Free packets sent but not received software for linux

packETH is a Linux GUI packet generator tool for ethernet. The project allows you to create and send any possible packet or sequence of packets on the ethernet.
Main features:
you can create and send any ethernet packet. Supported protocols:
- ethernet II, ethernet 802.3, 802.1q, QinQ
- ARP, IPv4, user defined network layer payload
- UDP, TCP, ICMP, IGMP, user defined transport layer payload
- RTP (payload with options to send sin wave of any frequency for G.711)
sending sequence of packets
- delay between packets, number of packets to send
- sending with max speed, approaching the teoretical boundary
- change parameters while sending (change IP & mac address, UDP payload, 2 user defined bytes, etc.)
saving configuration to a text file and load from it.
Enhancements:
- new features

PacGen is an Ethernet IP TCP/UDP packet generating tool for Linux. Experimental ARP generation is included. Experimental ARP generation is included. This tool enables custom packets with configurable Ethernet, IP, TCP, and UDP layers as well as custom payloads. As an added feature there are configurations for packet count and a programmable time interval between packet sends. Plaintext config files control all the functions and represent all layers used to build packets. Included in the archive is the source code and a recompiled binary along with example configs.


Since I didnt write a smart interface routine, pacgen will only work with eth0. If you need to use a different interface the source code is pretty obvious on where this would be changed.

Icmpenum sends ICMP traffic to potential targets on a network.
Introduction:
Host enumeration is the act of determining the IP address of potential targets on a network. This can be done in both layer 2 and layer 3. Icmpenum sends ICMP traffic for such enumeration. The ICMP packets supported are: Echo, Timestamp, Information and Netmask. Furthermore, it supports spoofing and promiscuous listening for reply packets. Icmpenum is great for enumerating networks which allow ICMP traffic.
Installation:
1. Install the latest libpcap (libpcap 0.4, ftp://ftp.ee.lbl.gov/libpcap.tar.Z).
2. Install the latest Libnet (http://www.packetfactory.net/libnet/).
3. Compile icmpenum as follows:
gcc `libnet-config --defines` -o icmpenum icmpenum.c -lnet -lpcap
4. Copy icmpenum to your fave directory and (as root) start enumerating.
Usage:
Running icmpenum -h gives you the following screen:
# ./icmpenum -h
USAGE: ./icmpenum [opts] [-c class C] [-d dev] [-i 1-3] [-s src] [-t sec] hosts
opts are h n p r v
-h this help screen
-n no sending of packets
-p promiscuous receive mode
-r receiving packets only (no
-v verbose
-c class C in x.x.x.0 form
-i icmp type to send/receive, types include the following:
1 echo/echo reply (default)
2 timestamp request/reply
3 info request/reply
-d device to grab local IP or sniff from, default is eth0
-s spoofed source address
-t time in seconds to wait for all replies (default 5)
host(s) are target hosts (ignored if using -c)
Examples:
Here are some example uses of icmpenum to enumerate hosts.
Example 1:
[Host1]# icmpenum 192.168.1.1 192.168.1.2
This will use the default of Echo packets to try and determine if
192.168.1.1 and 192.168.1.2 are up and running.
Example 2:
[Host1]# icmpenum -i 2 -v 192.168.100.100 192.168.100.200
This will enumerate the two hosts using Timestamp packets in
verbose mode.
Example 3:
[Host1]# icmpenum -i 3 -s 10.10.10.10 -p -v 192.168.1.1 192.168.1.2
This will enumerate hosts 192.168.1.1 and 192.168.1.2 using
Information packets with a spoofed address of 10.10.10.10, since our real address is 10.10.10.11 we use the -p option to listen for the replies.
Here are some more advanced uses of icmpenum.
Example 4:
Assuming Host1 is 6.6.6.6 and Host2 is 7.7.7.7, and that the network 1.1.1.0 has potential hosts to enumerate, we use the following two entries to enumerate with Information packets:
[Host2]# icmpenum -r -t 30 -i 3 -c 1.1.1.0
[Host1]# icmpenum -s 7.7.7.7 -i 3 -c 1.1.1.0
Host2 starts first in receive mode with a timeout of 30 seconds and starts listening for Information packets from the 1.1.1.0 network. Then Host1 starts sending spoofed packets with Host2 as the source address, sending exactly what Host2 is listening for. It should be noted that this is hardly stealthy, as logs at 1.1.1s site could have 7.7.7.7s address all over them, but the -r function is good for testing.
Example 5:
Assuming Host1 is 6.6.6.6 and Host2 is 7.7.7.7, and that Host2 can sniff traffic between 1.1.1.0 and 2.2.2.0, we use the following entries to enumerate the 1.1.1.0 network:
[Host2]# icmpenum -t 20 -n -p -i 2 -c 1.1.1.0
[Host1]# icmpenum -s 2.2.2.2 -i 2 -c 1.1.1.0
Host2 starts first with a timeout of 20 seconds, makes sure not to send the packets with the -n option, listens promiscuously for Timestamp packets from the 1.1.1.0 network. Host1 sends the exact packets Host2 is listening for with a 2.2.2.2 spoofed source address. Yes, one could simply replace the -n option in Host2s command line with -s 2.2.2.2 and do the same thing from one workstation, but were demonstrating a distributed concept.
Enhancements:
- I have added ICMP MASK (type 17 and 18) requests and replys. Simply use the -i 4 option on the command line, such as; icmpenum -i 4 -c 1.2.3.1 (sends ICMP MASK requests to the Class C range 1.2.3.1/24 and reports any system as.
- Due to the use of some older versions of Libnet and Libpcap. I can see problems for some people compiling this and hence have placed two statically linked versions within the tarball

