Free tcp half connections software for linux

Net::Connection::Sniffer can gather stats on network connections.

SYNOPSIS

use Net::Connection::Sniffer;
gather($config)
__top

Net::Connection::Sniffer is a perl module to gather connection statistics by listening to ethernet traffic. Traffic is filtered using standard BPF notation as described in the tcpdump documentation and implemented using the standard pcap library to sniff packets on host network interfaces.

Gnome Remote Connection Manager is a gnome application that stores information
about remote connections.
It gives you a GUI program to launch applications like telnet, shh, or rdesktop. It is highly configurable as to what type of applications it launches, so you are not limited to the three listed, for example I never thought of using it for ftp, but it would be easy to setup.
GRCM uses gconf to store information about connections.
Enhancements:
- Added some missing icons.
- Fixed a callback in the Connections Dialog that made the default arguments from the connection appear when selected.

TCP Knocking provides a port knocking implementation.
Often a secure system needs a port open so that only authorized persons can access a particular service and also the service should not exposed to attackers and worms that may use vulnerabilities that exist in the listening server. Port knocking is designed to be used as a complementary service to the existing authentication mechanism. But one of the biggest problems with port knocking is manipulating the firewall with timeouts.
When the correct knock sequence is sent, the firewall is modified for couple of seconds. Having the firewall open automatically for a time period will make any system administrator uncomfortable. TCP knocking attempts to solve the problem by incorporating the knock into the TCP handshake. Tcp knocking is similar to port knocking, but instead sending UDP packets with secret ports, the TCP handshake packets must include secrete codes. It is at least as secure as port knocking and it can be made secure with more hardening.
Modified TCP handshake:
In normal TCP handshake, the client sends the syn packet and chooses a random initial sequence number. The server responds with a packet that has both syn and ack flags set, choosing a random
The modified TCP handshake uses the empty fields in the header. The server does not respond to connection requests without a special code generated along with the syn packet. The server also encrypts the ISN in the ack packet (2) and the final packet of the three-way handshake must have the correct acknowledgment for the servers ISN. The system is further protected from brute-force attacks by closing the connection if the first attempt for the third packet does not have the expected acknowledgment sequence.
Also, rather than use conventional encryption techniques like HMAC for verification, this system uses a file with random numbers as the key. This is because of the limited unused space available in the TCP/IP header which makes HMAC very weak. By using a shared file, the length of the key can be much greater than traditional systems and even though some parts of the key can be revealed by attacks, the server can protect itself from replay attacks.
The handshake:
1) Syn
The syn packet does not use the 32 bit acknowledgment field in the TCP header as it the the first packet to initiate the connection. Further the 16 bit IPID can be used to transmit information. In the current implementation only the 32 bit acknowledgment field is used. Currently the 32 bit ack is derived from a 64 KB file which contains random numbers. The ISN and the source IP address along with the random numbers are used to generate this value.
2) Syn/Ack
The ISN is encrypted using the random numbers from the 64 KB file using the destination IP address as well as a 16 bit random number used as IPID. I do not have code for this part yet.
3) Ack
The client decrypts the syn number from the encrypted syn, the key file, the 16 bit IPID and its own IP address and sends the ack packet. The server closes all connections from the client for couple of minutes if it sends a wrong ack value. Part of the security relies on the fact that the ISN generated by Linux 2.6 is fairly random.
Implementation:
I have implemented only the first part, which is the server expecting secret code along with the first syn packet from the client. Hence it is very possible to brute-force the server. Also the system is designed with the second phase in mind, which is the encrypted Initial Sequence Number in the ack packet and closing the connection if the correct ack is not sent on the first try. I do not have an implementation for that yet. The security will be increased greatly when the second phase is incorporated. Also the ability to detect brute-force attacks can be added to this system.
But the current system can be used for protecting the server from worms and random scanning. The use-case is similar to port knocking but it does not use the ugly system of opening the firewall for a couple of seconds. Vanilla port knocking is susceptible to brute-force attacks as well. Besides, inserting a kernel module to just ssh into your server will increase your mad sysadmin points.
Enhancements:
- TCP knocking with Phase 1 of the protocol was implemented.

Gtk2::Ex::MindMapView::Connection is a Perl module to draw connections between view items.

