packet loss
Sponsored Links
Sponsored Links
Secleted [ 0 ] software to compare
Results 1 - 15 of about 685
Justniffer 0.5.6
justniffer is a tcp packet sniffer. It can log network traffic in a standard (web server like) or in a customized way. It can also log response times, useful for tracking network services performances (e.g. web server, application server, etc.) more>> <<less
Added: 2009-07-26 License: GPL v3 Price: FREE
downloads
CELT 0.6.0
CELT is an experimental audio codec for use in low-delay communication. more>>
CELT 0.6.0 is created to be an experimental audio codec for use in low-delay communication. CELT stands for "Code-Excited Lapped Transform". It applies some of the CELP principles, but does everything in the frequency domain, which removes some of the limitations of CELP.
Major Features:
- Ultra-low latency (typically from 3 to 9 ms)
- Full audio bandwidth (44.1 kHz and 48 kHz)
- Stereo support
- Packet loss concealment
- Constant bit-rates from 32 kbps to 128 kbps and above
- A fixed-point version of the encoder and decoder
- The CELT codec is meant to close the gap between Vorbis and Speex for applications where both high quality audio and low delay are desired.
Enhancements:
- Has just been released, with many quality improvements, including better stereo coupling, better handling of transients, and better handling of highly tonal signals.
- Packet loss robustness has been improved through the optional use of independent (intra) frames.
- Supports a larger dynamic range, suitable for encoding 24-bit audio (float version only).
- There is also a very early VBR implementation.
Added: 2009-07-07 License: BSD License Price: FREE
13 downloads
Network-I 1.4.0
Captures, displays and analyses TCP/IP traffic more>> Network-I comprises a fast sniffer with a powerful filtering language, and a suite of tools to process the captured packets.
The possibilities range from the straightforward display of packets in exhaustive detail (or alternatively, in a 1-line summary mode) to measurement of traffic levels, and reporting on packet retransmission and losses.
It can also import (and export) capture files in tcpdump and snoop formats.
Network-I is therefore ideal for a troubleshooting network admin, and developers who want to debug the network traffic exchanged by their applications - or even for the curious student of networking who wants to look under the hood of TCP/IP.
This program is distributed as a set of pre-built Linux and Solaris packages, for ease of installation (and uninstallation).<<less
Download (244KB)
Added: 2009-04-12 License: Freeware Price: Free
196 downloads
jNetPcap 1.0 Beta 4
jNetPcap project is a Java wrapper around the Libpcap network packet capture library. more>>
jNetPcap project is a Java wrapper around the Libpcap network packet capture library. The low-level API is exposed in Java, which allows kernel buffer tuning, flags, and other features.
All captured packet buffers are wrapped, not copied, in efficient java.nio.ByteBuffer and delivered to Java by reference. This allows not-in-memory copies of packet data and very efficient and fast delivery of packets. The software is released for various platforms with the appropriate native library bundled.
<<lessAll captured packet buffers are wrapped, not copied, in efficient java.nio.ByteBuffer and delivered to Java by reference. This allows not-in-memory copies of packet data and very efficient and fast delivery of packets. The software is released for various platforms with the appropriate native library bundled.
Download (0.12MB)
Added: 2007-08-22 License: LGPL (GNU Lesser General Public License) Price:
795 downloads
WANem 1.1
WANem is a WAN Emulator, meant to provide real experience of Internet, during development and test on a LAN environment. more>>
WANem is a WAN Emulator, meant to provide real experience of Internet, during development and test on a LAN environment. Typically application developers develop applications on a LAN while the intended purpose for the same could be the client is accessing the application by WAN or even the internet.
WANem allows for the application development team to setup a transparent application gateway which can be made use to simulate WAN characteristics like Network delay, Packet loss, Packet corruption, Disconnections, Packet re-ordering, Jitter, etc.
WANem allows for WAN network characteristic emulation and thus allowing for applications to be tested in a realistic WAN environment before they are moved into production.
WANem is a combined development strategy where it hooks into the Linux kernel for performing network emulations and provides GUI to make it simple to use. Remastering of Knoppix Live CD makes it even more effective as it becomes platform independant.
<<lessWANem allows for the application development team to setup a transparent application gateway which can be made use to simulate WAN characteristics like Network delay, Packet loss, Packet corruption, Disconnections, Packet re-ordering, Jitter, etc.
WANem allows for WAN network characteristic emulation and thus allowing for applications to be tested in a realistic WAN environment before they are moved into production.
WANem is a combined development strategy where it hooks into the Linux kernel for performing network emulations and provides GUI to make it simple to use. Remastering of Knoppix Live CD makes it even more effective as it becomes platform independant.
