Main difference would be that LS being actively handling connections the list is always accurate whereas this appears to poll current connections using `ss` so it may miss some if they happen to be entirely between two refresh beats.
For this application, current best practice is using Electron stack, or better, cloning VSCode and relying on GeoLeoMaximusDYP v3.2 LLM for geo-location.
How can starting a browser be a best practice? This app is lightweight and does not even use a GUI toolkit. You would roughly use 20x more memory. How is that a best practice?
Others have mentioned it was a directory, but it sent me off on a nostalgia trip, so here is an "obituary" of sorts, that is itself getting rather old:
None of these really convey the cultural importance of Freshmeat to the opensource community at the time, though. For a while, Slashdot + Freshmeat were among the two first sites almost everyone I knew and worked with would open in the morning.
The thing that the responses are not capturing is that the stuff on freshmeat was often kind of frivolous desktop widgets or themes. People were excited about Linux desktops and lots of people were authoring small stuff to customize it.
Network monitoring/visualization widgets that sit on your WindowMaker dock or similar was a common theme.
I was about to mention Aminet[1] too as a joke of sorts (it's Amiga focused, but still updated, though it stores the actual archives more than focus on the "news"), but scanned the front page on freshcode first and one of first things that stood out was an Amiga program[2]... If anything makes Freshcode a successor to Freshmeat, the only thing missing is an Enlightenment theme being posted too.
This is some old school style bare bones C. popen with a big old pipe chain is pretty quick n dirty. I’d have gone digging around in proc for the active connections. Cool stuff though. I like that it’s so straightforward to read.
it's more like taking notes with pen and pencil, while other patrons of the coffee shop use an electron-based note-taking "app" on their macbooks that uploads each keypress to the cloud, helpfully adding a half-second lag
Nice. My only gripe is that the map is not very easy to read, especially on the smaller sizes. There are too many coast lines and borders, so it can be hard to locate countries, especially in the Mediterranean. Would it be possible to draw land masses in solid (white?), and leave borders in dark (background color?). Other than that, works fine on Debian Linux and KDE. The map shows up on all desktops, which I like (but others might not)
Another idea. Would it be possible to make the dots fade out, a little like in https://www.lightningmaps.org, so I could see some of the older traffic points as well?
Forgive my ignorance, but I'm not sure what this is showing me. I'm running it on my home linux system, which is connected to the Internet via Verizon FIOS. The map shows three red dots, none of which are near me.
It's only showing connections directly initiated by your computer. Not anything "upstream" of you like the FIOS router. It would also show any connections TO your computer, but being behind NAT on a normal home network, that would likely be nothing unless you've intentionally punched holes.
There is even a beautiful Debian-based Window Maker distribution, called Window Maker Live. I am using this in a professional music studio as mixing workstation.
https://wmlive.sourceforge.net/
Ah, cool, this should incorporate location data at least as good as what the networks self-report! (I suspect that these databases, on top of ingesting all geofeed data, do something similar to Wi-Fi positioning, i.e. correlate the IP address of various GPS-enabled devices with their physical location to try and deduce undocumented/non-public allocation patterns.)
While that's indeed a bug, for it to be a security vulnerability, wouldn't there also have to be a security boundary involved? Specifically, mapName is always either "w1000b.png" or "w1000.png", so the only way to trigger the buffer overflow would be through the HOME environment variable. But if an attacker can run commands as you with arbitrary environment variables, aren't you already pwned? What would anyone gain by running your program and exploiting it to do something, rather than just doing the thing directly? https://devblogs.microsoft.com/oldnewthing/20060508-22/?p=31...
Assuming that code is actually present in your app, env vars can hold more than 255 characters. Easy buffer overflow to trigger. Use length-bounded copies and concats...
That's just off the top of my head; I've not written in C in a while.
Yeah, that is not a helpful attitude to take when it comes to this sort of thing. If nothing else, a super-long home path can crash your app and leave your user scratching their head. In other words, this is a bug (as is the fact that paths are not necessarily limited to 255 characters in the first place; see the PATH_MAX constant, I think it is?).
As to what could be accomplished with an overflow? I don't know; I'm not in security, and I don't sit around thinking of possible uses for various bugs when it comes to compromising systems.
Perhaps the most important thing to realize, though, is that you're distributing software publicly. Your security situation may not be the same as your user's security situation. Assumptions should not be made.
As long as you’re fixing that bug, you should do it right. If the return value from snprintf if more than 256 but less than a few GB then you should malloc a buffer big enough to hold the string and then call snprintf again with the new buffer. Only if that or malloc fails would you print an error. (It’s really a shame that the C standard library requires so many extra steps to do things correctly; this ought to be way easier.)
Basically, any path longer than 256 characters for `mapFilename` would cause a buffer overrun.
