So you basically have some apps running in the background (or foreground) that are making those connections.
But what is X11? Is that like Wayland? ;-)
Others have mentioned it was a directory, but it sent me off on a nostalgia trip, so here is an "obituary" of sorts, that is itself getting rather old:
https://jeffcovey.net/2014/06/19/freshmeat-net-1997-2014/
And here's the HN discussion from back then:
https://news.ycombinator.com/item?id=7925135
(including a couple of my own comments, which aren't all that intersting)
And the wikipedia entry:
https://en.wikipedia.org/wiki/Freecode
None of these really convey the cultural importance of Freshmeat to the opensource community at the time, though. For a while, Slashdot + Freshmeat were among the two first sites almost everyone I knew and worked with would open in the morning.
Imagine if GitHub release authors publicized releases in a timeline view.
v.0.1 of this or v3.0 of that had the same exposure.
One site. Daily fix.
Network monitoring/visualization widgets that sit on your WindowMaker dock or similar was a common theme.
So that is sort of the reference being made here
The database is embedded in the program. Specifically, it is this file:
https://github.com/h2337/connmap/blob/master/connmap/resourc...
Presumably generated by the author with this Python script
https://github.com/h2337/connmap/blob/master/tools/get-ip-da...
Which has now become some kind of meta-ironic fashion statement. It's 2025's going to the coffee shop with a typewriter.
Then you can import it under geo/viking port:
doas pkg_add viking
/usr/local/share/markers/OpenBSD.geojson void refreshConnections() {
ssOutput =
popen("ss -atun4 | grep ESTAB | awk '{print $6}' | cut -f1 -d\":\"", "r");
if (ssOutput == NULL) {
printf("Failed to run ss command\n");
exit(1);
}
}
https://help.obdev.at/littlesnitch6/lsm-map
Main difference would be that LS being actively handling connections the list is always accurate whereas this appears to poll current connections using `ss` so it may miss some if they happen to be entirely between two refresh beats.
Another idea. Would it be possible to make the dots fade out, a little like in https://www.lightningmaps.org, so I could see some of the older traffic points as well?
in ~/.config/sway/config:
for_window [class="connmap"] fullscreen enable
location_x 20
location_y 500
map_width 1920
black false
update_interval 1
"custom/wg":{
"format": "wg {icon} {text}",
"exec": "~/.config/waybar/modules/wg",
"return-type": "json",
"interval": 5,
"format-icons": ["",""],
"on-click-right": "~/bin/connmap"
},http://superkuh.com/connmap-perl-gtk2.pl.txt + http://tuvixdiedforoursins.org/w1000-old.png (baked black background map)
It looks pretty similar: http://tuvixdiedforoursins.org/connmap-perl-gtk2-screenshot.... vs http://tuvixdiedforoursins.org/connmap-original-screenshot.j...
wslh•6mo ago
char mapFilename[256]; strcat(strcpy(mapFilename, getenv("HOME")), RESOURCES); strcat(mapFilename, mapName);
h2337•6mo ago
floating-io•6mo ago
That's just off the top of my head; I've not written in C in a while.
h2337•6mo ago
floating-io•6mo ago
As to what could be accomplished with an overflow? I don't know; I'm not in security, and I don't sit around thinking of possible uses for various bugs when it comes to compromising systems.
Perhaps the most important thing to realize, though, is that you're distributing software publicly. Your security situation may not be the same as your user's security situation. Assumptions should not be made.
Something to keep in mind.
h2337•6mo ago
floating-io•6mo ago
db48x•6mo ago
floating-io•6mo ago
It does exit on MacOS and Linux, at the very least.
db48x•6mo ago
But my man pages say that they exist on BSD in addition to GNU, so that’s pretty good these days. I say go for it.
sedatk•6mo ago
An unprivileged app could run your app (say, with more privileges), with a very long `HOME` environment path, causing a buffer overflow, and potentially exploit it to use your app's privileges to do more stuff than it was supposed to.
Basically, you should never use strcpy and strcat and but use the secure alternatives like strcpy_s and strcat_s, even when you know the source buffer would never exceed the destination size.
h2337•6mo ago
Isn't it a moot point if unprivileged app can already run anything with more privileges? In normal operation, connmap requires no special privileges.
sedatk•6mo ago
You can dismiss that possibility of course. But, as a general habit, it's best to use secure alternatives instead of mulling over probabilities every other line.
As a positive side-effect, the change would make your app not crash on systems with long HOME env paths.:)
jfyi•6mo ago
Say the program was installed and set so the user didn't have privs to modify the executable (so an attacker couldn't just change it to do what they want).
A buffer overflow could allow an attacker to gain control flow of the program and feed bogus data to the user allowing them to scrub their presence from the map.
Also, awesome project!
DonHopkins•6mo ago
h2337•6mo ago
josephcsible•6mo ago
im3w1l•6mo ago
sedatk•6mo ago
Not unless they have another path for privilege escalation.