Download (576.6MB)
Added: 2007-08-13 License: GPL (GNU General Public License) Price:
814 downloads
libpcap 0.9.7
libpcap is a system-independent interface for user-level packet capture. more>>
libpcap is a handy little library which provides a packet filtering mechanism based on the BSD packet filter (BPF).
Enhancements:
- Basic BPF filtering, Bluetooth, USB capturing on Linux, FreeBSD BIOCSDIRECTION ioctl, additional filter operations for 802.11 frame types, and support for filtering on MTP2 frame types were all added, and numerous other minor enhancements and bugfixes were made.
<<lessEnhancements:
- Basic BPF filtering, Bluetooth, USB capturing on Linux, FreeBSD BIOCSDIRECTION ioctl, additional filter operations for 802.11 frame types, and support for filtering on MTP2 frame types were all added, and numerous other minor enhancements and bugfixes were made.
Download (0.41MB)
Added: 2007-08-10 License: BSD License Price:
805 downloads
Layer-7 Packet Classifier for Linux 2007-07-27 (Pattern Definitions)
Layer-7 Packet Classifier for Linux is a packet classifier for Netfilter that identifies packets based on application layer. more>>
Layer-7 Packet Classifier for Linux is a packet classifier for Netfilter that identifies packets based on application layer (OSI layer 7) data. This means that it is able to classify packets as HTTP, FTP, Gnucleus, Kazaa, etc., regardless of ports.
It complements existing matches that classify based on port numbers, packet length, TOS bits, and so on. Combined with Linux QoS, it allows for full layer 7 packet shaping.
Main features:
- Patches for Linux 2.4 and 2.6
- Support for TCP, UDP and ICMP over IPv4
- Uses Netfilters connection tracking of FTP, IRC, etc
- Examines data across multiple packets
- Number of packets examined tunable on the fly through /proc
- Number of bytes examined tunable at module load time
- Distinguishes between new connections (those still being tested) and old unidentified connections
- Gives access to both Netfilter and QoS (rate limiting) features
- With the Netfilter "helper" match, you can distinguish between parent and child connections (e.g. ftp command/data)
<<lessIt complements existing matches that classify based on port numbers, packet length, TOS bits, and so on. Combined with Linux QoS, it allows for full layer 7 packet shaping.
Main features:
- Patches for Linux 2.4 and 2.6
- Support for TCP, UDP and ICMP over IPv4
- Uses Netfilters connection tracking of FTP, IRC, etc
- Examines data across multiple packets
- Number of packets examined tunable on the fly through /proc
- Number of bytes examined tunable at module load time
- Distinguishes between new connections (those still being tested) and old unidentified connections
- Gives access to both Netfilter and QoS (rate limiting) features
- With the Netfilter "helper" match, you can distinguish between parent and child connections (e.g. ftp command/data)
Download (MB)
Added: 2007-07-30 License: GPL (GNU General Public License) Price:
820 downloads
Other version of Layer-7 Packet Classifier for Linux
Layer-7 Packet Classifier for Linux is a classifier for the Linux kernels Netfilter subsystem ... Examines data across multiple packets - Number of packets examined tunable through /proc/netLicense:GPL (GNU General Public License)
Layer-7 Packet Classifier for Linux 0.4 (Userspace) Layer-7 Packet Classifier for Linux is a ... of FTP, IRC, etc - Examines data across multiple packets - Number of packets examined tunable onLicense:GPL (GNU General Public License)
ipt_ACCOUNT 1.10
ipt_ACCOUNT is a high performance local network accounting system written for the Linux netfilter/iptables system. more>>
ipt_ACCOUNT is a high performance local network accounting system written for the Linux netfilter/iptables system.
It has just two parameters:
addr is the subnet which is accounted for
tname is the table name where the information is stored
The data can be queried later using the libipt_ACCOUNT userspace library or by the "iptaccount" tool which is part of the libipt_ACCOUNT package.
A special subnet is "0.0.0.0/0": All data is stored in the src_bytes and src_packets structure of slot "0". This is useful if you want to account the overall traffic to/from your internet provider.
pt_ACCOUNT is designed to be queried for data every second or at least every ten seconds. It is written as kernel module to handle high bandwidths without packet loss.
The largest possible subnet size is 24 bit, meaning f.e. 10.0.0.0/8 networks. Therefore its able to use a fixed internal data structures which speeds up the processing speed for each packet. Furthermore, accounting data for one complete 192.168.1.X/24 network takes 4kb of memory. Memory for 16 or 24 bit networks is only allocated when needed.
The data is queried using the userspace libipt_ACCOUNT library. There is no /proc interface as it would be too slow for continuous access. The read&flush query operation is the fastest, as no internal data snapshot needs to be created&copied for all data. Use the "read" operation without flush only for debugging purposes!
