disable icmp echo
Sponsored Links
Sponsored Links
Secleted [ 0 ] software to compare
Results 1 - 15 of about 625
Disable - Enable Touchpad 1.0
Disable - Enable Touchpad is a very very simple servicemenu to disable or enable your touchpad. more>>
Disable - Enable Touchpad is a very very simple servicemenu to disable or enable your touchpad (e.g. if sometimes you use a USB mouse, the touchpad may become annoying).
Notice: it only works if it is a *synaptic* touchpad
There are plenty of ways to disable your touchpad, for example through the comamnds synclient TouchpadOff=1 or synclient TouchpadOff=0 which is exactly what this servicemenu does.
At reboot, this setting is reset and touchpad is enabled by default. If you want to disable it permanently, you can comment the touchpad section in /etc/X11/xorg.conf
USAGE:
1) copy the file Disable_Enable_Touchpad.desktop in the KDE servicemenus folder, that is located in /home/your_username/.kde/share/apps/konqueror/servicemenus
OR
2) just leave the file Disable_Enable_Touchpad.desktop in same folder and right click it; on "action" youll find the touchpad entry
<<lessNotice: it only works if it is a *synaptic* touchpad
There are plenty of ways to disable your touchpad, for example through the comamnds synclient TouchpadOff=1 or synclient TouchpadOff=0 which is exactly what this servicemenu does.
At reboot, this setting is reset and touchpad is enabled by default. If you want to disable it permanently, you can comment the touchpad section in /etc/X11/xorg.conf
USAGE:
1) copy the file Disable_Enable_Touchpad.desktop in the KDE servicemenus folder, that is located in /home/your_username/.kde/share/apps/konqueror/servicemenus
OR
2) just leave the file Disable_Enable_Touchpad.desktop in same folder and right click it; on "action" youll find the touchpad entry
Download (MB)
Added: 2007-01-02 License: GPL (GNU General Public License) Price:
1034 downloads
Shell over ICMP 0.5
Shell over ICMP project allows a user to connect to a remote shell daemon, by using ICMP protocol instead of classical TCP. more>>
Shell over ICMP consists of two free and open source applications: one server and one client. Shell over ICMP project allows a user to connect to a remote shell daemon, by using ICMP protocol instead of classical TCP.
Entirely written in Python, soicmp is a working proof-of-concept to demonstrate that data can be transmitted across a network by hiding it in traffic that normally does not contain payloads.
How does it work?
The soicmp server is a daemon that must be started on the remote server. When the server receives a request from the client it looks into the packets payload. The payload must respect certain protocol rules. In detail the client must specify:
command
communication mode (echo|echo/reply)
authentication (y|n)
This is an example of a correct payload string sent by client to server:
$CMD ls -a $MODE echo/reply $PWD root2005 $END
If the payload matches with the server protocol specification then it will pipe the command to "/bin/sh" or "cmd.exe" and execute it. The server then reads the result from the pipe and sends it back to the client that will print it to stdout.
Moreover every client will send ICMP packets having id equal to the clients current process ID and will accept only ICMP replies having the same id value. This prevents output to be printed by other client instances running on the same workstation (this argument is also treated in the FAQs section).
Main features:
- Platform independent.
- Possibility to run soicmp daemon on multiple ethernet interfaces simultaneously handling multiple client connections.
- Possibility to specify the buffer size of outgoing packets.
- Client side source IP address spoofing.
- Remote client case-sensitive (plain texted) authentication.
- Possibility to select two communication types:
- One based on encapsulating command output in unique "one way" ICMP_ECHOREPLY (type 0) packets sent by server to client (see fig. 1).
- Another one that guarantees the correct packets delivering by using the request/response nature of ECHO and ECHOREPLY ICMP packet types (see fig.2)
- No listening sockets are listed by netstat or similar programs.
<<lessEntirely written in Python, soicmp is a working proof-of-concept to demonstrate that data can be transmitted across a network by hiding it in traffic that normally does not contain payloads.
How does it work?
The soicmp server is a daemon that must be started on the remote server. When the server receives a request from the client it looks into the packets payload. The payload must respect certain protocol rules. In detail the client must specify:
command
communication mode (echo|echo/reply)
authentication (y|n)
This is an example of a correct payload string sent by client to server:
$CMD ls -a $MODE echo/reply $PWD root2005 $END
If the payload matches with the server protocol specification then it will pipe the command to "/bin/sh" or "cmd.exe" and execute it. The server then reads the result from the pipe and sends it back to the client that will print it to stdout.
Moreover every client will send ICMP packets having id equal to the clients current process ID and will accept only ICMP replies having the same id value. This prevents output to be printed by other client instances running on the same workstation (this argument is also treated in the FAQs section).
Main features:
- Platform independent.
- Possibility to run soicmp daemon on multiple ethernet interfaces simultaneously handling multiple client connections.
- Possibility to specify the buffer size of outgoing packets.
- Client side source IP address spoofing.
- Remote client case-sensitive (plain texted) authentication.
- Possibility to select two communication types:
- One based on encapsulating command output in unique "one way" ICMP_ECHOREPLY (type 0) packets sent by server to client (see fig. 1).
- Another one that guarantees the correct packets delivering by using the request/response nature of ECHO and ECHOREPLY ICMP packet types (see fig.2)
- No listening sockets are listed by netstat or similar programs.
Download (0.58MB)
Added: 2006-11-07 License: GPL (GNU General Public License) Price:
1081 downloads
ICMP-Chat 0.6
ICMP-Chat is a simple console-based chat that uses ICMP packets for communication. more>>
ICMP-Chat is a simple console-based chat that uses ICMP packets for communication. All the data is encrypted with Rijndael-256 algorithm.
Installation:
Type: make && make install
For solaris type: make solaris && make install
Usage:
Usage: icmpchat [OPTIONS] < host > < nick >
< host > = Host to chat with
< nick > = Your nickname
OPTIONS:
-t < type > = specify icmp type (default ECHO_REPLY)
Example: icmpchat 192.168.1.2 foo
ICMP codes:
[0] Echo Reply
[5] Redirect
[8] Echo Request
[9] Router advertisement
[10] Router solicitation
[13] Timestamp request
[14] Timestamp reply
[15] Information request
[16] Information reply
[17] Adressmask request
[18] Adressmask reply
Enhancements:
- Rewrote from scratch
- Implemented optimized rijndael algorithm
- Implemented sha256 for password hashing
- Implemented ncurses frontend (again)
- Fixed getuid problem so that setting suid flag works now (thanks John)
<<lessInstallation:
Type: make && make install
For solaris type: make solaris && make install
Usage:
Usage: icmpchat [OPTIONS] < host > < nick >
< host > = Host to chat with
< nick > = Your nickname
OPTIONS:
-t < type > = specify icmp type (default ECHO_REPLY)
Example: icmpchat 192.168.1.2 foo
ICMP codes:
[0] Echo Reply
[5] Redirect
[8] Echo Request
[9] Router advertisement
[10] Router solicitation
[13] Timestamp request
[14] Timestamp reply
[15] Information request
[16] Information reply
[17] Adressmask request
[18] Adressmask reply
Enhancements:
- Rewrote from scratch
- Implemented optimized rijndael algorithm
- Implemented sha256 for password hashing
- Implemented ncurses frontend (again)
- Fixed getuid problem so that setting suid flag works now (thanks John)
Download (0.037MB)
Added: 2006-06-16 License: GPL (GNU General Public License) Price:
1229 downloads
NAT iptables firewall script
NAT iptables firewall script is an iptables firewall script. more>>
NAT iptables firewall script is an iptables firewall script.
