|
(Page 5 of 7) < Prev 1 2 3 4 5 6 7 Next > Category: Auditing » Network » Sniffer Tvark Added 2001-10-22 Tvark is a network monitoring tool (sniffer) with a GUI front-end, and is tied to a MySQL database. The GUI provides a view of traffic activity that can be seen from the machine/interface that Tvark is run on. What you see is a list of source nodes on the left, destination nodes on the right, and lines drawn, left to right, showing traffic flow. Tvark runs in "realtime", meaning you see the traffic roughly as it happens. There is a small delay between actual traffic flow and the display. passlogd Added 2001-10-22 passlogd is a purpose-built sniffer for capturing syslog messages in transit. This allows for backup logging to be performed on a machine with no open ports. Serial line sniffer Added 2001-10-22 slsnif is a serial port logging utility. It listens to the specified serial port and logs all data going through this port in both directions. cum proxy toolkit (cpt) Added 2001-10-22 The cum proxy toolkit (cpt) contains a proxyscanner, a proxy extractor, a toip converter and some other tools to manipulate proxy databases. The proxyscanner scans a given database with servers. It tries to connect to each proxy and requests a sample webpage with a unique ID in it to verify if the proxy actually forwards pages, and not only replies with just a 200 http code. It also checks if the proxy forwards cookies, referers and user-agent info. The proxy extractor takes a (log)file as input, filters it, and outputs a database with potential proxy servers. The output database can then be feeded into the proxyscanner. The toip converter converts a proxylist (with names and/or ip's) to an ip-only list. This way you can filter out duplicate proxies in your list, plus it provides a pre-check by excluding all proxies that give a DNS resolve error. Linux IDS Patch (LIDS) Added 2001-10-22 LIDS is a kernel patch and admin tool to enhance the linux kernel security and the implementation of reference monitor in kernel while giving mandatory access control in the kernel Snarp Added 2001-10-22 Snarp is a tool for NT 4.0 which uses an ARP poison attack to relay traffic between two hosts, allowing sniffing of the data on switched networks. PromiScan Added 2001-10-22 This is software searches for promiscuous nodes on the local net. It does not create a heavy load on the network. And, PromiScan quickly searches for promiscuous nodes. Finding a promiscuous node is very difficult. In many cases, the result is not certain. The node likely to be a promiscuous node is quickly listed by PromiScan. The listed nodes are clearly visible. And, you can find the nodes that promiscuous mode are not permitted. PromiScan is very useful for security management of a local network. LanKiller Added 2001-10-22 Lankiller is a simple libpcap and libnet based tool which demonstrates how simple is to kill all TCP connections in a LAN network.It just sniffs packets and sends spooffed RST packets back. SWB Added 2001-10-22 SWB enables the SMB(CIFS) session setup without depending on the version and the registry setting of your Windows machines. The SMB session is established in the following steps. 1.TCP Connection 2.NetBIOS Session Request 3.SMB Negotiate Protocol 4.SMB Session Setup 5.SMB Tree Connect The parameters usually used in each of these steps is automatically decided from the version and the registry setting of the Windows machine of the client and the server. Using SWB, you can flexibly set parameters and try the SMB session setup. nitwit Added 2001-10-22 Utility to identify ethernet sniffers running on your hosts Browse by category |
|
|
Privacy Statement |