To optimize the kerneluserspace data transfer a bit more, the kernel module only transfers information about IPs, where the src/dst packet counter is not 0. This saves precious kernel time.
Install the pom-ng-ipt_ACCOUNT archive in your patch-o matic-ng directory
Patch your kernel (./runme ACCOUNT)
Patch the userspace iptabels tool with the iptables-ext ipt_ACCOUNT.patch
Recompile the kernel
Recompile iptables tool
Unpack the libipt_ACCOUNT library archive
Run autoreconf -f
./configure && make && make install
You can also install&build the provided .src.prm
Enhancements:
- Linux kernel 2.6.22 support was added.
<<lessIt has just two parameters:
addr is the subnet which is accounted for
tname is the table name where the information is stored
The data can be queried later using the libipt_ACCOUNT userspace library or by the "iptaccount" tool which is part of the libipt_ACCOUNT package.
A special subnet is "0.0.0.0/0": All data is stored in the src_bytes and src_packets structure of slot "0". This is useful if you want to account the overall traffic to/from your internet provider.
pt_ACCOUNT is designed to be queried for data every second or at least every ten seconds. It is written as kernel module to handle high bandwidths without packet loss.
The largest possible subnet size is 24 bit, meaning f.e. 10.0.0.0/8 networks. Therefore its able to use a fixed internal data structures which speeds up the processing speed for each packet. Furthermore, accounting data for one complete 192.168.1.X/24 network takes 4kb of memory. Memory for 16 or 24 bit networks is only allocated when needed.
The data is queried using the userspace libipt_ACCOUNT library. There is no /proc interface as it would be too slow for continuous access. The read&flush query operation is the fastest, as no internal data snapshot needs to be created&copied for all data. Use the "read" operation without flush only for debugging purposes!
To optimize the kerneluserspace data transfer a bit more, the kernel module only transfers information about IPs, where the src/dst packet counter is not 0. This saves precious kernel time.
Install the pom-ng-ipt_ACCOUNT archive in your patch-o matic-ng directory
Patch your kernel (./runme ACCOUNT)
Patch the userspace iptabels tool with the iptables-ext ipt_ACCOUNT.patch
Recompile the kernel
Recompile iptables tool
Unpack the libipt_ACCOUNT library archive
Run autoreconf -f
./configure && make && make install
You can also install&build the provided .src.prm
Enhancements:
- Linux kernel 2.6.22 support was added.
Download (0.020MB)
Added: 2007-07-26 License: GPL (GNU General Public License) Price:
821 downloads
tcpdump 3.9.7
tcpdump is a packet filtering library that works with libcap. more>>
tcpdump is a handy little library which provides a packet filtering mechanism based on the BSD packet filter (BPF).
Most notably, tcpdump needs this to work, and there is also a perl module (still in beta) which can use this as well. In plain english, if you want to write your own network traffic analyzer, this is the place to start.
<<lessMost notably, tcpdump needs this to work, and there is also a perl module (still in beta) which can use this as well. In plain english, if you want to write your own network traffic analyzer, this is the place to start.
Download (0.85MB)
Added: 2007-07-24 License: BSD License Price:
826 downloads
MultiMail 0.49
MultiMail project is an offline mail packet reader for many systems, using a curses-based interface. more>>
MultiMail is an offline mail packet reader for many systems, using a curses-based interface.
It supports the Blue Wave, QWK, OMEN, SOUP, and OPX formats.
<<lessIt supports the Blue Wave, QWK, OMEN, SOUP, and OPX formats.
Download (0.21MB)
Added: 2007-07-20 License: GPL v3 Price:
827 downloads
mrtg-ping-probe 2.2.0
mrtg-ping-probe project monitors round trip time and packet loss to another host. more>>
mrtg-ping-probe project monitors round trip time and packet loss to another host. Still on my TODO list: add own min/max/avg rtt calculation, add perl ping module, add rping and rsh support...
mrtg-ping-probe is a ping probe for MRTG 2.x. It is used to monitor the round trip time and packet loss to networked devices. MRTG uses its output to generate graphs visualizing minimum and maximum round trip times or packet loss.
mrtg-ping-probe depends on the following software being installed on your system: perl (at least version 5.6.1), mrtg (I use version 2.8.8, though any mrtg 2.x version should work), and a ping program that displays a summary of the round trip times upon termination or timeout.
mrtg-ping-probe runs on AIX, BSD/OS 2.1, FreeBSD/2.2.x, IRIX/6.2, Linux, Mac OS X (Darwin 5.4), NetBSD, OpenBSD, OS/2, OSF1 V3.2, Solaris 1.1.2 (SunOS 4.1.4), Solaris 2.5.1 (SunOS 5.5.1), Solaris 7 (SunOS 5.7), Solaris 8 (SunOS 5.8), Solaris 9 (SunOS 5.9), HP-UX 9, Windows 98, and Windows 2000 (english, french, portugesee, and spanish locales).