This script is meant to be run once per boot the rules will be double added if you try to run it twice if you need to add another rule during runtime, change the -A to a -I to add it to the top of the list of rules if you use -A it will go at the end after the reject rule.
Sample:
# interface definitions
BAD_IFACE=eth0
DMZ_IFACE=eth1
DMZ_ADDR=x.x.x.96/28
GOOD_IFACE=eth2
GOOD_ADDR=192.168.1.0/24
MASQ_SERVER=x.x.x.98
FTP_SERVER=x.x.x.100
MAIL_SERVER=x.x.x.99
MAIL_SERVER_INTERNAL=192.168.1.3
# testing
#set -x
ip route del x.x.x.96/28 dev $BAD_IFACE
ip route del x.x.x.96/28 dev $DMZ_IFACE
ip route add x.x.x.97 dev $BAD_IFACE
ip route add x.x.x.96/28 dev $DMZ_IFACE
# we need proxy arp for the dmz network
echo 1 > /proc/sys/net/ipv4/conf/eth0/proxy_arp
echo 1 > /proc/sys/net/ipv4/conf/eth1/proxy_arp
# turn on ip forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward
# turn on antispoofing protection
for f in /proc/sys/net/ipv4/conf/*/rp_filter; do echo 1 > $f; done
# flush all rules in the filter table
#iptables -F
# flush built in rules
iptables -F INPUT
iptables -F OUTPUT
iptables -F FORWARD
# deny everything for now
iptables -A INPUT -j DROP
iptables -A FORWARD -j DROP
iptables -A OUTPUT -j DROP
# make the chains to define packet directions
# bad is the internet, dmz is our dmz, good is our masqed network
iptables -N good-dmz
iptables -N bad-dmz
iptables -N good-bad
iptables -N dmz-good
iptables -N dmz-bad
iptables -N bad-good
iptables -N icmp-acc
# accept related packets
iptables -A FORWARD -m state --state INVALID -j DROP
iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
# internal client masqing
iptables -t nat -A POSTROUTING -s $GOOD_ADDR -o $BAD_IFACE -j SNAT --to $MASQ_SERVER
# mail server masqing
iptables -t nat -A PREROUTING -p tcp -d $MAIL_SERVER --dport smtp -j DNAT --to $MAIL_SERVER_INTERNAL:25
iptables -t nat -A PREROUTING -p tcp -d $MAIL_SERVER --dport http -j DNAT --to $MAIL_SERVER_INTERNAL:80
iptables -t nat -A PREROUTING -p tcp -d $MAIL_SERVER --dport https -j DNAT --to $MAIL_SERVER_INTERNAL:443
# to allow the above to work you need something like
# iptables -A bad-good -p tcp --dport smtp -d $MAIL_SERVER_INTERNAL -j ACCEPT
# set which addresses jump to which chains
iptables -A FORWARD -s $GOOD_ADDR -o $DMZ_IFACE -j good-dmz
iptables -A FORWARD -s $GOOD_ADDR -o $BAD_IFACE -j good-bad
iptables -A FORWARD -s $DMZ_ADDR -i $DMZ_IFACE -o $BAD_IFACE -j dmz-bad
iptables -A FORWARD -s $DMZ_ADDR -i $DMZ_IFACE -o $GOOD_IFACE -j dmz-good
iptables -A FORWARD -o $DMZ_IFACE -j bad-dmz
iptables -A FORWARD -o $GOOD_IFACE -j bad-good
# drop anything that doesnt fit these
iptables -A FORWARD -j LOG --log-prefix "chain-jump "
iptables -A FORWARD -j DROP
# icmp acceptance
iptables -A icmp-acc -p icmp --icmp-type destination-unreachable -j ACCEPT
iptables -A icmp-acc -p icmp --icmp-type source-quench -j ACCEPT
iptables -A icmp-acc -p icmp --icmp-type time-exceeded -j ACCEPT
iptables -A icmp-acc -p icmp --icmp-type echo-request -j ACCEPT
iptables -A icmp-acc -p icmp --icmp-type echo-reply -j ACCEPT
# iptables -A icmp-acc -j LOG --log-prefix "icmp-acc "
iptables -A icmp-acc -j DROP
# from internal to dmz
iptables -A good-dmz -p tcp --dport smtp -j ACCEPT
iptables -A good-dmz -p tcp --dport pop3 -j ACCEPT
iptables -A good-dmz -p udp --dport domain -j ACCEPT
iptables -A good-dmz -p tcp --dport domain -j ACCEPT
iptables -A good-dmz -p tcp --dport www -j ACCEPT
iptables -A good-dmz -p tcp --dport https -j ACCEPT
iptables -A good-dmz -p tcp --dport ssh -j ACCEPT
iptables -A good-dmz -p tcp --dport telnet -j ACCEPT
iptables -A good-dmz -p tcp --dport auth -j ACCEPT
iptables -A good-dmz -p tcp --dport ftp -j ACCEPT
iptables -A good-dmz -p tcp --dport 1521 -j ACCEPT
iptables -A good-dmz -p icmp -j icmp-acc
iptables -A good-dmz -j LOG --log-prefix "good-dmz "
iptables -A good-dmz -j DROP
# from external to dmz
iptables -A bad-dmz -p tcp --dport smtp -j ACCEPT
iptables -A bad-dmz -p udp --dport domain -j ACCEPT
iptables -A bad-dmz -p tcp --dport domain -j ACCEPT
iptables -A bad-dmz -p tcp --dport www -j ACCEPT
iptables -A bad-dmz -p tcp --dport https -j ACCEPT
iptables -A bad-dmz -p tcp --dport ssh -j ACCEPT
iptables -A bad-dmz -p tcp -d $FTP_SERVER --dport ftp -j ACCEPT
iptables -A bad-dmz -p icmp -j icmp-acc
iptables -A bad-dmz -j LOG --log-prefix "bad-dmz "
iptables -A bad-dmz -j DROP
# from internal to external
iptables -A good-bad -j ACCEPT
# iptables -t nat -A POSTROUTING -o $BAD_IFACE -j SNAT --to $MASQ_SERVER
#iptables -A good-bad -p tcp -j MASQ
#iptables -A good-bad -p udp -j MASQ
#iptables -A good-bad -p icmp -j MASQ
#ipchains -A good-bad -p tcp --dport www -j MASQ
#ipchains -A good-bad -p tcp --dport ssh -j MASQ
#ipchains -A good-bad -p udp --dport 33434:33500 -j MASQ
#ipchains -A good-bad -p tcp --dport ftp -j MASQ
#ipchains -A good-bad -p icmp --icmp-type ping -j MASQ
#ipchains -A good-bad -j REJECT -l
# from dmz to internal
# iptables -A dmz-good -p tcp ! --syn --sport smtp -j ACCEPT
iptables -A dmz-good -p tcp --dport smtp -j ACCEPT
iptables -A dmz-good -p tcp --sport smtp -j ACCEPT
iptables -A dmz-good -p udp --sport domain -j ACCEPT
iptables -A dmz-good -p tcp ! --syn --sport domain -j ACCEPT
iptables -A dmz-good -p tcp ! --syn --sport www -j ACCEPT
iptables -A dmz-good -p tcp ! --syn --sport ssh -j ACCEPT
