Networking stuff

New articles in this section:

article description
ipsecGeneral IPSec stuff
*swan & CiscoSome tips with *swan projects and Cisco
Linux networkingstuff that you can do in network with linux


filename description
config_guide.pdfAMS-IX Port Configuration Hints 1.24 (mirror) (original)
MTU diferences between JUNIPER and CISCO - Cisco includes ip and icmp header size in the total specified packet size. Payload in the case is 1510-20-8 = 1482 bytes. Juniper adds icmp and ip header to the payload size you specify. So 1510 becomes 1538 bytes of ip packet.

Useful tools

name description
Scamper to detect the maximum MTU size at each hop along a connection. Good for troubleshooting path MTU discovery problems - download
PuTTY Windows SSH Client - download - latest x86
PuTTY Connection Manager PuTTY Connection Manager is a free PuTTY Client add-on for Windows platforms which goal is to provide a solution for managing multiple PuTTY instances in tabs.
VoIP hopper VoIP Hopper is a GPLv3 licensed security tool, written in C, that rapidly runs a VLAN Hop into the Voice VLAN on specific Ethernet switches. VoIP Hopper does this by mimicking the behavior of an IP Phone, in both Cisco and Avaya IP Phone environments.
CDPSnarf CDPSnarf if a network sniffer exclusively written to extract information from CDP packets. It provides all the information a “show cdp neighbors detail” command would return on a Cisco router and even more.
UCSniff - is a nice tool developped as a PoC to demonstrate the risks of VoIP. It can be used to conduct audits or penetration tests on VoIP networks. –> more here:
NIST Net NIST Net is a network emulation package that runs on Linux. NIST Net allows a single Linux PC set up as a router to emulate a wide variety of network conditions.
DNSenum - Domain Information Gathering ToolThe first stage of penetration testing is usually passive information gathering and enumeration (active information gathering). This is where tools like dnsenum come in, the purpose of DNSenum is to gather as much information as possible about a domain.
P0f v2 P0f v2 is a 100% passive OS fingerprinter capable of identifying parties during casual communication, detecting NATs, connection sharing, etc. P0f is included with many distros, integrated into OpenBSD, amavisd, milter, and so on. Some of the articles on P0f: “Nmap's Silent Partner”, “Dynamic Honeypots”.
Depant MRL has a new tool we’re releasing that will check your network for services with default passwords. The tool is called depant ((DE)fault (PA)ssword (N)etwork (T)ool). more on:
THC-Hydra A very fast network logon cracker which support many different services
ike-scan ike-scan is a command-line tool that uses the IKE protocol to discover, fingerprint and test IPsec VPN servers. It is available for Linux, Unix, MacOS and Windows under the GPL license.
Tcpick Tcp Stream Sniffer and Connection Tracker tcpick is a textmode sniffer libpcap-based that can track, reassemble and reorder tcp streams. Tcpick is able to save the captured flows in different files or displays them in the terminal, and so it is useful to sniff files that are transmitted via ftp or http. It can display all the stream on the terminal, when the connection is closed in different display modes like hexdump, hexdump + ascii, only printable charachters, raw mode and so on. Available a color mode too, helpful to read and understand better the output of the program. Actually it can handle several interfaces, including ethernet cards and ppp. It is useful to keep track of what users of a network are doing, and is usable with textmode tools like grep, sed, awk.
Chaosreader A open source tool to trace TCP/UDP/… sessions and fetch application data from snoop or tcpdump logs. This is a type of “any-snarf” program, as it will fetch telnet sessions, FTP files, HTTP transfers (HTML, GIF, JPEG, …), SMTP emails, … from the captured data inside network traffic logs. A html index file is created that links to all the session details, including realtime replay programs for telnet, rlogin, IRC, X11 or VNC sessions; and reports such as image reports and HTTP GET/POST content reports. Chaosreader can also run in standalone mode - where it invokes tcpdump or snoop (if they are available) to create the log files and then processes them.



networking.txt · Last modified: 2012/01/17 21:51 by greebo
CC Attribution-Share Alike 4.0 International
Driven by DokuWiki Recent changes RSS feed Valid CSS Valid XHTML 1.0 ipv6 ready