If you install the Windows ping program that comes with Windows 98, Windows 2000, or WinSock 2.x, mrtg-ping-probe will also run on Windows 95 and Windows 4.0.
Support for additional systems is usually easy to add, as described in the file INSTALL.
Act responsible: do not use mrtg-ping-probe to ping devices without the owners permission. Just imagine 10,000 people would decide to ping your hosts ... mrtg-ping-probe is meant to be used within your network to get round trip time performance figures for your network.
Usage: mrtg-ping-probe [-hsvV] [-d deadtime] [-k count] [-l length] [-o ping_options] [-p [factor*]{min|max|avg|loss|integer}/[factor*]{min|max|avg|loss|integer}] [-r [rsh:][user@]host[:osname]] [-t timeout] host
Enhancements:
- new platforms supported: italian Windows 2000 locale.
- bugfixes: on Windows actually return deadtime when we lost all packets, not 0. the ping child process should actually be killed now on Unix platforms.
- changes: ***** Possible Incompatability ***** raised minimum required perl version to 5.6.1. lots of typos fixed.
<<lessmrtg-ping-probe is a ping probe for MRTG 2.x. It is used to monitor the round trip time and packet loss to networked devices. MRTG uses its output to generate graphs visualizing minimum and maximum round trip times or packet loss.
mrtg-ping-probe depends on the following software being installed on your system: perl (at least version 5.6.1), mrtg (I use version 2.8.8, though any mrtg 2.x version should work), and a ping program that displays a summary of the round trip times upon termination or timeout.
mrtg-ping-probe runs on AIX, BSD/OS 2.1, FreeBSD/2.2.x, IRIX/6.2, Linux, Mac OS X (Darwin 5.4), NetBSD, OpenBSD, OS/2, OSF1 V3.2, Solaris 1.1.2 (SunOS 4.1.4), Solaris 2.5.1 (SunOS 5.5.1), Solaris 7 (SunOS 5.7), Solaris 8 (SunOS 5.8), Solaris 9 (SunOS 5.9), HP-UX 9, Windows 98, and Windows 2000 (english, french, portugesee, and spanish locales).
If you install the Windows ping program that comes with Windows 98, Windows 2000, or WinSock 2.x, mrtg-ping-probe will also run on Windows 95 and Windows 4.0.
Support for additional systems is usually easy to add, as described in the file INSTALL.
Act responsible: do not use mrtg-ping-probe to ping devices without the owners permission. Just imagine 10,000 people would decide to ping your hosts ... mrtg-ping-probe is meant to be used within your network to get round trip time performance figures for your network.
Usage: mrtg-ping-probe [-hsvV] [-d deadtime] [-k count] [-l length] [-o ping_options] [-p [factor*]{min|max|avg|loss|integer}/[factor*]{min|max|avg|loss|integer}] [-r [rsh:][user@]host[:osname]] [-t timeout] host
Enhancements:
- new platforms supported: italian Windows 2000 locale.
- bugfixes: on Windows actually return deadtime when we lost all packets, not 0. the ping child process should actually be killed now on Unix platforms.
- changes: ***** Possible Incompatability ***** raised minimum required perl version to 5.6.1. lots of typos fixed.
Download (0.036MB)
Added: 2007-07-16 License: GPL (GNU General Public License) Price:
554 downloads
deja-packet 1.0
deja-packet transmits raw packets through a specified interface. more>>
deja-packet transmits raw packets through a specified interface.
Usage: ./deja-packet -pcap < libpcap capture file > < interface name >
or: ./deja-packet -raw < raw packet file > < interface name >
Note: you must be root to successfully transmit packets with deja-packet due to the Linux security restrictions with raw sockets.
In the [-p]cap mode, deja-packet transmits selected packets from a libpcap capture file (such as one created by Ethereal/Wireshark, or tcpdump). In the [-r]aw mode, deja-packet transmits the raw contents of a file as one whole packet.
The [-p]cap mode is interactive: the user will be continuously prompted to select which packet from the libpcap capture file to transmit, until the “q” character is encountered, where the program will quit.
Example pcap mode:
$ sudo ./deja-packet -p icmp_ping.pcap eth0
Select packet number (1 to 6) for transmission or q for quit: 1
Successfully transmitted packet!
Select packet number (1 to 6) for transmission or q for quit: 2
Successfully transmitted packet!
Select packet number (1 to 6) for transmission or q for quit: 5
Successfully transmitted packet!