iptables -A dmz-good -p tcp -d 192.168.1.34 --dport smtp -j ACCEPT
iptables -A dmz-good -p icmp -j icmp-acc
iptables -A dmz-good -j LOG --log-prefix "dmz-good "
iptables -A dmz-good -j DROP
# from dmz to external
iptables -A dmz-bad -p tcp --dport smtp -j ACCEPT
iptables -A dmz-bad -p tcp --sport smtp -j ACCEPT
iptables -A dmz-bad -p udp --dport domain -j ACCEPT
iptables -A dmz-bad -p tcp --dport domain -j ACCEPT
iptables -A dmz-bad -p tcp --dport www -j ACCEPT
iptables -A dmz-bad -p tcp --dport https -j ACCEPT
iptables -A dmz-bad -p tcp --dport ssh -j ACCEPT
iptables -A dmz-bad -p tcp --dport ftp -j ACCEPT
iptables -A dmz-bad -p tcp --dport whois -j ACCEPT
iptables -A dmz-bad -p tcp --dport telnet -j ACCEPT
iptables -A dmz-bad -p udp --dport ntp -j ACCEPT
# ipchains -A good-bad -p udp --dport 33434:33500 -j MASQ
iptables -A dmz-bad -p icmp -j icmp-acc
iptables -A dmz-bad -j LOG --log-prefix "dmz-bad "
iptables -A dmz-bad -j DROP
# from external to internal
iptables -A bad-good -p tcp --dport smtp -d $MAIL_SERVER_INTERNAL -j ACCEPT
iptables -A bad-good -p tcp --dport http -d $MAIL_SERVER_INTERNAL -j ACCEPT
iptables -A bad-good -p tcp --dport https -d $MAIL_SERVER_INTERNAL -j ACCEPT
iptables -A bad-good -j LOG --log-prefix "bad-good "
iptables -A bad-good -j REJECT
# rules for this machine itself
iptables -N bad-if
iptables -N dmz-if
iptables -N good-if
# set up the jumps to each chain
iptables -A INPUT -i $BAD_IFACE -j bad-if
iptables -A INPUT -i $DMZ_IFACE -j dmz-if
iptables -A INPUT -i $GOOD_IFACE -j good-if
# external iface
iptables -A bad-if -p icmp -j icmp-acc
iptables -A bad-if -j ACCEPT
#ipchains -A bad-if -i ! ppp0 -j DENY -l
#ipchains -A bad-if -p TCP --dport 61000:65095 -j ACCEPT
#ipchains -A bad-if -p UDP --dport 61000:65095 -j ACCEPT
#ipchains -A bad-if -p ICMP --icmp-type pong -j ACCEPT
#ipchains -A bad-if -j icmp-acc
#ipchains -A bad-if -j DENY
# dmz iface
iptables -A bad-if -p icmp -j icmp-acc
iptables -A dmz-if -j ACCEPT
# internal iface
iptables -A good-if -p tcp --dport ssh -j ACCEPT
iptables -A good-if -p ICMP --icmp-type ping -j ACCEPT
iptables -A good-if -p ICMP --icmp-type pong -j ACCEPT
iptables -A good-if -j icmp-acc
iptables -A good-if -j DROP
# remove the complete blocks
iptables -D INPUT 1
iptables -D FORWARD 1
iptables -D OUTPUT 1
<<lessThis script is meant to be run once per boot the rules will be double added if you try to run it twice if you need to add another rule during runtime, change the -A to a -I to add it to the top of the list of rules if you use -A it will go at the end after the reject rule.
Sample:
# interface definitions
BAD_IFACE=eth0
DMZ_IFACE=eth1
DMZ_ADDR=x.x.x.96/28
GOOD_IFACE=eth2
GOOD_ADDR=192.168.1.0/24
MASQ_SERVER=x.x.x.98
FTP_SERVER=x.x.x.100
MAIL_SERVER=x.x.x.99
MAIL_SERVER_INTERNAL=192.168.1.3
# testing
#set -x
ip route del x.x.x.96/28 dev $BAD_IFACE
ip route del x.x.x.96/28 dev $DMZ_IFACE
ip route add x.x.x.97 dev $BAD_IFACE
ip route add x.x.x.96/28 dev $DMZ_IFACE
# we need proxy arp for the dmz network
echo 1 > /proc/sys/net/ipv4/conf/eth0/proxy_arp
echo 1 > /proc/sys/net/ipv4/conf/eth1/proxy_arp
# turn on ip forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward
# turn on antispoofing protection
for f in /proc/sys/net/ipv4/conf/*/rp_filter; do echo 1 > $f; done
# flush all rules in the filter table
#iptables -F
# flush built in rules
iptables -F INPUT
iptables -F OUTPUT
iptables -F FORWARD
# deny everything for now
iptables -A INPUT -j DROP
iptables -A FORWARD -j DROP
iptables -A OUTPUT -j DROP
# make the chains to define packet directions
# bad is the internet, dmz is our dmz, good is our masqed network
iptables -N good-dmz
iptables -N bad-dmz
iptables -N good-bad
iptables -N dmz-good
iptables -N dmz-bad
iptables -N bad-good
iptables -N icmp-acc
# accept related packets
iptables -A FORWARD -m state --state INVALID -j DROP
iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
# internal client masqing
iptables -t nat -A POSTROUTING -s $GOOD_ADDR -o $BAD_IFACE -j SNAT --to $MASQ_SERVER
# mail server masqing
iptables -t nat -A PREROUTING -p tcp -d $MAIL_SERVER --dport smtp -j DNAT --to $MAIL_SERVER_INTERNAL:25
iptables -t nat -A PREROUTING -p tcp -d $MAIL_SERVER --dport http -j DNAT --to $MAIL_SERVER_INTERNAL:80
iptables -t nat -A PREROUTING -p tcp -d $MAIL_SERVER --dport https -j DNAT --to $MAIL_SERVER_INTERNAL:443
# to allow the above to work you need something like
# iptables -A bad-good -p tcp --dport smtp -d $MAIL_SERVER_INTERNAL -j ACCEPT
# set which addresses jump to which chains
iptables -A FORWARD -s $GOOD_ADDR -o $DMZ_IFACE -j good-dmz
iptables -A FORWARD -s $GOOD_ADDR -o $BAD_IFACE -j good-bad
iptables -A FORWARD -s $DMZ_ADDR -i $DMZ_IFACE -o $BAD_IFACE -j dmz-bad
iptables -A FORWARD -s $DMZ_ADDR -i $DMZ_IFACE -o $GOOD_IFACE -j dmz-good
iptables -A FORWARD -o $DMZ_IFACE -j bad-dmz
iptables -A FORWARD -o $GOOD_IFACE -j bad-good
# drop anything that doesnt fit these
iptables -A FORWARD -j LOG --log-prefix "chain-jump "
iptables -A FORWARD -j DROP
# icmp acceptance
iptables -A icmp-acc -p icmp --icmp-type destination-unreachable -j ACCEPT
iptables -A icmp-acc -p icmp --icmp-type source-quench -j ACCEPT
iptables -A icmp-acc -p icmp --icmp-type time-exceeded -j ACCEPT
iptables -A icmp-acc -p icmp --icmp-type echo-request -j ACCEPT
