packet loss software
Sponsored Links
Sponsored Links
Secleted [ 0 ] software to compare
Results 1 - 15 of about 734
Packet Garden 1.0pre5
Packet Garden is a project that allows you to grow a world from network traffic. more>>
Packet Garden is a project that allows you to grow a world from network traffic.
Packet Garden captures information about how you use the internet and uses this stored information to grow a private world you can later explore.
To do this, Packet Garden takes note of all the servers you visit, their geographical location and the kinds of data you access.
Uploads make hills and downloads valleys, their location determined by numbers taken from internet address itself.
The size of each hill or valley is based on how much data is sent or received.
Plants are also grown for each protocol detected by the software; if you visit a website, an HTTP plant is grown. If you share some files via eMule, a Peer to Peer plant is grown, and so on.
<<lessPacket Garden captures information about how you use the internet and uses this stored information to grow a private world you can later explore.
To do this, Packet Garden takes note of all the servers you visit, their geographical location and the kinds of data you access.
Uploads make hills and downloads valleys, their location determined by numbers taken from internet address itself.
The size of each hill or valley is based on how much data is sent or received.
Plants are also grown for each protocol detected by the software; if you visit a website, an HTTP plant is grown. If you share some files via eMule, a Peer to Peer plant is grown, and so on.
Download (2.5MB)
Added: 2007-01-16 License: GPL (GNU General Public License) Price:
1015 downloads
Packet Construction Set 0.5 Beta
Packet Construction Set is a set of Python modules and objects that make building network protocol code easier. more>>
Packet Construction Set is a set of Python modules and objects that make building network protocol code easier for the protocol developer.
The core of the system is the pcs module itself which provides the necessary functionality to create classes that implement packets.
Installation Instructions for Packet Construction Set (PCS)
PCS follows the normal Python conventions for building and installing and there is very little, if any, magic. To install the library and the associated packet classes into your system do:
> python setup.py install < return >
To test your installation do:
> cd tests/ < return >
> python *.py
Some tests fail if you do not have enough privileges to work with the Berkeley Packet Filter. If you wish to run those tests run them using sudo.
To build the documentation you will need pdflatex and a BSD version of make installed. Go into the docs directory and build the documentation:
> cd docs/ < return >
> bsdmake all
you will see PDF versions of the docs.
Enhancements:
- Move my version of Doug Songs Python pcap library into the package.
- Update the Makefile to make sure that we install correctly no matter what target is selected.
<<lessThe core of the system is the pcs module itself which provides the necessary functionality to create classes that implement packets.
Installation Instructions for Packet Construction Set (PCS)
PCS follows the normal Python conventions for building and installing and there is very little, if any, magic. To install the library and the associated packet classes into your system do:
> python setup.py install < return >
To test your installation do:
> cd tests/ < return >
> python *.py
Some tests fail if you do not have enough privileges to work with the Berkeley Packet Filter. If you wish to run those tests run them using sudo.
To build the documentation you will need pdflatex and a BSD version of make installed. Go into the docs directory and build the documentation:
> cd docs/ < return >
> bsdmake all
you will see PDF versions of the docs.
Enhancements:
- Move my version of Doug Songs Python pcap library into the package.
- Update the Makefile to make sure that we install correctly no matter what target is selected.
Download (0.36MB)
Added: 2007-03-22 License: BSD License Price:
947 downloads
Net::Packet::CDP::TypeSoftwareVersion 3.25
Net::Packet::CDP::TypeSoftwareVersion is a Perl module for Cisco Discovery Protocol Software Version extension header. more>>
Net::Packet::CDP::TypeSoftwareVersion is a Perl module for Cisco Discovery Protocol Software Version extension header.
SYNOPSIS
use Net::Packet::Consts qw(:cdp);
require Net::Packet::CDP::TypeSoftwareVersion;
# Build a layer
my $layer = Net::Packet::CDP::TypeSoftwareVersion->new(
type => NP_CDP_TYPE_SOFTWARE_VERSION,
length => 8,
softwareVersion => GGGG,
);
$layer->pack;
print RAW: .unpack(H*, $layer->raw)."n";
# Read a raw layer
my $layer = Net::Packet::CDP::TypeSoftwareVersion->new(raw => $raw);
print $layer->print."n";
print PAYLOAD: .unpack(H*, $layer->payload)."n"
if $layer->payload;
This modules implements the encoding and decoding of the Cisco Discovery Protocol Software Version type extension header.
<<lessSYNOPSIS
use Net::Packet::Consts qw(:cdp);
require Net::Packet::CDP::TypeSoftwareVersion;
# Build a layer
my $layer = Net::Packet::CDP::TypeSoftwareVersion->new(
type => NP_CDP_TYPE_SOFTWARE_VERSION,
length => 8,
softwareVersion => GGGG,
);
$layer->pack;
print RAW: .unpack(H*, $layer->raw)."n";
# Read a raw layer
my $layer = Net::Packet::CDP::TypeSoftwareVersion->new(raw => $raw);
print $layer->print."n";
print PAYLOAD: .unpack(H*, $layer->payload)."n"
if $layer->payload;
This modules implements the encoding and decoding of the Cisco Discovery Protocol Software Version type extension header.
Download (0.067MB)
Added: 2007-01-10 License: Perl Artistic License Price:
1024 downloads
packETH 1.4
packETH is a Linux GUI packet generator tool for ethernet. more>>
packETH is a Linux GUI packet generator tool for ethernet. The project allows you to create and send any possible packet or sequence of packets on the ethernet.
Main features:
you can create and send any ethernet packet. Supported protocols:
- ethernet II, ethernet 802.3, 802.1q, QinQ
- ARP, IPv4, user defined network layer payload
- UDP, TCP, ICMP, IGMP, user defined transport layer payload
- RTP (payload with options to send sin wave of any frequency for G.711)
sending sequence of packets
- delay between packets, number of packets to send
- sending with max speed, approaching the teoretical boundary
- change parameters while sending (change IP & mac address, UDP payload, 2 user defined bytes, etc.)
saving configuration to a text file and load from it.