Select packet number (1 to 6) for transmission or q for quit: 6
Successfully transmitted packet!
Select packet number (1 to 6) for transmission or q for quit: q
$
In the [-r]aw mode, deja-packet exits immediately after the attempted transmission is complete (allows deja-packet to be easily used with a script).
Example raw mode:
$ sudo ./deja-packet -r samplepacket eth0
Successfully transmitted packet!
$
icmp_ping.pcap is included as a sample libpcap capture file.
To compile deja-packet, simply use the command “make”.
deja-packet remains Linux-only because it requires PF_PACKET sockets.
This project is released under the GNU General Public License version 2.
<<lessUsage: ./deja-packet -pcap < libpcap capture file > < interface name >
or: ./deja-packet -raw < raw packet file > < interface name >
Note: you must be root to successfully transmit packets with deja-packet due to the Linux security restrictions with raw sockets.
In the [-p]cap mode, deja-packet transmits selected packets from a libpcap capture file (such as one created by Ethereal/Wireshark, or tcpdump). In the [-r]aw mode, deja-packet transmits the raw contents of a file as one whole packet.
The [-p]cap mode is interactive: the user will be continuously prompted to select which packet from the libpcap capture file to transmit, until the “q” character is encountered, where the program will quit.
Example pcap mode:
$ sudo ./deja-packet -p icmp_ping.pcap eth0
Select packet number (1 to 6) for transmission or q for quit: 1
Successfully transmitted packet!
Select packet number (1 to 6) for transmission or q for quit: 2
Successfully transmitted packet!
Select packet number (1 to 6) for transmission or q for quit: 5
Successfully transmitted packet!
Select packet number (1 to 6) for transmission or q for quit: 6
Successfully transmitted packet!
Select packet number (1 to 6) for transmission or q for quit: q
$
In the [-r]aw mode, deja-packet exits immediately after the attempted transmission is complete (allows deja-packet to be easily used with a script).
Example raw mode:
$ sudo ./deja-packet -r samplepacket eth0
Successfully transmitted packet!
$
icmp_ping.pcap is included as a sample libpcap capture file.
To compile deja-packet, simply use the command “make”.
deja-packet remains Linux-only because it requires PF_PACKET sockets.
This project is released under the GNU General Public License version 2.
Download (0.004MB)
Added: 2007-07-04 License: GPL (GNU General Public License) Price:
847 downloads
iptables 1.3.8
iptables is a Linux kernel packet control tool. more>>
iptables and netfilter are building blocks of a framework inside the Linux 2.4.x and 2.6.x kernel. This framework enables packet filtering, network addresss [and port] translation (NA[P]T) and other packet mangling. It is the re-designed and heavily improved successor of the previous Linux 2.2.x ipchains and Linux 2.0.x ipfwadm systems.
iptables is a generic table structure for the definition of rulesets. Each rule within an IP table consists out of a number of classifiers (iptables matches) and one connected action (iptables target).
netfilter, iptables and the connection tracking as well as the NAT subsystem together build the whole framework.
Main features:
- stateless packet filtering (IPv4 and IPv6)
- stateful packet filtering (IPv4)
- all kinds of network address and port translation (NAT/NAPT)
- flexible and extensible infrastructure
- multiple layers of APIs for 3rd party extensions
- large number of plugins/modules kept in patch-o-matic repository
<<lessiptables is a generic table structure for the definition of rulesets. Each rule within an IP table consists out of a number of classifiers (iptables matches) and one connected action (iptables target).
netfilter, iptables and the connection tracking as well as the NAT subsystem together build the whole framework.
Main features:
- stateless packet filtering (IPv4 and IPv6)
- stateful packet filtering (IPv4)
- all kinds of network address and port translation (NAT/NAPT)
- flexible and extensible infrastructure
- multiple layers of APIs for 3rd party extensions
- large number of plugins/modules kept in patch-o-matic repository
Download (0.17MB)
Added: 2007-06-26 License: GPL (GNU General Public License) Price:
851 downloads
Net::DHCP::Packet 0.66
Net::DHCP::Packet is a Perl module with object methods to create a DHCP packet. more>>
Net::DHCP::Packet is a Perl module with object methods to create a DHCP packet.
SYNOPSIS
use Net::DHCP::Packet;
my $p = new Net::DHCP::Packet->new(
Chaddr => 000BCDEF,
Xid => 0x9F0FD,
Ciaddr => 0.0.0.0,
Siaddr => 0.0.0.0,
Hops => 0);
Represents a DHCP packet as specified in RFC 1533, RFC 2132.
CONSTRUCTOR
This module only provides basic constructor. For "easy" constructors, you can use the Net::DHCP::Session module.
new( )
new( BUFFER )
new( ARG => VALUE, ARG => VALUE... )
Creates an Net::DHCP::Packet object, which can be used to send or receive DHCP network packets. BOOTP is not supported.