Secure Messaging is a Web-based, alternative mail system for sending and receiving messages.

Use secure messaging to send and receive messages from a alternative web-based mail system. Using the secure messaging system no actual mail is transmitted through any 3rd party servers.

Only an optional message notice is sent to the recepient, the user needs to visit the site in order to read the message.

Normal SMTP mail can hit multiple servers and can possibly be read, stored, or changed anywhere within the process.

Setup secure messaging on an SSL enabled website to enhance the privacy even more.

SMS Server Tools package contains applications to send and receive short messages through GSM modems or mobile phones. The user can send short messages by simply storing text files into a special spool directory.
The program monitors this directory and sends new files automatically. It also stores received short messages into another directory as text files. The program can run other external programs or scripts after events like reception of a new message, successful sending, and when the program detects a problem. These programs can inspect the related text files and perform automatic actions.
Enhancements:
- Compared to version 2.x, this branch includes some enhancements for the UTF-8 character set and some experimental extras.

TCP Knocking provides a port knocking implementation.
Often a secure system needs a port open so that only authorized persons can access a particular service and also the service should not exposed to attackers and worms that may use vulnerabilities that exist in the listening server. Port knocking is designed to be used as a complementary service to the existing authentication mechanism. But one of the biggest problems with port knocking is manipulating the firewall with timeouts.
When the correct knock sequence is sent, the firewall is modified for couple of seconds. Having the firewall open automatically for a time period will make any system administrator uncomfortable. TCP knocking attempts to solve the problem by incorporating the knock into the TCP handshake. Tcp knocking is similar to port knocking, but instead sending UDP packets with secret ports, the TCP handshake packets must include secrete codes. It is at least as secure as port knocking and it can be made secure with more hardening.
Modified TCP handshake:
In normal TCP handshake, the client sends the syn packet and chooses a random initial sequence number. The server responds with a packet that has both syn and ack flags set, choosing a random
The modified TCP handshake uses the empty fields in the header. The server does not respond to connection requests without a special code generated along with the syn packet. The server also encrypts the ISN in the ack packet (2) and the final packet of the three-way handshake must have the correct acknowledgment for the servers ISN. The system is further protected from brute-force attacks by closing the connection if the first attempt for the third packet does not have the expected acknowledgment sequence.
Also, rather than use conventional encryption techniques like HMAC for verification, this system uses a file with random numbers as the key. This is because of the limited unused space available in the TCP/IP header which makes HMAC very weak. By using a shared file, the length of the key can be much greater than traditional systems and even though some parts of the key can be revealed by attacks, the server can protect itself from replay attacks.
The handshake:
1) Syn
The syn packet does not use the 32 bit acknowledgment field in the TCP header as it the the first packet to initiate the connection. Further the 16 bit IPID can be used to transmit information. In the current implementation only the 32 bit acknowledgment field is used. Currently the 32 bit ack is derived from a 64 KB file which contains random numbers. The ISN and the source IP address along with the random numbers are used to generate this value.