Enhancements:
- new features
<<lessMain features:
you can create and send any ethernet packet. Supported protocols:
- ethernet II, ethernet 802.3, 802.1q, QinQ
- ARP, IPv4, user defined network layer payload
- UDP, TCP, ICMP, IGMP, user defined transport layer payload
- RTP (payload with options to send sin wave of any frequency for G.711)
sending sequence of packets
- delay between packets, number of packets to send
- sending with max speed, approaching the teoretical boundary
- change parameters while sending (change IP & mac address, UDP payload, 2 user defined bytes, etc.)
saving configuration to a text file and load from it.
Enhancements:
- new features
Download (0.13MB)
Added: 2007-02-19 License: GPL (GNU General Public License) Price:
980 downloads
Packet filtering setup script
Packet filtering setup script by Anthony C. Zboralski. more>>
Packet filtering setup script by Anthony C. Zboralski. Adapted by Didi Damian for iptables version 1.0.0
Sample:
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
# Set up variables
EXT_IF="eth0"
INT_IF="eth1"
EXT_IP=24.x.x.x/32
INT_IP=192.168.0.1/32
EXT_NET=24.x.x.0/24
INT_NET=192.168.0.0/24
MASQ_NETS="192.168.0.0/24"
LOCAL_ADDRS="127.0.0.0/8 192.168.0.1/32 24.x.x.x/32"
MAIL_RELAY=24.x.x.x/32
SMB_ACCESS="192.168.0.2/32"
SMB_BCAST="192.168.0.255/32"
# Turn on IP forwarding
echo Turning on IP forwarding.
echo 1 > /proc/sys/net/ipv4/ip_forward
# Load the ip_tables module
echo Loading ip_tables module.
/sbin/modprobe ip_tables || exit 1
# I let the kernel dynamically load the other modules
echo Flush standard tables.
iptables --flush INPUT
iptables --flush OUTPUT
iptables --flush FORWARD
echo Deny everything until firewall setup is completed.
iptables --policy INPUT DROP
iptables --policy OUTPUT DROP
iptables --policy FORWARD DROP
CHAINS=`iptables -n -L |perl -n -e /Chains+(S+)/ && !($1 =~ /^(INPUT|FORWARD|OUTPUT)$/) && print "$1 "`
echo Remove remaining chains:
echo $CHAINS
for chain in $CHAINS; do
iptables --flush $chain
done
# 2nd step cause of dependencies
for chain in $CHAINS; do
iptables --delete-chain $chain
done
for net in $MASQ_NETS; do
# I delete all the rules so you can rerun the scripts without bloating
# your nat entries.
iptables -D POSTROUTING -t nat -s $MASQ_NETS -j MASQUERADE 2>/dev/null
iptables -A POSTROUTING -t nat -s $MASQ_NETS -j MASQUERADE || exit 1
done
iptables --policy FORWARD ACCEPT
# Create a target for logging and dropping packets
iptables --new LDROP 2>/dev/null
iptables -A LDROP --proto tcp -j LOG --log-level info
--log-prefix "TCP Drop "
iptables -A LDROP --proto udp -j LOG --log-level info
--log-prefix "UDP Drop "
iptables -A LDROP --proto icmp -j LOG --log-level info
--log-prefix "ICMP Drop "
iptables -A LDROP --proto gre -j LOG --log-level info
--log-prefix "GRE Drop "
iptables -A LDROP -f -j LOG --log-level emerg
--log-prefix "FRAG Drop "
iptables -A LDROP -j DROP
# Create a table for watching some accepting rules
iptables --new WATCH 2>/dev/null
iptables -A WATCH -m limit -j LOG --log-level warn --log-prefix "ACCEPT "
iptables -A WATCH -j ACCEPT
echo Special target for local addresses:
iptables --new LOCAL 2>/dev/null
echo $LOCAL_ADDRS
for ip in $LOCAL_ADDRS; do
iptables -A INPUT --dst $ip -j LOCAL
# iptables -A INPUT --src $ip -i ! lo -j LDROP # lame spoof protect
done
echo Authorize mail from mail relay.
iptables -A LOCAL --proto tcp --syn --src $MAIL_RELAY --dst $EXT_IP --dport 25 -j ACCEPT
echo Authorizing samba access to:
echo $SMB_ACCESS
iptables --new SMB 2>/dev/null
for ip in $SMB_ACCESS; do
iptables -A SMB -s $ip -j ACCEPT
done
iptables -A LOCAL --proto udp -i ! $EXT_IF --dport 135:139 -j SMB
iptables -A LOCAL --proto tcp -i ! $EXT_IF --dport 135:139 -j SMB
iptables -A LOCAL --proto tcp -i ! $EXT_IF --dport 445 -j SMB
iptables -A INPUT -i ! $EXT_IF --dst $SMB_BCAST -j ACCEPT #lame samba broadcast
echo Drop and log every other incoming tcp connection attempts.
iptables -A LOCAL -i ! lo --proto tcp --syn --j LDROP
echo Authorize dns access for local nets.
for net in $MASQ_NETS 127.0.0.0/8; do
iptables -A INPUT --proto udp --src $net --dport 53 -j ACCEPT
done
echo Enforcing up ICMP policies, use iptables -L ICMP to check.