Without argument, a default empty packet is created.
$packet = Net::DHCP::Packet();
A BUFFER argument is interpreted as a binary buffer like one provided by the socket recv() function. if the packet is malformed, a fatal error is issued.
use IO::Socket::INET;
use Net::DHCP::Packet;
$sock = IO::Socket::INET->new(LocalPort => 67, Proto => "udp", Broadcast => 1)
or die "socket: $@";
while ($sock->recv($newmsg, 1024)) {
$packet = Net::DHCP::Packet->new($newmsg);
print $packet->toString();
}
To create a fresh new packet new() takes arguments as a key-value pairs :
ARGUMENT FIELD OCTETS DESCRIPTION
-------- ----- ------ -----------
Op op 1 Message op code / message type.
1 = BOOTREQUEST, 2 = BOOTREPLY
Htype htype 1 Hardware address type, see ARP section in "Assigned
Numbers" RFC; e.g., 1 = 10mb ethernet.
Hlen hlen 1 Hardware address length (e.g. 6 for 10mb
ethernet).
Hops hops 1 Client sets to zero, optionally used by relay agents
when booting via a relay agent.
Xid xid 4 Transaction ID, a random number chosen by the
client, used by the client and server to associate
messages and responses between a client and a
server.
Secs secs 2 Filled in by client, seconds elapsed since client
began address acquisition or renewal process.
Flags flags 2 Flags (see figure 2).
Ciaddr ciaddr 4 Client IP address; only filled in if client is in
BOUND, RENEW or REBINDING state and can respond
to ARP requests.
Yiaddr yiaddr 4 your (client) IP address.
Siaddr siaddr 4 IP address of next server to use in bootstrap;
returned in DHCPOFFER, DHCPACK by server.
Giaddr giaddr 4 Relay agent IP address, used in booting via a
relay agent.
Chaddr chaddr 16 Client hardware address.
Sname sname 64 Optional server host name, null terminated string.
File file 128 Boot file name, null terminated string; "generic"
name or null in DHCPDISCOVER, fully qualified
directory-path name in DHCPOFFER.
IsDhcp isDhcp 4 Controls whether the packet is BOOTP or DHCP.
DHCP conatains the "magic cookie" of 4 bytes.
0x63 0x82 0x53 0x63.
DHO_*code Optional parameters field. See the options
documents for a list of defined options.
See Net::DHCP::Constants.
Padding padding * Optional padding at the end of the packet
See below methods for values and syntax descrption.
Note: DHCP options are created in the same order as key-value pairs.
<<lessSYNOPSIS
use Net::DHCP::Packet;
my $p = new Net::DHCP::Packet->new(
Chaddr => 000BCDEF,
Xid => 0x9F0FD,
Ciaddr => 0.0.0.0,
Siaddr => 0.0.0.0,
Hops => 0);
Represents a DHCP packet as specified in RFC 1533, RFC 2132.
CONSTRUCTOR
This module only provides basic constructor. For "easy" constructors, you can use the Net::DHCP::Session module.
new( )
new( BUFFER )
new( ARG => VALUE, ARG => VALUE... )
Creates an Net::DHCP::Packet object, which can be used to send or receive DHCP network packets. BOOTP is not supported.
Without argument, a default empty packet is created.
$packet = Net::DHCP::Packet();
A BUFFER argument is interpreted as a binary buffer like one provided by the socket recv() function. if the packet is malformed, a fatal error is issued.
use IO::Socket::INET;
use Net::DHCP::Packet;
$sock = IO::Socket::INET->new(LocalPort => 67, Proto => "udp", Broadcast => 1)
or die "socket: $@";
while ($sock->recv($newmsg, 1024)) {
$packet = Net::DHCP::Packet->new($newmsg);
print $packet->toString();
}
To create a fresh new packet new() takes arguments as a key-value pairs :
ARGUMENT FIELD OCTETS DESCRIPTION
-------- ----- ------ -----------
Op op 1 Message op code / message type.
1 = BOOTREQUEST, 2 = BOOTREPLY
Htype htype 1 Hardware address type, see ARP section in "Assigned
Numbers" RFC; e.g., 1 = 10mb ethernet.
Hlen hlen 1 Hardware address length (e.g. 6 for 10mb
ethernet).
Hops hops 1 Client sets to zero, optionally used by relay agents
when booting via a relay agent.
Xid xid 4 Transaction ID, a random number chosen by the
client, used by the client and server to associate
messages and responses between a client and a
server.
Secs secs 2 Filled in by client, seconds elapsed since client
began address acquisition or renewal process.
