Networking links else where
RFC and other stuff on need to know basis
New articles in this section:
|General IPSec stuff
|*swan & Cisco
|Some tips with *swan projects and Cisco
|stuff that you can do in network with linux
MTU diferences between JUNIPER and CISCO - Cisco includes ip and icmp header size in the total specified packet size. Payload in the case is 1510-20-8 = 1482 bytes. Juniper adds icmp and ip header to the payload size you specify. So 1510 becomes 1538 bytes of ip packet.
|to detect the maximum MTU size at each hop along a connection. Good for troubleshooting path MTU discovery problems - download
|Windows SSH Client - download - latest x86
|PuTTY Connection Manager
|PuTTY Connection Manager is a free PuTTY Client add-on for Windows platforms which goal is to provide a solution for managing multiple PuTTY instances in tabs.
|VoIP Hopper is a GPLv3 licensed security tool, written in C, that rapidly runs a VLAN Hop into the Voice VLAN on specific Ethernet switches. VoIP Hopper does this by mimicking the behavior of an IP Phone, in both Cisco and Avaya IP Phone environments.
|CDPSnarf if a network sniffer exclusively written to extract information from CDP packets. It provides all the information a “show cdp neighbors detail” command would return on a Cisco router and even more.
|- is a nice tool developped as a PoC to demonstrate the risks of VoIP. It can be used to conduct audits or penetration tests on VoIP networks. –> more here: http://ucsniff.sourceforge.net/usage.html
|NIST Net is a network emulation package that runs on Linux. NIST Net allows a single Linux PC set up as a router to emulate a wide variety of network conditions.
|DNSenum - Domain Information Gathering Tool
|The first stage of penetration testing is usually passive information gathering and enumeration (active information gathering). This is where tools like dnsenum come in, the purpose of DNSenum is to gather as much information as possible about a domain.
|P0f v2 is a 100% passive OS fingerprinter capable of identifying parties during casual communication, detecting NATs, connection sharing, etc. P0f is included with many distros, integrated into OpenBSD, amavisd, milter, and so on. Some of the articles on P0f: “Nmap's Silent Partner”, “Dynamic Honeypots”.
|MRL has a new tool we’re releasing that will check your network for services with default passwords. The tool is called depant ((DE)fault (PA)ssword (N)etwork (T)ool). more on: http://midnightresearch.com/pages/depant-your-network/
|A very fast network logon cracker which support many different services
|ike-scan is a command-line tool that uses the IKE protocol to discover, fingerprint and test IPsec VPN servers. It is available for Linux, Unix, MacOS and Windows under the GPL license.
|Tcpick Tcp Stream Sniffer and Connection Tracker
|tcpick is a textmode sniffer libpcap-based that can track, reassemble and reorder tcp streams. Tcpick is able to save the captured flows in different files or displays them in the terminal, and so it is useful to sniff files that are transmitted via ftp or http. It can display all the stream on the terminal, when the connection is closed in different display modes like hexdump, hexdump + ascii, only printable charachters, raw mode and so on. Available a color mode too, helpful to read and understand better the output of the program. Actually it can handle several interfaces, including ethernet cards and ppp. It is useful to keep track of what users of a network are doing, and is usable with textmode tools like grep, sed, awk.
|A open source tool to trace TCP/UDP/… sessions and fetch application data from snoop or tcpdump logs. This is a type of “any-snarf” program, as it will fetch telnet sessions, FTP files, HTTP transfers (HTML, GIF, JPEG, …), SMTP emails, … from the captured data inside network traffic logs. A html index file is created that links to all the session details, including realtime replay programs for telnet, rlogin, IRC, X11 or VNC sessions; and reports such as image reports and HTTP GET/POST content reports. Chaosreader can also run in standalone mode - where it invokes tcpdump or snoop (if they are available) to create the log files and then processes them.