# If you deny all ICMP messages you head for trouble since it would
# break lots of tcp/ip algorythm (acz)
iptables --new ICMP 2>/dev/null
iptables -A INPUT --proto icmp -j ICMP
iptables -A ICMP -p icmp --icmp-type echo-reply -j ACCEPT
iptables -A ICMP -p icmp --icmp-type destination-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type network-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type host-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type protocol-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type port-unreachable -j ACCEPT
iptables -A ICMP -p icmp --icmp-type fragmentation-needed -j LDROP
iptables -A ICMP -p icmp --icmp-type source-route-failed -j WATCH
iptables -A ICMP -p icmp --icmp-type network-unknown -j WATCH
iptables -A ICMP -p icmp --icmp-type host-unknown -j WATCH
iptables -A ICMP -p icmp --icmp-type network-prohibited -j WATCH
iptables -A ICMP -p icmp --icmp-type host-prohibited -j WATCH
iptables -A ICMP -p icmp --icmp-type TOS-network-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type TOS-host-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type communication-prohibited -j WATCH
iptables -A ICMP -p icmp --icmp-type host-precedence-violation -j LDROP
iptables -A ICMP -p icmp --icmp-type precedence-cutoff -j LDROP
iptables -A ICMP -p icmp --icmp-type source-quench -j LDROP
iptables -A ICMP -p icmp --icmp-type redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type network-redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type host-redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type TOS-network-redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type TOS-host-redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type echo-request -j WATCH
iptables -A ICMP -p icmp --icmp-type router-advertisement -j LDROP
iptables -A ICMP -p icmp --icmp-type router-solicitation -j LDROP
iptables -A ICMP -p icmp --icmp-type time-exceeded -j WATCH
iptables -A ICMP -p icmp --icmp-type ttl-zero-during-transit -j WATCH
iptables -A ICMP -p icmp --icmp-type ttl-zero-during-reassembly -j WATCH
iptables -A ICMP -p icmp --icmp-type parameter-problem -j WATCH
iptables -A ICMP -p icmp --icmp-type ip-header-bad -j WATCH
iptables -A ICMP -p icmp --icmp-type required-option-missing -j WATCH
iptables -A ICMP -p icmp --icmp-type timestamp-request -j LDROP
iptables -A ICMP -p icmp --icmp-type timestamp-reply -j LDROP
iptables -A ICMP -p icmp --icmp-type address-mask-request -j LDROP
iptables -A ICMP -p icmp --icmp-type address-mask-reply -j LDROP
iptables -A ICMP -p icmp -j LDROP
echo Authorize tcp traffic.
iptables -A INPUT --proto tcp -j ACCEPT
echo Authorize packet output.
iptables --policy OUTPUT ACCEPT
#echo reject ident if you drop em you gotta wait for timeout
#iptables -I LOCAL --proto tcp --syn --dst $EXT_IP --dport 113 -j REJECT
echo Drop and log all udp below 1024.
iptables -A INPUT -i ! lo --proto udp --dport :1023 -j LDROP
echo Drop rpc dynamic udp port:
RPC_UDP=`rpcinfo -p localhost|perl -n -e /.*udps+(d+)s+/ && print $1,"n"|sort -u`
echo $RPC_UDP
for port in $RPC_UDP; do
iptables -A LOCAL -i ! lo --proto udp --dport $port -j LDROP
done
echo Authorize udp above 1024.
iptables -A INPUT --proto udp --dport 1024: -j ACCEPT
<<lessSample:
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
# Set up variables
EXT_IF="eth0"
INT_IF="eth1"
EXT_IP=24.x.x.x/32
INT_IP=192.168.0.1/32
EXT_NET=24.x.x.0/24
INT_NET=192.168.0.0/24
MASQ_NETS="192.168.0.0/24"
LOCAL_ADDRS="127.0.0.0/8 192.168.0.1/32 24.x.x.x/32"
MAIL_RELAY=24.x.x.x/32
SMB_ACCESS="192.168.0.2/32"
SMB_BCAST="192.168.0.255/32"
# Turn on IP forwarding
echo Turning on IP forwarding.
echo 1 > /proc/sys/net/ipv4/ip_forward
# Load the ip_tables module
echo Loading ip_tables module.
/sbin/modprobe ip_tables || exit 1
# I let the kernel dynamically load the other modules
echo Flush standard tables.
iptables --flush INPUT
iptables --flush OUTPUT
iptables --flush FORWARD
echo Deny everything until firewall setup is completed.
iptables --policy INPUT DROP
iptables --policy OUTPUT DROP
iptables --policy FORWARD DROP
CHAINS=`iptables -n -L |perl -n -e /Chains+(S+)/ && !($1 =~ /^(INPUT|FORWARD|OUTPUT)$/) && print "$1 "`
echo Remove remaining chains:
echo $CHAINS
for chain in $CHAINS; do
iptables --flush $chain
done
# 2nd step cause of dependencies
for chain in $CHAINS; do
iptables --delete-chain $chain
done
for net in $MASQ_NETS; do
# I delete all the rules so you can rerun the scripts without bloating
# your nat entries.
iptables -D POSTROUTING -t nat -s $MASQ_NETS -j MASQUERADE 2>/dev/null
iptables -A POSTROUTING -t nat -s $MASQ_NETS -j MASQUERADE || exit 1
done
iptables --policy FORWARD ACCEPT
# Create a target for logging and dropping packets
iptables --new LDROP 2>/dev/null
iptables -A LDROP --proto tcp -j LOG --log-level info
--log-prefix "TCP Drop "
iptables -A LDROP --proto udp -j LOG --log-level info
--log-prefix "UDP Drop "
iptables -A LDROP --proto icmp -j LOG --log-level info
--log-prefix "ICMP Drop "
iptables -A LDROP --proto gre -j LOG --log-level info
--log-prefix "GRE Drop "
iptables -A LDROP -f -j LOG --log-level emerg
--log-prefix "FRAG Drop "
iptables -A LDROP -j DROP
# Create a table for watching some accepting rules
iptables --new WATCH 2>/dev/null
iptables -A WATCH -m limit -j LOG --log-level warn --log-prefix "ACCEPT "
iptables -A WATCH -j ACCEPT
echo Special target for local addresses:
iptables --new LOCAL 2>/dev/null
echo $LOCAL_ADDRS
for ip in $LOCAL_ADDRS; do
iptables -A INPUT --dst $ip -j LOCAL
# iptables -A INPUT --src $ip -i ! lo -j LDROP # lame spoof protect
done
echo Authorize mail from mail relay.
