Free icmp software for linux

sentinel project is an implementation of effective remote promiscuous detection techniques. For portability purposes, the sentinel application uses the libpcap and libnet libraries.

Sentinel usage:

./sentinel [options] [methods] [-c < x.x.x >] [-f < filename >] [host] methods:

-a arp test
-d dns test
-e icmp etherping test

Options:

-c < x.x.x > class c to scan
-f < file > file of ip addresses
-i < device > network interface
-n < number > number of packets to send

Example usage:

# ./sentinel -aed -c 10.2.2
sentinel will scan the class c 10.2.2 and test each machine against the arp,
etherping and dns tests.
# ./sentinel -aed -f ./ips
sentinel will read ip addresses from the ips file and test each machine
against the arp, etherping and dns tests.
# ./sentinel -aed 1.1.1.1
sentinel will test 1.1.1.1 for the arp, etherping and dns tests.

Guarddog is a firewall configuration utility for Linux systems. It is aimed at two groups of users. Novice to intermediate users who are not experts in TCP/IP networking and security, and those users who dont want the hastle of dealing with cryptic shell scripts and ipchains/iptables parameters.
Main features:
- Easy to use goal oriented GUI. You say what the firewall should do without having to explain all the details of how it should do it.
- Application protocol based. Unlike other tools, Guarddog does not require you to understand the ins and outs of IP packets and ports. Guarddog takes care of this for you. This also reduces the chances of configuration mistakes being made which are a prime source of security holes.
- Doesnt just generate the firewall once and forgets it. Guarddog lets you maintain and modify the firewall in place.
- Hosts/networks can be divided into Zones. Different zones can have different security policies for different.
- Supports the following network protocols: FTP, SSH, Telnet, Linuxconf, Corba, SMTP, DNS, Finger, HTTP, HTTPS, NFS, POP2, POP3, SUN RPC, Auth, NNTP, NETBIOS Name Service, NETBIOS Session Service, IMAP, Socks, Squid, pcANYWHEREstat, X Window System, Traceroute, ICQ, PowWow, IRC, PostgreSQL, MySQL, Ping, Quake, QuakeWorld, Quake 2, Who Is, Webmin, ICMP Source Quench, ICMP Redirect, Real Audio, Line Printer Spooler, syslog, NTP, NetMeeting, Gnutella, LDAP, LDAP-SSL, SWAT, Diablo II, Nessus, DHCP, AudioGalaxy, DirectPlay, Halflife, XDMCP and Telstras BigPond Cable, CDDB, MSN Messenger, VNC, PPTP, Kerberos, klogin, kshell, NIS, IMAPS, POP3S, ISAKMP, CVS, DICT, AIM, Fasttrack, Kazaa, iMesh, Grokster, Blubster, Direct Connect, WinMX, Yahoo! Messenger, AH, ESP, Jabber, EsounD, Privoxy, eDonkey2000, EverQuest, ICP, FreeDB, Elster, Yahoo games, Legato NetWorker backups, Novell Netware 5/6 NCP, Bittorrent, rsync, distcc, Jabber over SSL, PGP key server, Microsoft Media Server and gkrellm.
- Protocols not supported in the list above can be entered in directly.
- Supports router configurations.
- Runs on KDE 2 or 3, and Linux 2.2, 2.4 and 2.6 series kernels.
- Supports advanced Linux 2.4+ iptables features such as connection tracking and rate limited logging.
- Firewall scripts can be Imported/Exported for use on machines other than the current one.
- DHCP support.
- Uses a "what is not explicitly allowed, is denied" philosophy. Fail-safe design.
- Well documented with tutorials and reference material.
- Licensed under the terms of the GNU General Public License. Is Free and will remain Free.

N-View is a network monitor for small and medium-sized networks. It features automatic scanning of subnets for host addresses, monitoring of ICMP responses from all hosts, signalling of timeouts and delays in the GUI and by mail, a portscanner, an SNMP client (MIB browser and trap receiver), a graphical display of network traffic for network interfaces, connectivity to hosts by telnet, HTTP browser, or an arbitrary external program (such as ssh), printing of network diagrams, automatic generation of HTML pages, and more.
Main features:
Simple configuration:
- automatic scan for hosts, based on ICMP ("ping"),
- configurable limits for response delay, timeout and port scan interval,
- individual configuration can be stored in a configuration file;
Graphic display:
- automatic arranging of icons for hosts and subnets (optional),
- arbitrary background pictures for each screen,
- signalling delay and timeout of hosts and subnets with coloured icons,
- graphic display of traffic load for selected network interfaces,
- arbitrary labelling for all icons and windows;
Signalling of status changes on display, acoustic and per e-mail (optional):
- on timeout or delayed reply of a host,
- on changes of the open port status,
- on receiving of SNMP traps;
Management interface, connections to hosts:
- via external browser,
- via internal telnet client,
- via internal SNMP client/browser;
Flexible display:
- showing Subnets as tabbed or cascaded windows,
- coloured printer output of network diagrams,
- network diagrams can be accessed from HTML browsers from inside the network (external HTML server required);