Flags flags 2 Flags (see figure 2).
Ciaddr ciaddr 4 Client IP address; only filled in if client is in
BOUND, RENEW or REBINDING state and can respond
to ARP requests.
Yiaddr yiaddr 4 your (client) IP address.
Siaddr siaddr 4 IP address of next server to use in bootstrap;
returned in DHCPOFFER, DHCPACK by server.
Giaddr giaddr 4 Relay agent IP address, used in booting via a
relay agent.
Chaddr chaddr 16 Client hardware address.
Sname sname 64 Optional server host name, null terminated string.
File file 128 Boot file name, null terminated string; "generic"
name or null in DHCPDISCOVER, fully qualified
directory-path name in DHCPOFFER.
IsDhcp isDhcp 4 Controls whether the packet is BOOTP or DHCP.
DHCP conatains the "magic cookie" of 4 bytes.
0x63 0x82 0x53 0x63.
DHO_*code Optional parameters field. See the options
documents for a list of defined options.
See Net::DHCP::Constants.
Padding padding * Optional padding at the end of the packet
See below methods for values and syntax descrption.
Note: DHCP options are created in the same order as key-value pairs.
Download (0.021MB)
Added: 2007-06-23 License: Perl Artistic License Price:
859 downloads
Honeyd 1.5c
Honeyd is a small daemon that creates virtual hosts on a network. more>>
The hosts can be configured to run arbitrary services, and their personality can be adapted so that they appear to be running certain operating systems. Honeyd enables a single host to claim multiple addresses - I have tested up to 65536 - on a LAN for network simulation.
Honeyd improves cyber security by providing mechanisms for threat detection and assessment. It also deters adversaries by hiding real systems in the middle of virtual systems.
It is possible to ping the virtual machines, or to traceroute them. Any type of service on the virtual machine can be simulated according to a simple configuration file. Instead of simulating a service, it is also possible to proxy it to another machine.
annotate "AIX 4.0 - 4.2" fragment old
# Example of a simple host template and its binding create template
set template personality "AIX 4.0 - 4.2"
add template tcp port 80 "sh scripts/web.sh"
add template tcp port 22 "sh scripts/test.sh $ipsrc $dport"
add template tcp port 23 proxy 10.23.1.2:23
set template default tcp action reset
bind 10.21.19.102 template
The different TCP personalities are learned from reading a nmap fingerprint file. The configured personality is the operating system that nmap or xprobe will return. Personalities can be annotated to determine if they allow FIN-scans for open ports or to select the preference in which they reassemble fragmented IP packets.
Honeyd can be used to create a virtual honey net or for general network monitoring. It supports the creation of a virtual network topology including dedicated routes and routers. The routes can be attributed with latency and packet loss to make the topology seem more realistic.
Because Honeyd interacts with potentially malicious adversaries, you should sandbox it with Systrace. Systrace prevents an adversary from exploiting bugs in your Honeyd scripts.
Subsystem Virtualization
Honeyd supports service virtualization by executing Unix applications as subsystems running in the virtual IP address space of a configured honeypot. This allows any network application to dynamically bind ports, create TCP and UDP connections using a virtual IP address.
Subsystems are virtualized by intercepting their network requests and redirecting them to Honeyd. Every configuration template may contain subsystems that are started as separated processes when the template is bound to a virtual IP address. An additional benefit of this approach is the ability of honeypots to create sporadic background traffic like requesting web pages and reading email, etc.
Network Simulation/Internet-In-The-Box
Honeyd supports assymetric routes and the integration of physical machines into the virtual network topology. As a result, it is possible to use Honeyd for simple network simulations: Physical hosts can be exposed to high latency or packet loss, arbitrary routing infrastructures, etc.
route entry 10.0.0.1 network 10.0.0.0/8
route 10.0.0.1 link 10.0.0.0/24
route 10.0.0.1 add net 10.4.0.0/14 tunnel "thishost" "honeyd-b"
route 10.0.0.1 add net 10.1.0.0/16 10.1.0.1 latency 55ms loss 0.1
route 10.0.0.1 add net 10.2.0.0/16 10.2.0.1 latency 20ms loss 0.1
route 10.0.0.1 add net 10.3.0.0/16 10.2.0.1 latency 20ms loss 0.1
route 10.1.0.1 link 10.1.0.0/24
route 10.2.0.1 link 10.2.0.0/24
[...]
route 10.2.0.1 add net 10.3.0.0/16 10.3.0.1 latency 10ms loss 0.1
route 10.3.0.1 link 10.3.0.0/24
route 10.3.0.1 add net 10.3.1.1/24 10.3.1.1 latency 10ms
route 10.3.0.1 add net 10.3.240.0/20 10.3.240.1 latency 5ms
route 10.3.1.1 link 10.3.1.1/24
route 10.3.240.1 link 10.3.240.0/20
route 10.3.240.1 add net 0.0.0.0/0 10.3.0.1 latency 40ms loss 0.5
[...]
bind 10.2.0.243 to fxp0
bind 10.3.1.15 to fxp0
Using GRE tunneling allows the creation of distributed setups that allow Honeyd to scale to larger networks. It also allows virtual machines to be spread across separate address spaces as GRE tunnel selection can be based on the source addresses.