An unprivileged app could run your app (say, with more privileges), with a very long `HOME` environment path, causing a buffer overflow, and potentially exploit it to use your app's privileges to do more stuff than it was supposed to.
Basically, you should never use strcpy and strcat and but use the secure alternatives like strcpy_s and strcat_s, even when you know the source buffer would never exceed the destination size.
Sure, but since there's no enforced standard for how privileges are configured on a system, there's always the possibility that your app to be the only escape ticket.
You can dismiss that possibility of course. But, as a general habit, it's best to use secure alternatives instead of mulling over probabilities every other line.
As a positive side-effect, the change would make your app not crash on systems with long HOME env paths.:)
I see you already addressed it but here let me give a scenario.
Say the program was installed and set so the user didn't have privs to modify the executable (so an attacker couldn't just change it to do what they want).
A buffer overflow could allow an attacker to gain control flow of the program and feed bogus data to the user allowing them to scrub their presence from the map.
https://help.obdev.at/littlesnitch6/lsm-map
Main difference would be that LS being actively handling connections the list is always accurate whereas this appears to poll current connections using `ss` so it may miss some if they happen to be entirely between two refresh beats.
Others have mentioned it was a directory, but it sent me off on a nostalgia trip, so here is an "obituary" of sorts, that is itself getting rather old:
https://jeffcovey.net/2014/06/19/freshmeat-net-1997-2014/
And here's the HN discussion from back then:
https://news.ycombinator.com/item?id=7925135
(including a couple of my own comments, which aren't all that intersting)
And the wikipedia entry:
https://en.wikipedia.org/wiki/Freecode
None of these really convey the cultural importance of Freshmeat to the opensource community at the time, though. For a while, Slashdot + Freshmeat were among the two first sites almost everyone I knew and worked with would open in the morning.
But what is X11? Is that like Wayland? ;-)
Network monitoring/visualization widgets that sit on your WindowMaker dock or similar was a common theme.
So that is sort of the reference being made here
[1] https://aminet.net/
[2] https://freshcode.club/projects/apccomm
Imagine if GitHub release authors publicized releases in a timeline view.
v.0.1 of this or v3.0 of that had the same exposure.
One site. Daily fix.
Which has now become some kind of meta-ironic fashion statement. It's 2025's going to the coffee shop with a typewriter.
Another idea. Would it be possible to make the dots fade out, a little like in https://www.lightningmaps.org, so I could see some of the older traffic points as well?
So you basically have some apps running in the background (or foreground) that are making those connections.
The database is embedded in the program. Specifically, it is this file:
https://github.com/h2337/connmap/blob/master/connmap/resourc...
Presumably generated by the author with this Python script
https://github.com/h2337/connmap/blob/master/tools/get-ip-da...
[1] https://ipregistry.co/blog/geofeeds
http://superkuh.com/connmap-perl-gtk2.pl.txt + http://tuvixdiedforoursins.org/w1000-old.png (baked black background map)
It looks pretty similar: http://tuvixdiedforoursins.org/connmap-perl-gtk2-screenshot.... vs http://tuvixdiedforoursins.org/connmap-original-screenshot.j...
char mapFilename[256]; strcat(strcpy(mapFilename, getenv("HOME")), RESOURCES); strcat(mapFilename, mapName);
That's just off the top of my head; I've not written in C in a while.
As to what could be accomplished with an overflow? I don't know; I'm not in security, and I don't sit around thinking of possible uses for various bugs when it comes to compromising systems.
Perhaps the most important thing to realize, though, is that you're distributing software publicly. Your security situation may not be the same as your user's security situation. Assumptions should not be made.
Something to keep in mind.
It does exit on MacOS and Linux, at the very least.
But my man pages say that they exist on BSD in addition to GNU, so that’s pretty good these days. I say go for it.
An unprivileged app could run your app (say, with more privileges), with a very long `HOME` environment path, causing a buffer overflow, and potentially exploit it to use your app's privileges to do more stuff than it was supposed to.
Basically, you should never use strcpy and strcat and but use the secure alternatives like strcpy_s and strcat_s, even when you know the source buffer would never exceed the destination size.
Isn't it a moot point if unprivileged app can already run anything with more privileges? In normal operation, connmap requires no special privileges.
You can dismiss that possibility of course. But, as a general habit, it's best to use secure alternatives instead of mulling over probabilities every other line.
As a positive side-effect, the change would make your app not crash on systems with long HOME env paths.:)
Say the program was installed and set so the user didn't have privs to modify the executable (so an attacker couldn't just change it to do what they want).
A buffer overflow could allow an attacker to gain control flow of the program and feed bogus data to the user allowing them to scrub their presence from the map.
Also, awesome project!
in ~/.config/sway/config:
cat ~/.config/connmap/connmaprc bonus: connect it to a right-click event either on the vpn or the network module in waybarThen you can import it under geo/viking port:
Open Viking and just load the geo.json file from