HEIRARCHY

Glib::Object
+----Gtk2::Object
+----Gnome2::Canvas::Item
+----Gnome2::Canvas::Shape
+----Gnome2::Canvas::Bpath
+----Gtk2::Ex::MindMapView::Connection

SYNOPSIS

use Gtk2::Ex::MindMapView::Connection;

This module is internal to Gtk2::Ex::MindMapView. Connections are instantiated by Gtk2::Ex::MindMapView. This module is responsible for drawing the connecting lines between Gtk2::Ex::MindMapView::Items onto the canvas.

The Gtk2::Ex::MindMapView::Connection is an observer. It registers with the view items so that it may be notified when a view items state changes.

INTERFACE

Properties

arrows (string : readable / writable)

Indicates whether arrows should be drawn. Possible values are: none, one-way, and two-way.

predecessor_item (Gtk2::Ex::MindMapView::Item : readable / writable)

The item at which this connection starts.

item (Gtk2::Ex::MindMapView::Item : readable / writable)

The item at which this connection ends.

Methods

INIT_INSTANCE

This subroutine is called by Glib::Object::Subclass as the object is being instantiated. You should not call this subroutine directly. Leave it alone.

SET_PROPERTY

This subroutine is called by Glib::Object::Subclass when a property is being set. You should not call this subroutine directly. Leave it alone. Instead call the set method to assign values to properties.

connect

Connect the Gtk2::Ex::MindMapView::Connection to the items it observes.

disconnect

Disconnect the Gtk2::Ex::MindMapView::Connection from the items it observes.

TCPreen is a simple tool to monitor and analyze data transmitted between clients and servers through connection-oriented streams data such as a TCP sessions; it supports TCP over either IPv4 or IPv6. This tool focuses on the data stream (software/socket layer), not on the lower level transmission protocol as packet sniffers do.
TCPreen listens on a TCP port and wait for incoming connections to come in. Then, it forwards data sent by the connecting client to another server port (possibly on another computer) and forwards server responses back to the client.
TCPreen can display data on your console in real-time and/or save it to log files for later reference.There are various display formats.
While it was originally meant to help developers reverse-engineer TCP-based protocols, it can also be very useful to debug network server or client software or for a system administrator to monitor a TCP service.
Enhancements:
- libsolve/getaddrinfo.{c,h}, src/winstub.{c,h}:
- dirty kludge to resolve getaddrinfo & co at run-time
- so that tcpreen can still run on Windows 2000 and older.

shd-tcp-tools project consists of TCP port forwarding, load balancing, rate control, and proxy tools.
shd-tcp-tools is a set of TCP network tools that supports port forwarding, network load balancing, rate limiting, and running servers behind firewalls. tcp-pf, listentwo, and connecttwo are port forwarding tools.
tcppipe is a one-directional TCP pipe that can be used as a substitute for one-directional netcat transfers, but with load balancing and rate control support.
tcp-pf can be used to forward a port from one host to another with load balancing and rate control support.
network load balancing scheme means using an interface or destination host based on past transfer history.
The listentwo and connecttwo tools can be used to run servers inside firewalled networks through third party TCP proxies.
Enhancements:
- Implemented tcppipe tool which replaces netcat when used as one-way tcp pipe.
- tcppipe supports load balancing and bandwidth rate control.
- tcppipe-least tool can be used to manipulate and show host files safely (it uses locking).

TCPWatch is a utility written in Python that lets you monitor forwarded TCP connections or HTTP proxy connections.
It displays the sessions in a window with a history of past connections. It is useful for developing and debugging protocol implementations and web services.
Enhancements:
- Made compatible with versions of tcl that have threads enabled.
- Log file numbers are now sequential.
- "user@host" is now accepted as a destination hostname (the user name is ignored).

TCPreen is a simple tool to monitor and analyze data transmitted between clients and servers through connection-oriented streams data such as a TCP sessions; it supports TCP over either IPv4 or IPv6. This tool focuses on the data stream (software/socket layer), not on the lower level transmission protocol as packet sniffers do.

TCPreen listens on a TCP port and wait for incoming connections to come in. Then, it forwards data sent by the connecting client to another server port (possibly on another computer) and forwards server responses back to the client.

TCPreen can display data on your console in real-time and/or save it to log files for later reference. Various display formats are available.

While it was originally meant to help developers reverse-engineer TCP-based protocols, it can also be very useful to debug network server or client software or for a system administrator to monitor a TCP service.