<<lessHoneyd improves cyber security by providing mechanisms for threat detection and assessment. It also deters adversaries by hiding real systems in the middle of virtual systems.
It is possible to ping the virtual machines, or to traceroute them. Any type of service on the virtual machine can be simulated according to a simple configuration file. Instead of simulating a service, it is also possible to proxy it to another machine.
annotate "AIX 4.0 - 4.2" fragment old
# Example of a simple host template and its binding create template
set template personality "AIX 4.0 - 4.2"
add template tcp port 80 "sh scripts/web.sh"
add template tcp port 22 "sh scripts/test.sh $ipsrc $dport"
add template tcp port 23 proxy 10.23.1.2:23
set template default tcp action reset
bind 10.21.19.102 template
The different TCP personalities are learned from reading a nmap fingerprint file. The configured personality is the operating system that nmap or xprobe will return. Personalities can be annotated to determine if they allow FIN-scans for open ports or to select the preference in which they reassemble fragmented IP packets.
Honeyd can be used to create a virtual honey net or for general network monitoring. It supports the creation of a virtual network topology including dedicated routes and routers. The routes can be attributed with latency and packet loss to make the topology seem more realistic.
Because Honeyd interacts with potentially malicious adversaries, you should sandbox it with Systrace. Systrace prevents an adversary from exploiting bugs in your Honeyd scripts.
Subsystem Virtualization
Honeyd supports service virtualization by executing Unix applications as subsystems running in the virtual IP address space of a configured honeypot. This allows any network application to dynamically bind ports, create TCP and UDP connections using a virtual IP address.
Subsystems are virtualized by intercepting their network requests and redirecting them to Honeyd. Every configuration template may contain subsystems that are started as separated processes when the template is bound to a virtual IP address. An additional benefit of this approach is the ability of honeypots to create sporadic background traffic like requesting web pages and reading email, etc.
Network Simulation/Internet-In-The-Box
Honeyd supports assymetric routes and the integration of physical machines into the virtual network topology. As a result, it is possible to use Honeyd for simple network simulations: Physical hosts can be exposed to high latency or packet loss, arbitrary routing infrastructures, etc.
route entry 10.0.0.1 network 10.0.0.0/8
route 10.0.0.1 link 10.0.0.0/24
route 10.0.0.1 add net 10.4.0.0/14 tunnel "thishost" "honeyd-b"
route 10.0.0.1 add net 10.1.0.0/16 10.1.0.1 latency 55ms loss 0.1
route 10.0.0.1 add net 10.2.0.0/16 10.2.0.1 latency 20ms loss 0.1
route 10.0.0.1 add net 10.3.0.0/16 10.2.0.1 latency 20ms loss 0.1
route 10.1.0.1 link 10.1.0.0/24
route 10.2.0.1 link 10.2.0.0/24
[...]
route 10.2.0.1 add net 10.3.0.0/16 10.3.0.1 latency 10ms loss 0.1
route 10.3.0.1 link 10.3.0.0/24
route 10.3.0.1 add net 10.3.1.1/24 10.3.1.1 latency 10ms
route 10.3.0.1 add net 10.3.240.0/20 10.3.240.1 latency 5ms
route 10.3.1.1 link 10.3.1.1/24
route 10.3.240.1 link 10.3.240.0/20
route 10.3.240.1 add net 0.0.0.0/0 10.3.0.1 latency 40ms loss 0.5
[...]
bind 10.2.0.243 to fxp0
bind 10.3.1.15 to fxp0
Using GRE tunneling allows the creation of distributed setups that allow Honeyd to scale to larger networks. It also allows virtual machines to be spread across separate address spaces as GRE tunnel selection can be based on the source addresses.
Download (0.87MB)
Added: 2007-05-29 License: GPL (GNU General Public License) Price:
888 downloads
Secleted [ 0 ] software to compare
Copyright Notice:
Software piracy is theft, Using crack, password, serial numbers, registration codes, key generators is illegal and prevent future software development. The above packet loss search only lists software in full, demo and trial versions for free download. Download links are directly from our mirror sites or publisher sites, torrent files or links from rapidshare.com, yousendit.com or megaupload.com are not allowed