iptables -A LOCAL --proto tcp --syn --src $MAIL_RELAY --dst $EXT_IP --dport 25 -j ACCEPT
echo Authorizing samba access to:
echo $SMB_ACCESS
iptables --new SMB 2>/dev/null
for ip in $SMB_ACCESS; do
iptables -A SMB -s $ip -j ACCEPT
done
iptables -A LOCAL --proto udp -i ! $EXT_IF --dport 135:139 -j SMB
iptables -A LOCAL --proto tcp -i ! $EXT_IF --dport 135:139 -j SMB
iptables -A LOCAL --proto tcp -i ! $EXT_IF --dport 445 -j SMB
iptables -A INPUT -i ! $EXT_IF --dst $SMB_BCAST -j ACCEPT #lame samba broadcast
echo Drop and log every other incoming tcp connection attempts.
iptables -A LOCAL -i ! lo --proto tcp --syn --j LDROP
echo Authorize dns access for local nets.
for net in $MASQ_NETS 127.0.0.0/8; do
iptables -A INPUT --proto udp --src $net --dport 53 -j ACCEPT
done
echo Enforcing up ICMP policies, use iptables -L ICMP to check.
# If you deny all ICMP messages you head for trouble since it would
# break lots of tcp/ip algorythm (acz)
iptables --new ICMP 2>/dev/null
iptables -A INPUT --proto icmp -j ICMP
iptables -A ICMP -p icmp --icmp-type echo-reply -j ACCEPT
iptables -A ICMP -p icmp --icmp-type destination-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type network-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type host-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type protocol-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type port-unreachable -j ACCEPT
iptables -A ICMP -p icmp --icmp-type fragmentation-needed -j LDROP
iptables -A ICMP -p icmp --icmp-type source-route-failed -j WATCH
iptables -A ICMP -p icmp --icmp-type network-unknown -j WATCH
iptables -A ICMP -p icmp --icmp-type host-unknown -j WATCH
iptables -A ICMP -p icmp --icmp-type network-prohibited -j WATCH
iptables -A ICMP -p icmp --icmp-type host-prohibited -j WATCH
iptables -A ICMP -p icmp --icmp-type TOS-network-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type TOS-host-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type communication-prohibited -j WATCH
iptables -A ICMP -p icmp --icmp-type host-precedence-violation -j LDROP
iptables -A ICMP -p icmp --icmp-type precedence-cutoff -j LDROP
iptables -A ICMP -p icmp --icmp-type source-quench -j LDROP
iptables -A ICMP -p icmp --icmp-type redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type network-redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type host-redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type TOS-network-redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type TOS-host-redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type echo-request -j WATCH
iptables -A ICMP -p icmp --icmp-type router-advertisement -j LDROP
iptables -A ICMP -p icmp --icmp-type router-solicitation -j LDROP
iptables -A ICMP -p icmp --icmp-type time-exceeded -j WATCH
iptables -A ICMP -p icmp --icmp-type ttl-zero-during-transit -j WATCH
iptables -A ICMP -p icmp --icmp-type ttl-zero-during-reassembly -j WATCH
iptables -A ICMP -p icmp --icmp-type parameter-problem -j WATCH
iptables -A ICMP -p icmp --icmp-type ip-header-bad -j WATCH
iptables -A ICMP -p icmp --icmp-type required-option-missing -j WATCH
iptables -A ICMP -p icmp --icmp-type timestamp-request -j LDROP
iptables -A ICMP -p icmp --icmp-type timestamp-reply -j LDROP
iptables -A ICMP -p icmp --icmp-type address-mask-request -j LDROP
iptables -A ICMP -p icmp --icmp-type address-mask-reply -j LDROP
iptables -A ICMP -p icmp -j LDROP
echo Authorize tcp traffic.
iptables -A INPUT --proto tcp -j ACCEPT
echo Authorize packet output.
iptables --policy OUTPUT ACCEPT
#echo reject ident if you drop em you gotta wait for timeout
#iptables -I LOCAL --proto tcp --syn --dst $EXT_IP --dport 113 -j REJECT
echo Drop and log all udp below 1024.
iptables -A INPUT -i ! lo --proto udp --dport :1023 -j LDROP
echo Drop rpc dynamic udp port:
RPC_UDP=`rpcinfo -p localhost|perl -n -e /.*udps+(d+)s+/ && print $1,"n"|sort -u`
echo $RPC_UDP
for port in $RPC_UDP; do
iptables -A LOCAL -i ! lo --proto udp --dport $port -j LDROP
done
echo Authorize udp above 1024.
iptables -A INPUT --proto udp --dport 1024: -j ACCEPT
Download (MB)
Added: 2007-02-14 License: GPL (GNU General Public License) Price:
984 downloads
Weight Loss Recipe Book 3.1
Weight Loss Recipe Book is a free, online, community-built recipe book. more>>
Weight Loss Recipe Book is a free, online, community-built recipe book. Weight Loss Recipe Book contains everything you need to allow your web site visitors to submit recipes and everything your administrator needs to administer the recipes.
When a visitor submits a recipe, the recipe is added to a database and awaits approval from the administrator before being added to the public site.
Main features:
- Community built, meaning you just have to approve entries and watch your web site expand!
- Captcha validation to prevent automated entries into the recipe book.
- Complete administrator system - add administrators, recipe categories, manage recipes and more!
- Best of all, Weight Loss Recipe Book is totally free!
<<lessWhen a visitor submits a recipe, the recipe is added to a database and awaits approval from the administrator before being added to the public site.
Main features:
- Community built, meaning you just have to approve entries and watch your web site expand!
- Captcha validation to prevent automated entries into the recipe book.
- Complete administrator system - add administrators, recipe categories, manage recipes and more!
- Best of all, Weight Loss Recipe Book is totally free!
Download (0.061MB)
Added: 2006-05-08 License: Freeware Price:
1267 downloads
Advanced Packet Sniffer 0.19
Aps is a small tool for analyzing network traffic. more>>
Aps is a small tool for analyzing network traffic. It prints out a great deal of information about the relevant protocols including TCP, UDP, ARP, and ICMP.
