Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
monitor.io
is a module for Node.js that runs as a telnet server, giving a remote client control of and information about sockets connected to an instance of socket.io
.
This makes it possible to disconnect, emit, or broadcast data to sockets in a remote terminal without interrupting the Node.js process running socket.io
. monitor.io
also provides a real-time display of any data attached to a socket with the socket#monitor
method.
$ npm install monitor.io
var socketio = require('socket.io')(server),
monitorio = require('monitor.io');
socketio.use(monitorio({ port: 8000 })); // monitor.io started on port 8000
Use telnet to connect to monitor.io
and control a real-time list of sockets connected to socket.io
.
$ telnet myapp.com 8000
Use hjkl
to scroll verticall/horizontally through the list of sockets, e
to emit data to a specific socket, and b
to broadcast data to all sockets.
Enable to prevent connections from any IP except 127.0.0.1
. Defaults to false.
To run monitor.io
safely in production, enable localOnly
and access it via telnet via an ssh connection to your box.
The port number for the telnet server to listen on.
Disable to run monitor.io
in the current terminal window, without starting a telnet server. Defaults to true.
monitor.io
attaches a method named monitor
to every socket object. This method attaches data to a socket and tells monitor.io
to render this data in the monitor.io
terminal window.
Here is an example of how to attach the time that a socket connected to socket.io
:
io.on('connection', function(socket) {
socket.monitor('timeConnected', Date.now());
});
socket#monitor
must be called whenever monitored information changes, such as the score of a player in a real-time game, to force a rerender in the monitor.io
window.
socket.on('newHighScore', function(msg) {
var score = msg.score;
socket.monitor('highScore', msg.score);
});
The monitor
method also accepts an object, and will display every key-value pair in an object.
socket.on('newPlayer', function(msg) {
var newPlayer = game.createPlayer();
socket.monitor(newPlayer); // every key-value pair in newPlayer will be shown in the monitor.io terminal window.
});
MIT
FAQs
remote monitoring and debugging for socket.io
We found that monitor.io demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.