iptables -A icmp-acc -p icmp --icmp-type echo-reply -j ACCEPT
# iptables -A icmp-acc -j LOG --log-prefix "icmp-acc "
iptables -A icmp-acc -j DROP
# from internal to dmz
iptables -A good-dmz -p tcp --dport smtp -j ACCEPT
iptables -A good-dmz -p tcp --dport pop3 -j ACCEPT
iptables -A good-dmz -p udp --dport domain -j ACCEPT
iptables -A good-dmz -p tcp --dport domain -j ACCEPT
iptables -A good-dmz -p tcp --dport www -j ACCEPT
iptables -A good-dmz -p tcp --dport https -j ACCEPT
iptables -A good-dmz -p tcp --dport ssh -j ACCEPT
iptables -A good-dmz -p tcp --dport telnet -j ACCEPT
iptables -A good-dmz -p tcp --dport auth -j ACCEPT
iptables -A good-dmz -p tcp --dport ftp -j ACCEPT
iptables -A good-dmz -p tcp --dport 1521 -j ACCEPT
iptables -A good-dmz -p icmp -j icmp-acc
iptables -A good-dmz -j LOG --log-prefix "good-dmz "
iptables -A good-dmz -j DROP
# from external to dmz
iptables -A bad-dmz -p tcp --dport smtp -j ACCEPT
iptables -A bad-dmz -p udp --dport domain -j ACCEPT
iptables -A bad-dmz -p tcp --dport domain -j ACCEPT
iptables -A bad-dmz -p tcp --dport www -j ACCEPT
iptables -A bad-dmz -p tcp --dport https -j ACCEPT
iptables -A bad-dmz -p tcp --dport ssh -j ACCEPT
iptables -A bad-dmz -p tcp -d $FTP_SERVER --dport ftp -j ACCEPT
iptables -A bad-dmz -p icmp -j icmp-acc
iptables -A bad-dmz -j LOG --log-prefix "bad-dmz "
iptables -A bad-dmz -j DROP
# from internal to external
iptables -A good-bad -j ACCEPT
# iptables -t nat -A POSTROUTING -o $BAD_IFACE -j SNAT --to $MASQ_SERVER
#iptables -A good-bad -p tcp -j MASQ
#iptables -A good-bad -p udp -j MASQ
#iptables -A good-bad -p icmp -j MASQ
#ipchains -A good-bad -p tcp --dport www -j MASQ
#ipchains -A good-bad -p tcp --dport ssh -j MASQ
#ipchains -A good-bad -p udp --dport 33434:33500 -j MASQ
#ipchains -A good-bad -p tcp --dport ftp -j MASQ
#ipchains -A good-bad -p icmp --icmp-type ping -j MASQ
#ipchains -A good-bad -j REJECT -l
# from dmz to internal
# iptables -A dmz-good -p tcp ! --syn --sport smtp -j ACCEPT
iptables -A dmz-good -p tcp --dport smtp -j ACCEPT
iptables -A dmz-good -p tcp --sport smtp -j ACCEPT
iptables -A dmz-good -p udp --sport domain -j ACCEPT
iptables -A dmz-good -p tcp ! --syn --sport domain -j ACCEPT
iptables -A dmz-good -p tcp ! --syn --sport www -j ACCEPT
iptables -A dmz-good -p tcp ! --syn --sport ssh -j ACCEPT
iptables -A dmz-good -p tcp -d 192.168.1.34 --dport smtp -j ACCEPT
iptables -A dmz-good -p icmp -j icmp-acc
iptables -A dmz-good -j LOG --log-prefix "dmz-good "
iptables -A dmz-good -j DROP
# from dmz to external
iptables -A dmz-bad -p tcp --dport smtp -j ACCEPT
iptables -A dmz-bad -p tcp --sport smtp -j ACCEPT
iptables -A dmz-bad -p udp --dport domain -j ACCEPT
iptables -A dmz-bad -p tcp --dport domain -j ACCEPT
iptables -A dmz-bad -p tcp --dport www -j ACCEPT
iptables -A dmz-bad -p tcp --dport https -j ACCEPT
iptables -A dmz-bad -p tcp --dport ssh -j ACCEPT
iptables -A dmz-bad -p tcp --dport ftp -j ACCEPT
iptables -A dmz-bad -p tcp --dport whois -j ACCEPT
iptables -A dmz-bad -p tcp --dport telnet -j ACCEPT
iptables -A dmz-bad -p udp --dport ntp -j ACCEPT
# ipchains -A good-bad -p udp --dport 33434:33500 -j MASQ
iptables -A dmz-bad -p icmp -j icmp-acc
iptables -A dmz-bad -j LOG --log-prefix "dmz-bad "
iptables -A dmz-bad -j DROP
# from external to internal
iptables -A bad-good -p tcp --dport smtp -d $MAIL_SERVER_INTERNAL -j ACCEPT
iptables -A bad-good -p tcp --dport http -d $MAIL_SERVER_INTERNAL -j ACCEPT
iptables -A bad-good -p tcp --dport https -d $MAIL_SERVER_INTERNAL -j ACCEPT
iptables -A bad-good -j LOG --log-prefix "bad-good "
iptables -A bad-good -j REJECT
# rules for this machine itself
iptables -N bad-if
iptables -N dmz-if
iptables -N good-if
# set up the jumps to each chain
iptables -A INPUT -i $BAD_IFACE -j bad-if
iptables -A INPUT -i $DMZ_IFACE -j dmz-if
iptables -A INPUT -i $GOOD_IFACE -j good-if
# external iface
iptables -A bad-if -p icmp -j icmp-acc
iptables -A bad-if -j ACCEPT
#ipchains -A bad-if -i ! ppp0 -j DENY -l
#ipchains -A bad-if -p TCP --dport 61000:65095 -j ACCEPT
#ipchains -A bad-if -p UDP --dport 61000:65095 -j ACCEPT
#ipchains -A bad-if -p ICMP --icmp-type pong -j ACCEPT
#ipchains -A bad-if -j icmp-acc
#ipchains -A bad-if -j DENY
# dmz iface
iptables -A bad-if -p icmp -j icmp-acc
iptables -A dmz-if -j ACCEPT
# internal iface
iptables -A good-if -p tcp --dport ssh -j ACCEPT
iptables -A good-if -p ICMP --icmp-type ping -j ACCEPT
iptables -A good-if -p ICMP --icmp-type pong -j ACCEPT
iptables -A good-if -j icmp-acc
iptables -A good-if -j DROP
# remove the complete blocks
iptables -D INPUT 1
iptables -D FORWARD 1
iptables -D OUTPUT 1
Download (MB)
Added: 2007-02-14 License: GPL (GNU General Public License) Price:
603 downloads
MR Tech Disable XPI Install Delay 2.4.1
MR Tech Disable XPI Install Delay offers you a wonderful and totally free extension which enables fast extension to install. more>> MR Tech Disable XPI Install Delay 2.4.1 offers you a wonderful and totally free extension which enables fast extension to install. Disables default delay when installing extensions.
Enhancements: Minor version bump
Requirements: Mozilla Thunderbird
Added: 2009-02-14 License: MPL Price: FREE
26 downloads
PFG for IPTables 0.02 Beta
PFG for IPTables is a PHP Firewall Generator. more>>
PFG for IPTables is a PHP Firewall Generator.
