| Step 1 — study popular protocols to understand how client/server interactions typically work. Step 2 — deploy the network appliance in question to your LAN and intercept its packets with wireshark. Step 3 — begin inference of protocol from observed behavior and test hypothesis by sending hand-crafted payloads to the server in question. Step 4 — rinse and repeat until assumptions are proven to be correct with a high degree of reliability. A good way to ensure you’ve captured the major parts of the protocol is to record about 72 hours of traffic and then replay it through a proxy that directs traffic to your newly created service. If you can interpret the vast majority of the messages without error, you’re getting close to a reliable implementation. Step 5 — use this strategy to develop a deep understanding of both protocols in question. Step 6 — write an “adapter” that can translate protocol A to protocol B and vice versa. Step 7 — implement the adapter towards whatever use case you have in mind. |
Curious about common tactics people use for avoiding the ban-hammer from the company at this stage. Surely they can tell the difference between normal operations and this kind of hand crafted probing?