Promiscuous

This interface will allow you to write code to retrieve and send promiscuous network packets from your Java program. It could provide a starting point for a java nmap or such...

The Layer 2 Cross-Connect takes all packets gathered by a promiscuous interface, changes the MAC address of the packet header, and transmits the packets out a second interface. The primary use of this tool is for a Linux-based MPLS routing system or an I

Queue::Dir allows the manipulation of objects placed in a queue. The queue is implemented as a directory where each object is stored as a file. METHODS The following methods are defined: my $q = new Queue::File (...) -id assigns a unique process-id to this queue object. Defaults to something...


Platforms: *nix

This program is a daemon intended to catch someone installing a rootkit or running a packet sniffer. It is designed to run continually with a small footprint under an innocuous name. When triggered, it sends email, appends to a logfile, and disables networking or halts the system. it is designed...


Platforms: *nix

RogueScanner project is an open-source vulnerability management tool that is used to gain greater network visibility to enable you to quickly identify and remove rogue wireless devices that may provide a back door to access your critical data and infrastructure. Considering that rogue access...


Platforms: *nix

ICMPScan scans the specified address, or addresses, for ICMP responses. Usage: icmpscan [ -EPTSNMAIRcvbn ] [ -A address ] [ -f filename ] [ -i interface ] [ -r retries ] [ -t timeout ] target [...] Options: -i, --interface Listen on the specified interface. If unspecified, icmpscan will...


Platforms: *nix

ETrace is a configurable static port network tracing tool, similar to traceroute, but supporting ICMP, TCP, UDP and other IP protocols. Usage: etrace [ -BbCcnv ] [ -p profile ] [ -F config ] [ -i interface ] [ -I icmp-type ] [ -T port ] [ -U port ] [ -P protocol ] [ -r probe-count ] [ -t...


Platforms: *nix

DNS Flood Detector was developed to detect abusive usage levels on high traffic nameservers and to enable quick response in halting (among other things) the use of ones nameserver to facilitate spam. DNS Flood Detector uses libpcap (in non-promiscuous mode) to monitor incoming dns queries to a...


Platforms: *nix

ssldump is an SSLv3/TLS network protocol analyzer. It identifies TCP connections on the chosen network interface and attempts to interpret them as SSLv3/TLS traffic. When it identifies SSLv3/TLS traffic, it decodes the records and displays them in a textual form to the console. ssldump depends...


Platforms: *nix

ArpMonitor will log any ARP request to and from your machine or network. Its built for monitoring switches or bridges. If you would like to monitor your network bus, or entire network ( if you dont use a switch or something like that ), just do a ifconfig PROMISC, to set the promiscuous mode...


Platforms: *nix

IPAudit monitors network activity on a network by host, protocol and port. IPAudit listens to a network device in promiscuous mode, and records every connection between two ip addresses. A unique connection is determined by the ip addresses of the two machines, the protocol used between them,...


Platforms: *nix

Pixilate is a commandline packet generation utility that reads Cisco PIX 6.2x or Cisco IOS ACLs as input and generates the appropriate packets. pixilate is currently capable of generating TCP/UDP/ICMP (various ICMP types), and IGMP utilizing the Libnet 1.1.x library available from...


Platforms: *nix

Pads (Passive Asset Detection System) is a signature-based detection engine used to passively detect network assets. Asset management is an important factor in information security. A good security administrator should keep track of all devices attached to the network. Even though active...


Platforms: *nix

chkrootkit is a tool to locally check for signs of a rootkit. It contains: - chkrootkit: shell script that checks system binaries for rootkit modification. - ifpromisc.c: checks if the interface is in promiscuous mode. - chklastlog.c: checks for lastlog deletions. - chkwtmp.c: checks for...


Platforms: *nix

pmacct is a small set of passive network monitoring tools to measure, account and aggregate IPv4 and IPv6 traffic; aggregation revolves around the key concept of primitives (VLAN id, source and destination MAC addresses, hosts, networks, AS numbers, ports, IP protocol and ToS/DSCP field are...


Platforms: *nix

pmacct is a small set of passive network monitoring tools to measure, account and aggregate IPv4 and IPv6 traffic; aggregation revolves around the key concept of primitives (VLAN id, source and destination MAC addresses, hosts, networks, AS numbers, ports, IP protocol and ToS/DSCP field are...


Platforms: *nix

Host enumeration is the act of determining the IP address of potential targets on a network. This can be done in both layer 2 and layer 3. Icmpenum project can send ICMP traffic for such enumeration. The ICMP packets supported are: Echo, Timestamp, Information and Netmask. Furthermore, it...


Platforms: *nix

Icmpenum sends ICMP traffic to potential targets on a network. Introduction: Host enumeration is the act of determining the IP address of potential targets on a network. This can be done in both layer 2 and layer 3. Icmpenum sends ICMP traffic for such enumeration. The ICMP packets supported...


Platforms: *nix

The Network Security Monitor Daemon is a lightweight network security monitor for TCP/IP LANs. It will capture certain network events and record them in a relational database. The recorded data is available for analysis through a CGI-based interface. You can run test version with ./Monitord,...


Platforms: *nix

iplog is a TCP/IP traffic logger. Currently, it is capable of logging TCP, UDP, and ICMP traffic. iplog is able to detect TCP port scans, TCP null scans, FIN scans, UDP and ICMP "smurf" attacks, bogus TCP flags, TCP SYN scans, TCP "Xmas" scans, ICMP ping floods, UDP scans, and IP fragment...


Platforms: *nix