Main features:
Main Configuration
- Server IP adress
- External Network Interface
- Internal Network Interface
- Enable Forwarding and MasqON
Deny followning ICMP types
- Echo RequestsON
- Destination UnreachableON
- Timestamp ReplyON
- Adress Mask ReplyON
- Adress Mask RequestON
- Host UnreachableON
- Host RedirectON
- Timestamp requestON
- Source QuenchON
Accept services
- FTPON
- SSHON
- SMTPON
- IMAPON
- POPON
- HTTPON
- HTTPSON
- MYSQLON
- DNSON
P2P
- Direct ConnectON
- BeershareON
- NapsterON
- WinMXON
UDP Protocol
- Open UDP for all portsON
- Only open upp for these ports
Allow other TCP ports
PortForwarding
Blocking IPs and URLs
- Blocking connections from internal ips (seperate each ip adress with blankspace)
- Blocking access to sites on the internet
Add IPs you want to allow anything from
<<lessMain features:
Main Configuration
- Server IP adress
- External Network Interface
- Internal Network Interface
- Enable Forwarding and MasqON
Deny followning ICMP types
- Echo RequestsON
- Destination UnreachableON
- Timestamp ReplyON
- Adress Mask ReplyON
- Adress Mask RequestON
- Host UnreachableON
- Host RedirectON
- Timestamp requestON
- Source QuenchON
Accept services
- FTPON
- SSHON
- SMTPON
- IMAPON
- POPON
- HTTPON
- HTTPSON
- MYSQLON
- DNSON
P2P
- Direct ConnectON
- BeershareON
- NapsterON
- WinMXON
UDP Protocol
- Open UDP for all portsON
- Only open upp for these ports
Allow other TCP ports
PortForwarding
Blocking IPs and URLs
- Blocking connections from internal ips (seperate each ip adress with blankspace)
- Blocking access to sites on the internet
Add IPs you want to allow anything from
Download (MB)
Added: 2007-02-14 License: GPL (GNU General Public License) Price:
983 downloads
IP Tables network magic SysRq 0.5
IP Tables network magic SysRq is a new iptables target that allows you to do the same as the magic sysrq key on a keyboard does. more>>
IP Tables network magic SysRq is a new iptables target that allows you to do the same as the magic sysrq key on a keyboard does, but over the network.
Why to use the remote sysrq?
Sometimes a remote server hangs and only responds to icmp echo request (ping). Every administrator of such machine is very unhappy because (s)he must go there and press the reset button. It takes a long time and its inconvenient. So here is a solution. Use the Network Magic SysRq and you will be able to do more than just pressing a reset button. You can remotely sync disks, remount them read-only, then do a reboot. And everything comfortably and only in a few seconds.
Is it secure?
That depends. Let me explain: You can restrict who can do this by setting the iptables firewall. But unfortunately, for simplicity, the Network Magic SysRq is based on a single packet request. This packet is encrypted and password protected, but if somebody can sniff it (s)he will be able to repeat (but not to change) the query (so-called replay attack). The query is also protected by a timestamp. When the packet is generated, it is stamped by current date and time. Then on the server side that stamp is compared with the current time of the server and if it is within the tolerance the request is accepted. Together with some other information, the timestamp is protected by SHA1 hash. This means that the potential attacker has a limited time to repeat the sniffed packet. If anybody requires a better security than this, some secure encrypted tunnel can be used. (not depending on userspace, of course!
How to install it?
Just type make.
When everything is compiled type make install as root and after that run depmod -a. Now you can load the kernel module by the command modprobe ipt_SYSRQ.
You would also like to configure the server password and the tolerance. This can be set when installing the module into a kernel, by specifying the module parameters passwd for password and tolerance for tolerance in seconds. The default values are passwd="" and tolerance=43200.
Example:
modprobe ipt_SYSRQ passwd="my_very_secret_password" tolerance=3600
Module options can also be specified in file /etc/modules.conf.
Example:
options ipt_SYSRQ passwd="my_very_secret_password" tolerance=3600
What to do on a server?
After the module is loaded you are able to deploy it using the iptables command.
Some examples of usage:
iptables -I INPUT -p udp --dport 9 -j SYSRQ
or
iptables -I INPUT -i eth1 -s 192.168.1.2 -p udp --dport 9 -j SYSRQ
Note that UDP port 9 is used. This is the default port for send_sysrq program, which shouldnt do any harm, as it defaults to discard service.
What to do on the remote machine?
Copy the executable binary send_sysrq to the remote (client) machine. Alternatively, you can compile ipt_sysrq there yourselves. After uncompressing the source package, you just need to do a make send_sysrq.
Now you can use the client program send_sysrq to send the sysrq request.
<<lessWhy to use the remote sysrq?
Sometimes a remote server hangs and only responds to icmp echo request (ping). Every administrator of such machine is very unhappy because (s)he must go there and press the reset button. It takes a long time and its inconvenient. So here is a solution. Use the Network Magic SysRq and you will be able to do more than just pressing a reset button. You can remotely sync disks, remount them read-only, then do a reboot. And everything comfortably and only in a few seconds.
Is it secure?
That depends. Let me explain: You can restrict who can do this by setting the iptables firewall. But unfortunately, for simplicity, the Network Magic SysRq is based on a single packet request. This packet is encrypted and password protected, but if somebody can sniff it (s)he will be able to repeat (but not to change) the query (so-called replay attack). The query is also protected by a timestamp. When the packet is generated, it is stamped by current date and time. Then on the server side that stamp is compared with the current time of the server and if it is within the tolerance the request is accepted. Together with some other information, the timestamp is protected by SHA1 hash. This means that the potential attacker has a limited time to repeat the sniffed packet. If anybody requires a better security than this, some secure encrypted tunnel can be used. (not depending on userspace, of course!
How to install it?
Just type make.
When everything is compiled type make install as root and after that run depmod -a. Now you can load the kernel module by the command modprobe ipt_SYSRQ.
You would also like to configure the server password and the tolerance. This can be set when installing the module into a kernel, by specifying the module parameters passwd for password and tolerance for tolerance in seconds. The default values are passwd="" and tolerance=43200.
Example:
modprobe ipt_SYSRQ passwd="my_very_secret_password" tolerance=3600
Module options can also be specified in file /etc/modules.conf.
Example:
options ipt_SYSRQ passwd="my_very_secret_password" tolerance=3600
What to do on a server?
After the module is loaded you are able to deploy it using the iptables command.
Some examples of usage:
iptables -I INPUT -p udp --dport 9 -j SYSRQ
or
iptables -I INPUT -i eth1 -s 192.168.1.2 -p udp --dport 9 -j SYSRQ
Note that UDP port 9 is used. This is the default port for send_sysrq program, which shouldnt do any harm, as it defaults to discard service.
What to do on the remote machine?
Copy the executable binary send_sysrq to the remote (client) machine. Alternatively, you can compile ipt_sysrq there yourselves. After uncompressing the source package, you just need to do a make send_sysrq.
Now you can use the client program send_sysrq to send the sysrq request.
Download (0.025MB)
Added: 2006-11-13 License: GPL (GNU General Public License) Price:
1082 downloads
Icmpenum 1.0
Icmpenum sends ICMP traffic for host enumeration. more>>
Host enumeration is the act of determining the IP address of potential targets on a network. This can be done in both layer 2 and layer 3. Icmpenum project can send ICMP traffic for such enumeration.
The ICMP packets supported are: Echo, Timestamp, Information and Netmask. Furthermore, it supports spoofing and promiscuous listening for reply packets. Icmpenum is great for enumerating networks which allow ICMP traffic.
<<lessThe ICMP packets supported are: Echo, Timestamp, Information and Netmask. Furthermore, it supports spoofing and promiscuous listening for reply packets. Icmpenum is great for enumerating networks which allow ICMP traffic.
Download (0.58MB)
Added: 2007-05-08 License: GPL (GNU General Public License) Price:
548 downloads
ICMPScan 1.1
ICMPScan scans the specified address, or addresses, for ICMP responses. more>>
ICMPScan scans the specified address, or addresses, for ICMP responses.
Usage:
icmpscan [ -EPTSNMAIRcvbn ] [ -A address ] [ -f filename ] [ -i interface ] [ -r retries ] [ -t timeout ] target [...]
Options:
-i, --interface
Listen on the specified interface. If unspecified, icmpscan will examine the routing table and select the most appropriate interface for each target address.
-c, --promisc
Put in interface into promiscuous mode. As this option increases the load on the system in general, it should only be used if spoofing of source packets address is enabled with the "-A" option.
-A, --address
Specify the source IP address of generated packets.
-t, --timeout
Specify the timeout, in milli-seconds, before retrying.