It allows you to filter IP addresses, hardware addresses, ports, and specific protocols. It comes with a little GTK-GUI displaying packet counters for each protocol.
APS tries to print detailed info about network frames that are received from the SOCK_RAW (ETH_P_ALL) socket. I am not sure if this is the clean way, but it works fine. APS prints info about the hardware layer and the IP and TCP/UDP/ICMP header.
The tail of the packet (mostly the data) wich could not be interpreted is written on the screen as ascii/hex-dump or both (your choice).
Example
HW-ADDR: 00:60:8c:f6:40:96 -----> 00:80:ad:30:8f:3b
IP-ADDR: 192.168.17.52 -----> 192.168.17.50
IP-Ver4 || Head:0x0a (bytes) || Service(TOS):16 || Length over all:0061
Fragmentation: ID:0x4079 - Flags: 0 1 0 - Offset:00000
TTL:064 || Protokoll:006 (TCP) || HeaderCRC:0x567b
TCP-HEADER:
Ports: 0023-->1034 (telnet) Seq./Ack. Nr.:0x70843468 / 0xeae29434
Data-Offset:0x05 Reserved-6Bit:00 Flags:-urg-ACK-PSH-rst-syn-fin-
Window:0x7fe0 CRC:0x9420 Urgent-Pointer:0x0000
73 61 74 75 72 6e 32 3a 2f 73 72 76 2f 70 72 69 6e 74 71 23 20
HW-ADDR: 52:54:40:25:8d:88 -----> ff:ff:ff:ff:ff:ff
SAMBA/NetBios
e0 e0 03 ff ff 00 22 00 11 00 00 00 00 ff ff ff ff ff ff 04 52 00 00 00 00 52
40 25 8d 88 40 08 00 03 00 04 20 20 20 20 20 20 20 20 20
HW-ADDR: 00:80:ad:30:8f:3b -----> 00:60:8c:f6:40:96
IP-ADDR: 192.168.17.50 -----> 194.112.123.200
IP-Ver4 || Head:0x0a (bytes) || Service(TOS):0 || Length over all:0029
Fragmentation: ID:0x29ae - Flags: 0 0 0 - Offset:00000
TTL:064 || Protokoll:001 (ICMP) || HeaderCRC:0x411f
echo request CODE:0x0 CRC:0xf9f5 SIG:0x602 NUM:0x0
00 ea
Enhancements:
- added break for Packet-counter and fixed some minor bugs
<<lessIt allows you to filter IP addresses, hardware addresses, ports, and specific protocols. It comes with a little GTK-GUI displaying packet counters for each protocol.
APS tries to print detailed info about network frames that are received from the SOCK_RAW (ETH_P_ALL) socket. I am not sure if this is the clean way, but it works fine. APS prints info about the hardware layer and the IP and TCP/UDP/ICMP header.
The tail of the packet (mostly the data) wich could not be interpreted is written on the screen as ascii/hex-dump or both (your choice).
Example
HW-ADDR: 00:60:8c:f6:40:96 -----> 00:80:ad:30:8f:3b
IP-ADDR: 192.168.17.52 -----> 192.168.17.50
IP-Ver4 || Head:0x0a (bytes) || Service(TOS):16 || Length over all:0061
Fragmentation: ID:0x4079 - Flags: 0 1 0 - Offset:00000
TTL:064 || Protokoll:006 (TCP) || HeaderCRC:0x567b
TCP-HEADER:
Ports: 0023-->1034 (telnet) Seq./Ack. Nr.:0x70843468 / 0xeae29434
Data-Offset:0x05 Reserved-6Bit:00 Flags:-urg-ACK-PSH-rst-syn-fin-
Window:0x7fe0 CRC:0x9420 Urgent-Pointer:0x0000
73 61 74 75 72 6e 32 3a 2f 73 72 76 2f 70 72 69 6e 74 71 23 20
HW-ADDR: 52:54:40:25:8d:88 -----> ff:ff:ff:ff:ff:ff
SAMBA/NetBios
e0 e0 03 ff ff 00 22 00 11 00 00 00 00 ff ff ff ff ff ff 04 52 00 00 00 00 52
40 25 8d 88 40 08 00 03 00 04 20 20 20 20 20 20 20 20 20
HW-ADDR: 00:80:ad:30:8f:3b -----> 00:60:8c:f6:40:96
IP-ADDR: 192.168.17.50 -----> 194.112.123.200
IP-Ver4 || Head:0x0a (bytes) || Service(TOS):0 || Length over all:0029
Fragmentation: ID:0x29ae - Flags: 0 0 0 - Offset:00000
TTL:064 || Protokoll:001 (ICMP) || HeaderCRC:0x411f
echo request CODE:0x0 CRC:0xf9f5 SIG:0x602 NUM:0x0
00 ea
Enhancements:
- added break for Packet-counter and fixed some minor bugs
Download (0.088MB)
Added: 2005-09-21 License: GPL (GNU General Public License) Price:
1512 downloads
NetPacket::ARP 0.04
NetPacket::ARP is a Perl module to assemble and disassemble ARP (Address Resolution Protocol) packets. more>>
NetPacket::ARP is a Perl module to assemble and disassemble ARP (Address Resolution Protocol) packets.
SYNOPSIS
use NetPacket::ARP;
$tcp_obj = NetPacket::ARP->decode($raw_pkt);
$tcp_pkt = NetPacket::ARP->encode(params...); # Not implemented
NetPacket::ARP provides a set of routines for assembling and disassembling packets using ARP (Address Resolution Protocol).
Methods
NetPacket::ARP->decode([RAW PACKET])
Decode the raw packet data given and return an object containing instance data. This method will quite happily decode garbage input. It is the responsibility of the programmer to ensure valid packet data is passed to this method.
NetPacket::ARP->encode(param => value)
Return a ARP packet encoded with the instance data specified. Not implemented.
