart it may cause a lock up and possibly corrupt
the catalyst. Your script programs should wait until one transfer
is complete before ordering another, if they are using the SAME
data catalyst (on server and  client). If you see a lock file
and no transfer is associated with that catalyst, there
may have been a bad process where the transfer was not
completed. If you are sure all parameters are correct you
can try deleting the lock file for user id. catalyst on
 server and/or client, and retry the process.

 Another possible source of catalyst corruption is if your storage
media does not write or store the catalyst data accurately.

If those two possibilities can be ruled out,
then intentional corruption by someone is a possibility.

Requested files cannot start with a "#" because topssend uses this
as a flag. Files cannot have ".." or "//" for security reasons.
 

port number
-----------
The port numbers are set to 4333, if you require a different number,
you can go to the source code and change the port number and
recompile the program, using a command line like.

"gcc -o topsnet topsnet.c"

All three programs must have the same data.

topsnet.c
topsget.c
topssend.c

If you get a "no permission" to execute message,
you will need to enter;

   "chmod +x topsnet"
or "chomd +x ./topsnet"
 

New to Networks?
----------------
An excellent book for you is;
"The Linux Network" by Fred Butzen and Christopher Hilton.
ISBN 1-55828-589-X
53999

You can try this program even on one computer at home.
(e.g.. open two konsoles on KDE)

On one computer you can simulate a network by addressing 127.0.0.1
which is a "loop back" i.p. address.
If you enter;

ping 127.0.0.1

and if you see lines that look like this;

64 bytes from 127.0.0.1: icmp_seq=0 ttl=255 time=0.1 ms

your tcp/ip networking is working.

(Hit Control and C to stop.)

-------------

If your ethernet card did not get setup by the kernel you
may have to compile the current vendor source code to your version
to get a e.g.... "dmfe.o" file.
Then enter e.g..;

insmod dmfe.o
ifconfig eth0 192.168.1.1 netmask 255.255.255.0
ping 192.168.1.1

If you get a good ping response from your computer, and/ or
different computers on your net, you are in business!

There is a G.U.I. interface to this program named Topsecret_Ftp at ;http://www.sivakrishnaprogram.com
----------------------------------------------------------------------------------------------

security/ hints/ info/ author background
----------------------------

In the past Siva R. Krishna,

Wrote  "Shooting Gallery" for VIC-20
in Compute's book of VIC-20 games.

Has served 10 years active duty in U.S.A.F. working on
flight line electronics including the B1-B nuclear bomber,
held a P.R.P. clearance for nuclear alert pad,
holds an Avionic Systems degree from CCAF,
and a F.C.C. -G.R.L. rating with radar endorsement.

The author of this program has also written "Topsecret" an encryption
program for Dos and Linux. He came up with and implemented
cipher block chaining on his own,
but does not know if this was published by others
before the 94-95 time frame.
All encryption programs include source code
for your scrutiny.

(This program is a network program and does not use the same
algorithms that are used by the  encryption program "topsecret".
Therefore data encrypted by that program will not be decrypted
by this program.)

Also if you are picky about words the "catalysts" are
intentionally changed after the encryption "reaction"
and not during, so the definition holds true. :)

If you have obtained the executable program from questionable
sources, then it would be a good idea to compare program
by using the "cmp" command  with more reliable sources.
For example:
If "cmp /util/topnet.c /download/topsnet.c"
returns only a prompt and no errors,
then the compare operation was successful.

The encrypted data is the same size as the input data.
This means that there is less chance of compromising clues
being left in the data.

Since command line input script programs may contain sensitive
information, the scripts and the associated files/data should
not be compromised.
History files such as;

/root/.bas_history
/home/yourusername/.bash_history

may also store sensitive information. In this case one thing
you could you do is try is the  following commands
for EVERY session ;

myterm: HISTFILESIZE=1
myterm: HISTSIZE=1
myterm: set   ----(shows current values for bash variables)
 

The command line input is ideal for time critical operations when
used in conjunction with RAM drives and scripts for
real time network data encryption.

If sensitive data was written to a disk,
format the disk and overwrite the whole disk before disposal.
Ensure personnel have proper security clearance.
Have building and personnel checked for surveillance equipment.
 

"Established people and companies often make the worst mistakes."

"The business of security, is the business of paranoia."