Free tcp ip tutorial software for linux

Template::Tutorial are template toolkit tutorials.

This section includes tutorials on using the Template Toolkit. Subjects currently include an general overview of the Template Toolkit, showing users how to get quickly up to speed building web content, and a tutorial on generating and using data files, with particular reference to XML.

Template::Tutorial::Web

Generating Web Content Using the Template Toolkit

This tutorial provides an introduction to the Template Toolkit and a "quick start" guide to getting up to speed. Its primarily focus is on using the Template Toolkit to build web content and it covers 4 basic areas: using tpage and ttree; using the Template.pm module in CGI scripts; writing Apache/mod_perl handlers; and extending the toolkit by writing plugins.

Template::Tutorial::Datafile

Creating Data Output Files Using the Template Toolkit

This tutorial gives an overview of the Template Toolkit, showing in particular how to use it to read and write data files in various different formats and styles. It was written by Dave Cross and first appeared as a lead article at http://www.perl.com/ earlier in the year (2001).

KDE Simple Programming Tutorial is a tutorial for developing a KDE application.

With the only requirement of a little C++ knowledge, and using the latest KDE snapshots, the reader will learn how to build his/her first KDE application from a simple "Hello world" button to a Web browser with a DCOP interface that communicates with a bookmark application running in a separate process.

Theres also a spanish and a romanian version of the documentation.

yagg::Tutorial is a Perl module that contains a tutorial for yagg.

SYNOPSIS

# To use the generator
./yagg -m nonterminals.yg terminals.lg
./output/progs/generate 5

This tutorial will show you how to use yagg, by way of two examples. In the first example, we create a simple logical expression generator from scratch. In the second example, we create a more sophisticated logical expression generator from existing parser/lexer input files, such as those used by YACC/Bison and LEX/FLEX. These examples, plus another more sophisticated fault tree generator are included with the distribution in the examples/ directory.

It is assumed that the reader knows a little about formal grammars. Ideally, the reader would have some experience writing grammars for input to parser generators like YACC and Bison.

TCP Knocking provides a port knocking implementation.
Often a secure system needs a port open so that only authorized persons can access a particular service and also the service should not exposed to attackers and worms that may use vulnerabilities that exist in the listening server. Port knocking is designed to be used as a complementary service to the existing authentication mechanism. But one of the biggest problems with port knocking is manipulating the firewall with timeouts.
When the correct knock sequence is sent, the firewall is modified for couple of seconds. Having the firewall open automatically for a time period will make any system administrator uncomfortable. TCP knocking attempts to solve the problem by incorporating the knock into the TCP handshake. Tcp knocking is similar to port knocking, but instead sending UDP packets with secret ports, the TCP handshake packets must include secrete codes. It is at least as secure as port knocking and it can be made secure with more hardening.
Modified TCP handshake:
In normal TCP handshake, the client sends the syn packet and chooses a random initial sequence number. The server responds with a packet that has both syn and ack flags set, choosing a random
The modified TCP handshake uses the empty fields in the header. The server does not respond to connection requests without a special code generated along with the syn packet. The server also encrypts the ISN in the ack packet (2) and the final packet of the three-way handshake must have the correct acknowledgment for the servers ISN. The system is further protected from brute-force attacks by closing the connection if the first attempt for the third packet does not have the expected acknowledgment sequence.
Also, rather than use conventional encryption techniques like HMAC for verification, this system uses a file with random numbers as the key. This is because of the limited unused space available in the TCP/IP header which makes HMAC very weak. By using a shared file, the length of the key can be much greater than traditional systems and even though some parts of the key can be revealed by attacks, the server can protect itself from replay attacks.
The handshake:
1) Syn
The syn packet does not use the 32 bit acknowledgment field in the TCP header as it the the first packet to initiate the connection. Further the 16 bit IPID can be used to transmit information. In the current implementation only the 32 bit acknowledgment field is used. Currently the 32 bit ack is derived from a 64 KB file which contains random numbers. The ISN and the source IP address along with the random numbers are used to generate this value.
2) Syn/Ack
The ISN is encrypted using the random numbers from the 64 KB file using the destination IP address as well as a 16 bit random number used as IPID. I do not have code for this part yet.
3) Ack
The client decrypts the syn number from the encrypted syn, the key file, the 16 bit IPID and its own IP address and sends the ack packet. The server closes all connections from the client for couple of minutes if it sends a wrong ack value. Part of the security relies on the fact that the ISN generated by Linux 2.6 is fairly random.
Implementation:
I have implemented only the first part, which is the server expecting secret code along with the first syn packet from the client. Hence it is very possible to brute-force the server. Also the system is designed with the second phase in mind, which is the encrypted Initial Sequence Number in the ack packet and closing the connection if the correct ack is not sent on the first try. I do not have an implementation for that yet. The security will be increased greatly when the second phase is incorporated. Also the ability to detect brute-force attacks can be added to this system.
But the current system can be used for protecting the server from worms and random scanning. The use-case is similar to port knocking but it does not use the ugly system of opening the firewall for a couple of seconds. Vanilla port knocking is susceptible to brute-force attacks as well. Besides, inserting a kernel module to just ssh into your server will increase your mad sysadmin points.
Enhancements:
- TCP knocking with Phase 1 of the protocol was implemented.