-r, --retries
Specify the number of attempts to elicit a particular ICMP response.
-f, --file
Read target list from the specified file.
-E, -P, --echo, --ping
Check of ICMP Echo responses.
-T, -S, --timestamp
Check for ICMP Timestamp responses.
-N, -M, --netmask
Check for ICMP Netmask responses.
-I, --info
Check for ICMP Info responses.
-R, --router
Check for ICMP Router Solicitation responses.
-v, --verbose
Increase the output verbosity.
-B, --debug
Target Specification
The simplest case is listing single hostnames or IP addresses on the command line. If you want to scan a subnet of IP addresses, you can append /mask to the hostname or IP address. mask must be between 0 (scan the whole Internet) and 32 (scan the single host specified). Use /24 to scan a class "C" address and /16 for a class "B". There is also a more powerful notation which lets you specify an IP address using lists/ranges for each element. Thus you can scan the whole class "B" network 192.168.*.* by specifying "192.168.*.*" or "192.168.0-255.0-255" or even "192.168.1-50,51-255.1,2,3,4,5-255". And of course you can use the mask notation: "192.168.0.0/16". These are all equivalent. If you use asterisks ("*"), remember that most shells require you to escape them with back slashes or protect them with quotes.
Examples:
The following example checks the first 16 addresses in the 192.168.1.0/24 netblock for all ICMP responses. The scan speed is increased by lowering the timeout value and setting the number of retries to 1:
> icmpscan -t 500 -r 1 192.168.1.0-16
192.168.1.0: Echo (From 192.168.1.17!)
192.168.1.0: Address Mask [255.255.255.0] (From 192.168.1.17!)
192.168.1.7: Echo
192.168.1.7: Timestamp [0x03ab2db0, 0x02d4c507, 0x02d4c507]
192.168.1.7: Address Mask [255.255.255.0]
192.168.1.8: Echo
192.168.1.8: Address Mask [255.255.255.0]
To display failed probes, increase the output verbosity:
> icmpscan -v 192.168.1.1
192.168.1.1: -- No response to Echo request --
192.168.1.1: -- No response to Timestamp request --
192.168.1.1: -- No response to Netmask request --
192.168.1.1: -- No response to Info request --
192.168.1.1: -- No response to Router Solicitation request --
Individual ICMP types can be checked for by listing their corresponding flags on the command line:
> icmpscan -v --echo --netmask 192.168.1.7
192.168.1.7: Echo
192.168.1.7: Address Mask [255.255.255.0]
<<lessUsage:
icmpscan [ -EPTSNMAIRcvbn ] [ -A address ] [ -f filename ] [ -i interface ] [ -r retries ] [ -t timeout ] target [...]
Options:
-i, --interface
Listen on the specified interface. If unspecified, icmpscan will examine the routing table and select the most appropriate interface for each target address.
-c, --promisc
Put in interface into promiscuous mode. As this option increases the load on the system in general, it should only be used if spoofing of source packets address is enabled with the "-A" option.
-A, --address
Specify the source IP address of generated packets.
-t, --timeout
Specify the timeout, in milli-seconds, before retrying.
-r, --retries
Specify the number of attempts to elicit a particular ICMP response.
-f, --file
Read target list from the specified file.
-E, -P, --echo, --ping
Check of ICMP Echo responses.
-T, -S, --timestamp
Check for ICMP Timestamp responses.
-N, -M, --netmask
Check for ICMP Netmask responses.
-I, --info
Check for ICMP Info responses.
-R, --router
Check for ICMP Router Solicitation responses.
-v, --verbose
Increase the output verbosity.
-B, --debug
Target Specification
The simplest case is listing single hostnames or IP addresses on the command line. If you want to scan a subnet of IP addresses, you can append /mask to the hostname or IP address. mask must be between 0 (scan the whole Internet) and 32 (scan the single host specified). Use /24 to scan a class "C" address and /16 for a class "B". There is also a more powerful notation which lets you specify an IP address using lists/ranges for each element. Thus you can scan the whole class "B" network 192.168.*.* by specifying "192.168.*.*" or "192.168.0-255.0-255" or even "192.168.1-50,51-255.1,2,3,4,5-255". And of course you can use the mask notation: "192.168.0.0/16". These are all equivalent. If you use asterisks ("*"), remember that most shells require you to escape them with back slashes or protect them with quotes.
Examples:
The following example checks the first 16 addresses in the 192.168.1.0/24 netblock for all ICMP responses. The scan speed is increased by lowering the timeout value and setting the number of retries to 1:
> icmpscan -t 500 -r 1 192.168.1.0-16
192.168.1.0: Echo (From 192.168.1.17!)
192.168.1.0: Address Mask [255.255.255.0] (From 192.168.1.17!)
192.168.1.7: Echo
192.168.1.7: Timestamp [0x03ab2db0, 0x02d4c507, 0x02d4c507]
192.168.1.7: Address Mask [255.255.255.0]
192.168.1.8: Echo
192.168.1.8: Address Mask [255.255.255.0]
To display failed probes, increase the output verbosity:
> icmpscan -v 192.168.1.1
192.168.1.1: -- No response to Echo request --
192.168.1.1: -- No response to Timestamp request --
192.168.1.1: -- No response to Netmask request --
192.168.1.1: -- No response to Info request --
192.168.1.1: -- No response to Router Solicitation request --
Individual ICMP types can be checked for by listing their corresponding flags on the command line:
> icmpscan -v --echo --netmask 192.168.1.7
192.168.1.7: Echo
192.168.1.7: Address Mask [255.255.255.0]
Download (0.044MB)
Added: 2007-08-22 License: GPL (GNU General Public License) Price:
794 downloads
Icmpenun 1.2
Icmpenum sends ICMP traffic to potential targets on a network. more>>
Icmpenum sends ICMP traffic to potential targets on a network.
Introduction:
Host enumeration is the act of determining the IP address of potential targets on a network. This can be done in both layer 2 and layer 3. Icmpenum sends ICMP traffic for such enumeration. The ICMP packets supported are: Echo, Timestamp, Information and Netmask. Furthermore, it supports spoofing and promiscuous listening for reply packets. Icmpenum is great for enumerating networks which allow ICMP traffic.
Installation:
1. Install the latest libpcap (libpcap 0.4, ftp://ftp.ee.lbl.gov/libpcap.tar.Z).
2. Install the latest Libnet (http://www.packetfactory.net/libnet/).
3. Compile icmpenum as follows:
gcc `libnet-config --defines` -o icmpenum icmpenum.c -lnet -lpcap
4. Copy icmpenum to your fave directory and (as root) start enumerating.
Usage:
Running icmpenum -h gives you the following screen:
# ./icmpenum -h
USAGE: ./icmpenum [opts] [-c class C] [-d dev] [-i 1-3] [-s src] [-t sec] hosts
opts are h n p r v
-h this help screen
-n no sending of packets
-p promiscuous receive mode
-r receiving packets only (no
-v verbose
-c class C in x.x.x.0 form
-i icmp type to send/receive, types include the following:
1 echo/echo reply (default)
2 timestamp request/reply
3 info request/reply
-d device to grab local IP or sniff from, default is eth0
-s spoofed source address
-t time in seconds to wait for all replies (default 5)
host(s) are target hosts (ignored if using -c)
Examples:
Here are some example uses of icmpenum to enumerate hosts.
Example 1:
[Host1]# icmpenum 192.168.1.1 192.168.1.2
This will use the default of Echo packets to try and determine if
192.168.1.1 and 192.168.1.2 are up and running.