Functions
NetPacket::ARP::strip([RAW PACKET])
Return the encapsulated data (or payload) contained in the TCP packet. Since no payload data is encapulated in an ARP packet (only instance data), this function returns undef.
Instance data
The instance data for the NetPacket::ARP object consists of the following fields.
htype
Hardware type.
proto
Protocol type.
hlen
Header length.
plen
Protocol length.
opcode
One of the following constants:
ARP_OPCODE_REQUEST
ARP_OPCODE_REPLY
RARP_OPCODE_REQUEST
RARP_OPCODE_REPLY
sha
Source hardware address.
spa
Source protocol address.
tha
Target hardware address.
tpa
Target protocol address.
<<lessSYNOPSIS
use NetPacket::ARP;
$tcp_obj = NetPacket::ARP->decode($raw_pkt);
$tcp_pkt = NetPacket::ARP->encode(params...); # Not implemented
NetPacket::ARP provides a set of routines for assembling and disassembling packets using ARP (Address Resolution Protocol).
Methods
NetPacket::ARP->decode([RAW PACKET])
Decode the raw packet data given and return an object containing instance data. This method will quite happily decode garbage input. It is the responsibility of the programmer to ensure valid packet data is passed to this method.
NetPacket::ARP->encode(param => value)
Return a ARP packet encoded with the instance data specified. Not implemented.
Functions
NetPacket::ARP::strip([RAW PACKET])
Return the encapsulated data (or payload) contained in the TCP packet. Since no payload data is encapulated in an ARP packet (only instance data), this function returns undef.
Instance data
The instance data for the NetPacket::ARP object consists of the following fields.
htype
Hardware type.
proto
Protocol type.
hlen
Header length.
plen
Protocol length.
opcode
One of the following constants:
ARP_OPCODE_REQUEST
ARP_OPCODE_REPLY
RARP_OPCODE_REQUEST
RARP_OPCODE_REPLY
sha
Source hardware address.
spa
Source protocol address.
tha
Target hardware address.
tpa
Target protocol address.
Download (0.011MB)
Added: 2007-03-08 License: Perl Artistic License Price:
968 downloads
deja-packet 1.0
deja-packet transmits raw packets through a specified interface. more>>
deja-packet transmits raw packets through a specified interface.
Usage: ./deja-packet -pcap < libpcap capture file > < interface name >
or: ./deja-packet -raw < raw packet file > < interface name >
Note: you must be root to successfully transmit packets with deja-packet due to the Linux security restrictions with raw sockets.
In the [-p]cap mode, deja-packet transmits selected packets from a libpcap capture file (such as one created by Ethereal/Wireshark, or tcpdump). In the [-r]aw mode, deja-packet transmits the raw contents of a file as one whole packet.
The [-p]cap mode is interactive: the user will be continuously prompted to select which packet from the libpcap capture file to transmit, until the “q” character is encountered, where the program will quit.
Example pcap mode:
$ sudo ./deja-packet -p icmp_ping.pcap eth0
Select packet number (1 to 6) for transmission or q for quit: 1
Successfully transmitted packet!
Select packet number (1 to 6) for transmission or q for quit: 2
Successfully transmitted packet!
Select packet number (1 to 6) for transmission or q for quit: 5
Successfully transmitted packet!
Select packet number (1 to 6) for transmission or q for quit: 6
Successfully transmitted packet!
Select packet number (1 to 6) for transmission or q for quit: q
$
In the [-r]aw mode, deja-packet exits immediately after the attempted transmission is complete (allows deja-packet to be easily used with a script).
Example raw mode:
$ sudo ./deja-packet -r samplepacket eth0
Successfully transmitted packet!
$
icmp_ping.pcap is included as a sample libpcap capture file.
To compile deja-packet, simply use the command “make”.
deja-packet remains Linux-only because it requires PF_PACKET sockets.
This project is released under the GNU General Public License version 2.
<<lessUsage: ./deja-packet -pcap < libpcap capture file > < interface name >
or: ./deja-packet -raw < raw packet file > < interface name >
Note: you must be root to successfully transmit packets with deja-packet due to the Linux security restrictions with raw sockets.
In the [-p]cap mode, deja-packet transmits selected packets from a libpcap capture file (such as one created by Ethereal/Wireshark, or tcpdump). In the [-r]aw mode, deja-packet transmits the raw contents of a file as one whole packet.
The [-p]cap mode is interactive: the user will be continuously prompted to select which packet from the libpcap capture file to transmit, until the “q” character is encountered, where the program will quit.
Example pcap mode:
$ sudo ./deja-packet -p icmp_ping.pcap eth0
Select packet number (1 to 6) for transmission or q for quit: 1
Successfully transmitted packet!
Select packet number (1 to 6) for transmission or q for quit: 2
Successfully transmitted packet!
Select packet number (1 to 6) for transmission or q for quit: 5
Successfully transmitted packet!
Select packet number (1 to 6) for transmission or q for quit: 6
Successfully transmitted packet!
Select packet number (1 to 6) for transmission or q for quit: q
$
In the [-r]aw mode, deja-packet exits immediately after the attempted transmission is complete (allows deja-packet to be easily used with a script).
Example raw mode:
$ sudo ./deja-packet -r samplepacket eth0
Successfully transmitted packet!
$
icmp_ping.pcap is included as a sample libpcap capture file.
To compile deja-packet, simply use the command “make”.
deja-packet remains Linux-only because it requires PF_PACKET sockets.
This project is released under the GNU General Public License version 2.
Download (0.004MB)
Added: 2007-07-04 License: GPL (GNU General Public License) Price:
847 downloads
fairly fast packet filter 1.5.0
The fairly fast packet filter (FFPF) is an approach to network packet processing. more>>
The fairly fast packet filter (FFPF) is an approach to network packet processing that adds many new features to existing filtering solutions like BPF.
fairly fast packet filter is designed for high speed by pushing computationally intensive tasks to the kernel or even network processors and by minimising packet copying.