NetPipes provides a set of utilities to attach stdin/stdout utilities to network sockets.

The netpipes package makes TCP/IP streams usable in shell scripts. It can also simplify client/server code by allowing the programmer to skip all the tedious programming bits related to sockets and concentrate on writing a filter/service.

Applications of these utilities can include file transfer, network backups, HTTP queries, remote procedure calls, and TCP daemon testing.

The SSL encryption filter available in the US/Canada version can be applied by shell scripts communicating with secure HTTPDs and can be used to make an SSL IMAPD out of a non-SSL one. (requires the SSLeay library).

aucet is the server end of a TCP/IP stream. It listens on a port of the local machine waiting for connections. Every time it gets a connection it forks a process to perform a service for the connecting client.

hose is the client end of a TCP/IP stream. It actively connects to a remote port and execs a process to request a service.

encapsulate is an implementation of the Session Control Protocol. It allows you to multiplex several streams across a single TCP session and also transmits remote exit status.

ssl-auth is an encryption filter that encapsulates stdin/stdout from a subprocess (or its own stdin/stdout) in the Secure Socket Layer protocol as implemented by the SSLeay library. It can be used to communicate with encrypted daemons (HTTPS daemons, or SSL IMAP daemons) and can sometimes be used to jury-rig secure versions of such services.

sockdown is a simple program designed to shut down part or all of the socket connection. It is primarily useful when the processes connected to the socket perform both input and output.

getpeername and getsockname are two names for a program designed to print out the addresses of the ends of a socket. getpeername prints the address of the remote end and getsockname prints the address of the local end.

timelimit limits the amount of foreground wallclock time a process can consume. After the time limit runs out it either kills the process or exits and leaves it in the background.

Gratissip Tftp is a program that displays TCP/IP connections on an LCD display.
ratissip Tftpd is a TFTP server written in Java. It has special extensions which allows it to serve firmware and provisional settings for Grandstream VoIP phones.
Enhancements:
- The code was fixed up for announcement.

NetEclipse is a suite of tools created for testing TCP/IP weaknesses and using them in a non-conventional way, such as testing security and limits of IP version 4 protocols.
The Makefile is extremely simple but it should do its work... To install extract the package "neteclipse-x.xx" and launch "make".
If you got into trouble:
first check if you have LibPcap installed and if the version isnt too old.Try to install the version included in the package (read the INSTALL file in /libpcap-0.7.1/ before!!) and then, if it doesnt work yet, launch "make report" and send me the make_errors.log file at
Enhancements:
- Version 2.0 of the manual
- Minor changes in the code