Example 2:
[Host1]# icmpenum -i 2 -v 192.168.100.100 192.168.100.200
This will enumerate the two hosts using Timestamp packets in
verbose mode.
Example 3:
[Host1]# icmpenum -i 3 -s 10.10.10.10 -p -v 192.168.1.1 192.168.1.2
This will enumerate hosts 192.168.1.1 and 192.168.1.2 using
Information packets with a spoofed address of 10.10.10.10, since our real address is 10.10.10.11 we use the -p option to listen for the replies.
Here are some more advanced uses of icmpenum.
Example 4:
Assuming Host1 is 6.6.6.6 and Host2 is 7.7.7.7, and that the network 1.1.1.0 has potential hosts to enumerate, we use the following two entries to enumerate with Information packets:
[Host2]# icmpenum -r -t 30 -i 3 -c 1.1.1.0
[Host1]# icmpenum -s 7.7.7.7 -i 3 -c 1.1.1.0
Host2 starts first in receive mode with a timeout of 30 seconds and starts listening for Information packets from the 1.1.1.0 network. Then Host1 starts sending spoofed packets with Host2 as the source address, sending exactly what Host2 is listening for. It should be noted that this is hardly stealthy, as logs at 1.1.1s site could have 7.7.7.7s address all over them, but the -r function is good for testing.
Example 5:
Assuming Host1 is 6.6.6.6 and Host2 is 7.7.7.7, and that Host2 can sniff traffic between 1.1.1.0 and 2.2.2.0, we use the following entries to enumerate the 1.1.1.0 network:
[Host2]# icmpenum -t 20 -n -p -i 2 -c 1.1.1.0
[Host1]# icmpenum -s 2.2.2.2 -i 2 -c 1.1.1.0
Host2 starts first with a timeout of 20 seconds, makes sure not to send the packets with the -n option, listens promiscuously for Timestamp packets from the 1.1.1.0 network. Host1 sends the exact packets Host2 is listening for with a 2.2.2.2 spoofed source address. Yes, one could simply replace the -n option in Host2s command line with -s 2.2.2.2 and do the same thing from one workstation, but were demonstrating a distributed concept.
Enhancements:
- I have added ICMP MASK (type 17 and 18) requests and replys. Simply use the -i 4 option on the command line, such as; icmpenum -i 4 -c 1.2.3.1 (sends ICMP MASK requests to the Class C range 1.2.3.1/24 and reports any system as.
- Due to the use of some older versions of Libnet and Libpcap. I can see problems for some people compiling this and hence have placed two statically linked versions within the tarball
<<lessIntroduction:
Host enumeration is the act of determining the IP address of potential targets on a network. This can be done in both layer 2 and layer 3. Icmpenum sends ICMP traffic for such enumeration. The ICMP packets supported are: Echo, Timestamp, Information and Netmask. Furthermore, it supports spoofing and promiscuous listening for reply packets. Icmpenum is great for enumerating networks which allow ICMP traffic.
Installation:
1. Install the latest libpcap (libpcap 0.4, ftp://ftp.ee.lbl.gov/libpcap.tar.Z).
2. Install the latest Libnet (http://www.packetfactory.net/libnet/).
3. Compile icmpenum as follows:
gcc `libnet-config --defines` -o icmpenum icmpenum.c -lnet -lpcap
4. Copy icmpenum to your fave directory and (as root) start enumerating.
Usage:
Running icmpenum -h gives you the following screen:
# ./icmpenum -h
USAGE: ./icmpenum [opts] [-c class C] [-d dev] [-i 1-3] [-s src] [-t sec] hosts
opts are h n p r v
-h this help screen
-n no sending of packets
-p promiscuous receive mode
-r receiving packets only (no
-v verbose
-c class C in x.x.x.0 form
-i icmp type to send/receive, types include the following:
1 echo/echo reply (default)
2 timestamp request/reply
3 info request/reply
-d device to grab local IP or sniff from, default is eth0
-s spoofed source address
-t time in seconds to wait for all replies (default 5)
host(s) are target hosts (ignored if using -c)
Examples:
Here are some example uses of icmpenum to enumerate hosts.
Example 1:
[Host1]# icmpenum 192.168.1.1 192.168.1.2
This will use the default of Echo packets to try and determine if
192.168.1.1 and 192.168.1.2 are up and running.
Example 2:
[Host1]# icmpenum -i 2 -v 192.168.100.100 192.168.100.200
This will enumerate the two hosts using Timestamp packets in
verbose mode.
Example 3:
[Host1]# icmpenum -i 3 -s 10.10.10.10 -p -v 192.168.1.1 192.168.1.2
This will enumerate hosts 192.168.1.1 and 192.168.1.2 using
Information packets with a spoofed address of 10.10.10.10, since our real address is 10.10.10.11 we use the -p option to listen for the replies.
Here are some more advanced uses of icmpenum.
Example 4:
Assuming Host1 is 6.6.6.6 and Host2 is 7.7.7.7, and that the network 1.1.1.0 has potential hosts to enumerate, we use the following two entries to enumerate with Information packets:
[Host2]# icmpenum -r -t 30 -i 3 -c 1.1.1.0
[Host1]# icmpenum -s 7.7.7.7 -i 3 -c 1.1.1.0
Host2 starts first in receive mode with a timeout of 30 seconds and starts listening for Information packets from the 1.1.1.0 network. Then Host1 starts sending spoofed packets with Host2 as the source address, sending exactly what Host2 is listening for. It should be noted that this is hardly stealthy, as logs at 1.1.1s site could have 7.7.7.7s address all over them, but the -r function is good for testing.
Example 5:
Assuming Host1 is 6.6.6.6 and Host2 is 7.7.7.7, and that Host2 can sniff traffic between 1.1.1.0 and 2.2.2.0, we use the following entries to enumerate the 1.1.1.0 network:
[Host2]# icmpenum -t 20 -n -p -i 2 -c 1.1.1.0
[Host1]# icmpenum -s 2.2.2.2 -i 2 -c 1.1.1.0
Host2 starts first with a timeout of 20 seconds, makes sure not to send the packets with the -n option, listens promiscuously for Timestamp packets from the 1.1.1.0 network. Host1 sends the exact packets Host2 is listening for with a 2.2.2.2 spoofed source address. Yes, one could simply replace the -n option in Host2s command line with -s 2.2.2.2 and do the same thing from one workstation, but were demonstrating a distributed concept.
Enhancements:
- I have added ICMP MASK (type 17 and 18) requests and replys. Simply use the -i 4 option on the command line, such as; icmpenum -i 4 -c 1.2.3.1 (sends ICMP MASK requests to the Class C range 1.2.3.1/24 and reports any system as.
- Due to the use of some older versions of Libnet and Libpcap. I can see problems for some people compiling this and hence have placed two statically linked versions within the tarball
Download (0.58MB)
Added: 2007-04-05 License: GPL (GNU General Public License) Price:
556 downloads
ICMPInfo 0.2
ICMPInfo is a tool that uses ICMP type 13 and 17 to retrieve the current time of a remote host and its netmask. more>>
ICMPInfo is a tool that uses ICMP type 13 and 17 to retrieve the current time of a remote host and its netmask.
<<less Download (0.017MB)
Added: 2006-04-18 License: GPL (GNU General Public License) Price:
1284 downloads
Disk Manager 1.0.1
Disk manager is a simple filesystem configurator. more>>
Disk Manager project is a simple filesystem configurator that allow you to:
- Automaticly detect new partitions at startup.
- Fully manage configuration of filesystem.
- Enable/disable write support for NTFS (need ntfs-3g installed).
<<less- Automaticly detect new partitions at startup.
- Fully manage configuration of filesystem.