By providing both access to richer programming languages and explicit extensibility, it is also considerably more flexible than existing approaches.
FFPF provides a complete solution for network monitoring that caters to all applications available today. Exploiting its extensibility, the language can even be used as a meta-filter to `script together filters from other approaches, such as BPF.
Main features:
- fast: processes significantly more packets per second than LSF (reference)
- scalable: transparently supports hardware assist, like that given by the Intel IXP2x00 network processors
- backward compatible: supports all existing libpcap based applications
- extensible: separates functionality from the framework. FFPF currently ships with implementations of BPF, Aho Corasick, Boyer Moore Horspool, and many more
- modular: new functions can be written in as little as 3 lines of code
- secure: relies on Keynote for authentication and resource control
- open and standard adherent: licensed under the GNU General Public License (GPL). It implements the Monitoring API (MAPI) draft as designed by the EU-SCAMPI consortium
Enhancements:
- enabled kernelspace processing
- enabled all 5 buffer implementations (Continuous, Fixed-size slot, Variable sized slot, Double ring and Index)
- added TCP stream reassembly and early implementation of zero-copy reassembly
- added PCAP input and output support, for userspace testing and offline use
- added additional minor functions: TCP Synprotect, output to files, ...
- added support for UDEV
- extended controlplane: flowspaces can now be queried for live state
- fixed up many bugs, hacks and irregularities.
<<lessfairly fast packet filter is designed for high speed by pushing computationally intensive tasks to the kernel or even network processors and by minimising packet copying.
By providing both access to richer programming languages and explicit extensibility, it is also considerably more flexible than existing approaches.
FFPF provides a complete solution for network monitoring that caters to all applications available today. Exploiting its extensibility, the language can even be used as a meta-filter to `script together filters from other approaches, such as BPF.
Main features:
- fast: processes significantly more packets per second than LSF (reference)
- scalable: transparently supports hardware assist, like that given by the Intel IXP2x00 network processors
- backward compatible: supports all existing libpcap based applications
- extensible: separates functionality from the framework. FFPF currently ships with implementations of BPF, Aho Corasick, Boyer Moore Horspool, and many more
- modular: new functions can be written in as little as 3 lines of code
- secure: relies on Keynote for authentication and resource control
- open and standard adherent: licensed under the GNU General Public License (GPL). It implements the Monitoring API (MAPI) draft as designed by the EU-SCAMPI consortium
Enhancements:
- enabled kernelspace processing
- enabled all 5 buffer implementations (Continuous, Fixed-size slot, Variable sized slot, Double ring and Index)
- added TCP stream reassembly and early implementation of zero-copy reassembly
- added PCAP input and output support, for userspace testing and offline use
- added additional minor functions: TCP Synprotect, output to files, ...
- added support for UDEV
- extended controlplane: flowspaces can now be queried for live state
- fixed up many bugs, hacks and irregularities.
Download (0.60MB)
Added: 2006-02-20 License: GPL (GNU General Public License) Price:
1342 downloads
Layer-7 Packet Classifier for Linux 2007-07-27 (Pattern Definitions)
Layer-7 Packet Classifier for Linux is a packet classifier for Netfilter that identifies packets based on application layer. more>>
Layer-7 Packet Classifier for Linux is a packet classifier for Netfilter that identifies packets based on application layer (OSI layer 7) data. This means that it is able to classify packets as HTTP, FTP, Gnucleus, Kazaa, etc., regardless of ports.
It complements existing matches that classify based on port numbers, packet length, TOS bits, and so on. Combined with Linux QoS, it allows for full layer 7 packet shaping.
Main features:
- Patches for Linux 2.4 and 2.6
- Support for TCP, UDP and ICMP over IPv4
- Uses Netfilters connection tracking of FTP, IRC, etc
- Examines data across multiple packets
- Number of packets examined tunable on the fly through /proc
- Number of bytes examined tunable at module load time
- Distinguishes between new connections (those still being tested) and old unidentified connections
- Gives access to both Netfilter and QoS (rate limiting) features
- With the Netfilter "helper" match, you can distinguish between parent and child connections (e.g. ftp command/data)
<<lessIt complements existing matches that classify based on port numbers, packet length, TOS bits, and so on. Combined with Linux QoS, it allows for full layer 7 packet shaping.
Main features:
- Patches for Linux 2.4 and 2.6
- Support for TCP, UDP and ICMP over IPv4
- Uses Netfilters connection tracking of FTP, IRC, etc
- Examines data across multiple packets
- Number of packets examined tunable on the fly through /proc
- Number of bytes examined tunable at module load time
- Distinguishes between new connections (those still being tested) and old unidentified connections
- Gives access to both Netfilter and QoS (rate limiting) features
- With the Netfilter "helper" match, you can distinguish between parent and child connections (e.g. ftp command/data)
Download (MB)
Added: 2007-07-30 License: GPL (GNU General Public License) Price:
820 downloads
Other version of Layer-7 Packet Classifier for Linux
Layer-7 Packet Classifier for Linux is a classifier for the Linux kernels Netfilter subsystem ... Examines data across multiple packets - Number of packets examined tunable through /proc/netLicense:GPL (GNU General Public License)
Layer-7 Packet Classifier for Linux 0.4 (Userspace) Layer-7 Packet Classifier for Linux is a ... of FTP, IRC, etc - Examines data across multiple packets - Number of packets examined tunable onLicense:GPL (GNU General Public License)
Packet Excalibur 1.0.2
Packet Excalibur is a multi-platform graphical and scriptable network packet engine with extensible text-based protocol descript more>>
Packet Excalibur is a multi-platform graphical and scriptable network packet engine with extensible text-based protocol descriptions. It is a network tool designed to build and receive custom packets from network.
Pen testing firewalls, routers, or any network enable equipment. Validating your custom built protocols without the burden of writting lines of code. Teaching yourself how protocols works and articulates around each other.