2) Syn/Ack
The ISN is encrypted using the random numbers from the 64 KB file using the destination IP address as well as a 16 bit random number used as IPID. I do not have code for this part yet.
3) Ack
The client decrypts the syn number from the encrypted syn, the key file, the 16 bit IPID and its own IP address and sends the ack packet. The server closes all connections from the client for couple of minutes if it sends a wrong ack value. Part of the security relies on the fact that the ISN generated by Linux 2.6 is fairly random.
Implementation:
I have implemented only the first part, which is the server expecting secret code along with the first syn packet from the client. Hence it is very possible to brute-force the server. Also the system is designed with the second phase in mind, which is the encrypted Initial Sequence Number in the ack packet and closing the connection if the correct ack is not sent on the first try. I do not have an implementation for that yet. The security will be increased greatly when the second phase is incorporated. Also the ability to detect brute-force attacks can be added to this system.
But the current system can be used for protecting the server from worms and random scanning. The use-case is similar to port knocking but it does not use the ugly system of opening the firewall for a couple of seconds. Vanilla port knocking is susceptible to brute-force attacks as well. Besides, inserting a kernel module to just ssh into your server will increase your mad sysadmin points.
Enhancements:
- TCP knocking with Phase 1 of the protocol was implemented.

Raw Socket Constructor provides a tool for sending packets from the console.

Raw Socket Constructor is a tool that uses the Libsock library to create arbitrary TCP, ICMP, UDP, TCP6, ICMP6, or UDP6 packets.

Palabre is an open source (and free as in free beer) XML Socket Python Server.
It is meant to be used in replacement (for example) of the Macromedia Flash Communication Server. (which is lets admit it really expensive)
Of course, its much more limited, but has all the basic functionnalities for connecting Flash based Clients through Xml Sockets (sending and receiving messages).
So you can use it to create, multiuser applications like a Chat, (almost) Real Time Flash Games, Online support, ...
It does not include Video streaming functions ( FLV via RTMP ) instead of Flash Communication Server.
Main features:
- Have multiple Rooms
- Each Room can have any parameter you want ( A title, a lock, operators, any flag, ...)
- The creator of the room can change this parameters
- The room can have Sub rooms (or child rooms)
- For Example, you can host 10 games and chats on a server, and each game has a lobby room for chatting, and as many subrooms as wanted. Players can chat, start a new game, wait for people to join, and then start the game. (Then the child room of the game can be "locked" so that no one else joins it.
- Have multiple clients
- They are identified by a nickname (like on IRC)
- One client can be in multiple rooms / subrooms
- Clients can send messages to a room
- Clients can send messages to other clients (private messages)
- Clients can send a broadcast message (or reserve this to root)
- Clients can ping the server
- Clients can ask for a "room message" to be sent back to them. (to test latency, ...)
Enhancements:
- Database identification support (< connect nickname="X" password="Y" / >)
- Clients params (< clientparam name="X" value="Y" / >)
- SubXML nodes : (< msg toroom="X" >< position >< x >12< /x >< /position >< /msg >)
- Customizable nodes (< mynode toroom="X" anyparam="Y" >< AnyContent >< /mynode >)
- Joined/Left information (< client name="Nickname" joined="Lobby" / >)