- Enable/disable write support for NTFS (need ntfs-3g installed).
Download (0.055MB)
Added: 2007-07-17 License: GPL (GNU General Public License) Price:
520 downloads
Device::Modem 1.47
Device::Modem is a Perl extension to talk to modem devices connected via serial port. more>>
Device::Modem is a Perl extension created to talk to modem devices connected via serial port.
WARNING
This is BETA software, so use it at your own risk, and without ANY warranty! Have fun.
SYNOPSIS
use Device::Modem;
my $modem = new Device::Modem( port => /dev/ttyS1 );
if( $modem->connect( baudrate => 9600 ) ) {
print "connected!n";
} else {
print "sorry, no connection with serial port!n";
}
$modem->attention(); # send `attention sequence (+++)
($ok, $answer) = $modem->dial(02270469012); # dial phone number
$ok = $modem->dial(3); # 1-digit parameter = dial number stored in memory 3
$modem->echo(1); # enable local echo (0 to disable)
$modem->offhook(); # Take off hook (ready to dial)
$modem->hangup(); # returns modem answer
$modem->is_active(); # Tests whether modem device is active or not
# So far it works for modem OFF/ modem ON condition
$modem->reset(); # hangup + attention + restore setting 0 (Z0)
$modem->restore_factory_settings(); # Handle with care!
$modem->restore_factory_settings(1); # Same with preset profile 1 (can be 0 or 1)
$modem->send_init_string(); # Send initialization string
# Now this is fixed to AT H0 Z S7=45 S0=0 Q0 V1 E0 &C0 X4
# Get/Set value of S1 register
my $S1 = $modem->S_register(1);
my $S1 = $modem->S_register(1, 55); # Dont do that if you definitely dont know!
# Get status of managed signals (CTS, DSR, RLSD, RING)
my %signal = $modem->status();
if( $signal{DSR} ) { print "Data Set Ready signal active!n"; }
# Stores this number in modem memory number 3
$modem->store_number(3, 01005552817);
$modem->repeat(); # Repeat last command
$modem->verbose(1); # Normal text responses (0=numeric codes)
# Some raw AT commands
$modem->atsend( ATH0 );
print $modem->answer();
$modem->atsend( ATDT01234567 . Device::Modem::CR );
print $modem->answer();
Device::Modem class implements basic AT (Hayes) compliant device abstraction. It can be inherited by sub classes (as Device::Gsm), which are based on serial connections.
<<lessWARNING
This is BETA software, so use it at your own risk, and without ANY warranty! Have fun.
SYNOPSIS
use Device::Modem;
my $modem = new Device::Modem( port => /dev/ttyS1 );
if( $modem->connect( baudrate => 9600 ) ) {
print "connected!n";
} else {
print "sorry, no connection with serial port!n";
}
$modem->attention(); # send `attention sequence (+++)
($ok, $answer) = $modem->dial(02270469012); # dial phone number
$ok = $modem->dial(3); # 1-digit parameter = dial number stored in memory 3
$modem->echo(1); # enable local echo (0 to disable)
$modem->offhook(); # Take off hook (ready to dial)
$modem->hangup(); # returns modem answer
$modem->is_active(); # Tests whether modem device is active or not
# So far it works for modem OFF/ modem ON condition
$modem->reset(); # hangup + attention + restore setting 0 (Z0)
$modem->restore_factory_settings(); # Handle with care!
$modem->restore_factory_settings(1); # Same with preset profile 1 (can be 0 or 1)
$modem->send_init_string(); # Send initialization string
# Now this is fixed to AT H0 Z S7=45 S0=0 Q0 V1 E0 &C0 X4
# Get/Set value of S1 register
my $S1 = $modem->S_register(1);
my $S1 = $modem->S_register(1, 55); # Dont do that if you definitely dont know!
# Get status of managed signals (CTS, DSR, RLSD, RING)
my %signal = $modem->status();
if( $signal{DSR} ) { print "Data Set Ready signal active!n"; }
# Stores this number in modem memory number 3
$modem->store_number(3, 01005552817);
$modem->repeat(); # Repeat last command
$modem->verbose(1); # Normal text responses (0=numeric codes)
# Some raw AT commands
$modem->atsend( ATH0 );
print $modem->answer();
$modem->atsend( ATDT01234567 . Device::Modem::CR );
print $modem->answer();
Device::Modem class implements basic AT (Hayes) compliant device abstraction. It can be inherited by sub classes (as Device::Gsm), which are based on serial connections.
Download (0.046MB)
Added: 2007-04-17 License: Perl Artistic License Price:
929 downloads
NetPacket::ICMP 0.04
NetPacket::ICMP is a Perl module to assemble and disassemble ICMP (Internet Control Message Protocol) packets. more>>
NetPacket::ICMP is a Perl module to assemble and disassemble ICMP (Internet Control Message Protocol) packets.
SYNOPSIS
use NetPacket::ICMP;
$icmp_obj = NetPacket::ICMP->decode($raw_pkt);
$icmp_pkt = NetPacket::ICMP->encode();
$icmp_data = NetPacket::ICMP::strip($raw_pkt);
NetPacket::ICMP provides a set of routines for assembling and disassembling packets using ICMP (Internet Control Message Protocol).
Methods
NetPacket::ICMP->decode([RAW PACKET])
Decode the raw packet data given and return an object containing instance data. This method will quite happily decode garbage input. It is the responsibility of the programmer to ensure valid packet data is passed to this method.
NetPacket::ICMP->encode()
Return an ICMP packet encoded with the instance data specified.
<<lessSYNOPSIS
use NetPacket::ICMP;
$icmp_obj = NetPacket::ICMP->decode($raw_pkt);
$icmp_pkt = NetPacket::ICMP->encode();
$icmp_data = NetPacket::ICMP::strip($raw_pkt);
NetPacket::ICMP provides a set of routines for assembling and disassembling packets using ICMP (Internet Control Message Protocol).
Methods
NetPacket::ICMP->decode([RAW PACKET])
Decode the raw packet data given and return an object containing instance data. This method will quite happily decode garbage input. It is the responsibility of the programmer to ensure valid packet data is passed to this method.
NetPacket::ICMP->encode()
Return an ICMP packet encoded with the instance data specified.
Download (0.011MB)
Added: 2007-02-27 License: Perl Artistic License Price:
970 downloads
kfilewatcher 0.1
kfilewatcher project watches for file changes and allows you to react on them. more>>
kfilewatcher project watches for file changes and allows you to react on them.
Example:
kfilewatcher /tmp/test 2>&1 | while read a; do echo "File has changed - doing something"; done
This command does something every time kfilewatcher detects a change. At the moment, the only action is to output "File has changed - doing something", but you can write anything there, e.g.
- backup stuff as soon as it changes
- publish files on your homepage everytime they change
- keep directories in sync
<<lessExample:
kfilewatcher /tmp/test 2>&1 | while read a; do echo "File has changed - doing something"; done
This command does something every time kfilewatcher detects a change. At the moment, the only action is to output "File has changed - doing something", but you can write anything there, e.g.
- backup stuff as soon as it changes
- publish files on your homepage everytime they change
- keep directories in sync
Download (1.7MB)
Added: 2006-12-28 License: GPL (GNU General Public License) Price:
1030 downloads
Secleted [ 0 ] software to compare
Copyright Notice:
Software piracy is theft, Using crack, password, serial numbers, registration codes, key generators is illegal and prevent future software development. The above disable icmp echo search only lists software in full, demo and trial versions for free download. Download links are directly from our mirror sites or publisher sites, torrent files or links from rapidshare.com, yousendit.com or megaupload.com are not allowed