Download the install package (PacketExcalibur_*.*_linux_tgz)
Unzip and untar the archive, run "make" in the "PacketExcalibur_*/main" directory,
- binaries are installed in /usr/sbin
- support packages are installed in /var/cache/excalibur
- preference file is created in the user home directory
<<lessPen testing firewalls, routers, or any network enable equipment. Validating your custom built protocols without the burden of writting lines of code. Teaching yourself how protocols works and articulates around each other.
Download the install package (PacketExcalibur_*.*_linux_tgz)
Unzip and untar the archive, run "make" in the "PacketExcalibur_*/main" directory,
- binaries are installed in /usr/sbin
- support packages are installed in /var/cache/excalibur
- preference file is created in the user home directory
Download (1.8MB)
Added: 2006-07-04 License: GPL (GNU General Public License) Price:
1259 downloads
RADIUS::Packet 1.0
RADIUS::Packet is an object-oriented Perl interface to RADIUS packets. more>>
RADIUS::Packet is an object-oriented Perl interface to RADIUS packets.
SYNOPSIS
use RADIUS::Packet;
use RADIUS::Dictionary;
my $d = new RADIUS::Dictionary "/etc/radius/dictionary";
my $p = new RADIUS::Packet $d, $data;
$p->dump;
if ($p->attr(User-Name eq "lwall") {
my $resp = new RADIUS::Packet $d;
$resp->set_code(Access-Accept);
$resp->set_identifier($p->identifier);
$resp->set_authenticator($p->authenticator);
$resp->set_attr(Reply-Message) = "Welcome, Larry!rn";
my $respdat = auth_resp($resp->pack, "mysecret");
...
RADIUS (RFC2138) specifies a binary packet format which contains various values and attributes. RADIUS::Packet provides an interface to turn RADIUS packets into Perl data structures and vice-versa.
RADIUS::Packet does not provide functions for obtaining RADIUS packets from the network. A simple network RADIUS server is provided as an example at the end of this document. Also, a RADIUS::Server module is under development which will simplify the interface.
<<lessSYNOPSIS
use RADIUS::Packet;
use RADIUS::Dictionary;
my $d = new RADIUS::Dictionary "/etc/radius/dictionary";
my $p = new RADIUS::Packet $d, $data;
$p->dump;
if ($p->attr(User-Name eq "lwall") {
my $resp = new RADIUS::Packet $d;
$resp->set_code(Access-Accept);
$resp->set_identifier($p->identifier);
$resp->set_authenticator($p->authenticator);
$resp->set_attr(Reply-Message) = "Welcome, Larry!rn";
my $respdat = auth_resp($resp->pack, "mysecret");
...
RADIUS (RFC2138) specifies a binary packet format which contains various values and attributes. RADIUS::Packet provides an interface to turn RADIUS packets into Perl data structures and vice-versa.
RADIUS::Packet does not provide functions for obtaining RADIUS packets from the network. A simple network RADIUS server is provided as an example at the end of this document. Also, a RADIUS::Server module is under development which will simplify the interface.
Download (0.042MB)
Added: 2007-04-11 License: Perl Artistic License Price:
931 downloads
Packet Debugger 0.1 Beta
Packet Debugger presents a debugger-like UI for pcap packet capture files. more>>
Packet Debugger presents a debugger-like UI for pcap packet capture files.
The Packet Debugger (pdb) allows users to work with packet streams as if they were working with a source code debugger.
Users can list, inspect, modify, and retransmit any packet from captured files, as well as work with live packet captures.
<<lessThe Packet Debugger (pdb) allows users to work with packet streams as if they were working with a source code debugger.
Users can list, inspect, modify, and retransmit any packet from captured files, as well as work with live packet captures.
Download (0.15MB)
Added: 2007-01-20 License: BSD License Price:
1010 downloads
NetPacket::IP 0.04
NetPacket::IP is a Perl module to assemble and disassemble IP (Internet Protocol) packets. more>>
SYNOPSIS
use NetPacket::IP;
$ip_obj = NetPacket::IP->decode($raw_pkt);
$ip_pkt = NetPacket::IP->encode($ip_obj);
$ip_data = NetPacket::IP::strip($raw_pkt);
NetPacket::IP provides a set of routines for assembling and disassembling packets using IP (Internet Protocol).
Methods
NetPacket::IP->decode([RAW PACKET])
Decode the raw packet data given and return an object containing instance data. This method will quite happily decode garbage input. It is the responsibility of the programmer to ensure valid packet data is passed to this method.
NetPacket::IP->encode()
Return an IP packet encoded with the instance data specified. This will infer the total length of the packet automatically from the payload lenth and also adjust the checksum.
Functions
NetPacket::IP::strip([RAW PACKET])
Return the encapsulated data (or payload) contained in the IP packet. This data is suitable to be used as input for other NetPacket::* modules.
This function is equivalent to creating an object using the decode() constructor and returning the data field of that object.
Instance data
The instance data for the NetPacket::IP object consists of the following fields.
ver
The IP version number of this packet.
hlen
The IP header length of this packet.
flags
The IP header flags for this packet.
foffset
The IP fragment offset for this packet.
tos
The type-of-service for this IP packet.
len
The length (including length of header) in bytes for this packet.
id
The identification (sequence) number for this IP packet.
ttl
The time-to-live value for this packet.
proto
The IP protocol number for this packet.
cksum
The IP checksum value for this packet.
src_ip
The source IP address for this packet in dotted-quad notation.
dest_ip
The destination IP address for this packet in dotted-quad notation.
options
Any IP options for this packet.
data
The encapsulated data (payload) for this IP packet.
Download (0.011MB)
Added: 2007-02-28 License: Perl Artistic License Price:
968 downloads
Secleted [ 0 ] software to compare
Copyright Notice:
Software piracy is theft, Using crack, password, serial numbers, registration codes, key generators is illegal and prevent future software development. The above packet loss software search only lists software in full, demo and trial versions for free download. Download links are directly from our mirror sites or publisher sites, torrent files or links from rapidshare.com, yousendit.com or megaupload.com are not allowed