Aps is a small tool for analyzing network traffic. It prints out a great deal of information about the relevant protocols including TCP, UDP, ARP, and ICMP.
It allows you to filter IP addresses, hardware addresses, ports, and specific protocols. It comes with a little GTK-GUI displaying packet counters for each protocol.
APS tries to print detailed info about network frames that are received from the SOCK_RAW (ETH_P_ALL) socket. I am not sure if this is the clean way, but it works fine. APS prints info about the hardware layer and the IP and TCP/UDP/ICMP header.
The tail of the packet (mostly the data) wich could not be interpreted is written on the screen as ascii/hex-dump or both (your choice).
Example
HW-ADDR: 00:60:8c:f6:40:96 -----> 00:80:ad:30:8f:3b
IP-ADDR: 192.168.17.52 -----> 192.168.17.50
IP-Ver4 || Head:0x0a (bytes) || Service(TOS):16 || Length over all:0061
Fragmentation: ID:0x4079 - Flags: 0 1 0 - Offset:00000
TTL:064 || Protokoll:006 (TCP) || HeaderCRC:0x567b
TCP-HEADER:
Ports: 0023-->1034 (telnet) Seq./Ack. Nr.:0x70843468 / 0xeae29434
Data-Offset:0x05 Reserved-6Bit:00 Flags:-urg-ACK-PSH-rst-syn-fin-
Window:0x7fe0 CRC:0x9420 Urgent-Pointer:0x0000
73 61 74 75 72 6e 32 3a 2f 73 72 76 2f 70 72 69 6e 74 71 23 20
HW-ADDR: 52:54:40:25:8d:88 -----> ff:ff:ff:ff:ff:ff
SAMBA/NetBios
e0 e0 03 ff ff 00 22 00 11 00 00 00 00 ff ff ff ff ff ff 04 52 00 00 00 00 52
40 25 8d 88 40 08 00 03 00 04 20 20 20 20 20 20 20 20 20
HW-ADDR: 00:80:ad:30:8f:3b -----> 00:60:8c:f6:40:96
IP-ADDR: 192.168.17.50 -----> 194.112.123.200
IP-Ver4 || Head:0x0a (bytes) || Service(TOS):0 || Length over all:0029
Fragmentation: ID:0x29ae - Flags: 0 0 0 - Offset:00000
TTL:064 || Protokoll:001 (ICMP) || HeaderCRC:0x411f
echo request CODE:0x0 CRC:0xf9f5 SIG:0x602 NUM:0x0
00 ea
Enhancements:
- added break for Packet-counter and fixed some minor bugs

LANtern is a frame and packet analyzer for Linux. Its written in C (without pcap) and released under the MIT license.

LANtern currently supports ethernet frames, ARP, MPLS, RARP, IPv4 (AH, ESP, GRE, ICMP, IGMP, TCP, IPComp, UDP, UDP-Lite, and IP-in-IP encapsulation)

I hope to soon write/release a BSD version.

Feel free to make changes to fit your needs. This isnt released under the GPL so youre not "required" to submit modifications, but if you want to send me some enhancements or new features, please do.

KWallBuilder is a tool for adding iptable rules based on the responses of the user. KWallBuilder project tries to insulate the user from the complexities of the iptables mechanism.
The current version supports rules based on network layer protocol and ports. It supports TCP,UDP and ICMP protocols.
While KWallBuilder adds iptable rules, it does not guarantee that the added rules will be sufficient to completely protect the system, more details can be obtained from the applications home page.
Though the rpm provided is for SuSE, it can be used on any distribution. The rpm installs in /opt/kde3/ . The application and the icon can then be copied into the KDE directory for the distribution.
Main features:
- KWallBuilder adds rules based on ports and network layer protocol.
- The added rules are restored on application startup.
- Packets of similar type (i.e. those that will result in the same rule) are queued if the first packet of the type is awaiting user response and the user response applied to them.

tcptraceroute project is a traceroute implementation using TCP packets.

The more traditional traceroute(8) sends out either UDP or ICMP ECHO packets with a TTL of one, and increments the TTL until the destination has been reached. By printing the gateways that generate ICMP time exceeded messages along the way, it is able to determine the path packets are taking to reach the destination.

The problem is that with the widespread use of firewalls on the modern Internet, many of the packets that traceroute(8) sends out end up being filtered, making it impossible to completely trace the path to the destination.

However, in many cases, these firewalls will permit inbound TCP packets to specific ports that hosts sitting behind the firewall are listening for connections on. By sending out TCP SYN packets instead of UDP or ICMP ECHO packets, tcptraceroute is able to bypass the most common firewall filters.

THC-UnixHackingTools is a compilation of needfull unix hacking tools including backdoors, cleaners, tunnels, etc written by THC members, that compile on various unix platforms.

They are not elite of course, otherwise we wouldnt release them, but they are very useful - so take a look and tryem out...

Collector v1.0 library to transfer data to other hosts (sniffer!)
Hunter v1.2 easy sniffer for Linux
ICMP-Tunnel v1.0 an icmp tunnel program for transfering files
Searcher v8.0 check admins $HOME for .rhosts/.forward etc.
Smeagol v4.4.4 nice backdoor with acct/logclean and hiding functions
clear v1.3 elite log cleaner (delete!) for utmp(x)/wtmp(x)/lastlog
cnt-svr-filetransfer small sources to transfer files on any unix system
daemonshell tcp and udp daemonshell in perl
fingerd-fileserver patch to fingerd (linux) to transfer files (cool!)
paz v1.0 process accounting zap, deletes accouting info
probe v2.3 script for remote host probing, really good.
t-shirt v4.0 our THC T-Shirt for 98, 1st released on the Cebit
zap3 enhanced zap to delete entrys. also for sys v systems

on most files, the small README inside does not tell much about its options. browse the sourcecode instead.