tcp lighting
Sponsored Links
Sponsored Links
Secleted [ 0 ] software to compare
Results 1 - 15 of about 729
TCP Knocking 0.1
TCP Knocking provides a port knocking implementation. more>>
TCP Knocking provides a port knocking implementation.
Often a secure system needs a port open so that only authorized persons can access a particular service and also the service should not exposed to attackers and worms that may use vulnerabilities that exist in the listening server. Port knocking is designed to be used as a complementary service to the existing authentication mechanism. But one of the biggest problems with port knocking is manipulating the firewall with timeouts.
When the correct knock sequence is sent, the firewall is modified for couple of seconds. Having the firewall open automatically for a time period will make any system administrator uncomfortable. TCP knocking attempts to solve the problem by incorporating the knock into the TCP handshake. Tcp knocking is similar to port knocking, but instead sending UDP packets with secret ports, the TCP handshake packets must include secrete codes. It is at least as secure as port knocking and it can be made secure with more hardening.
Modified TCP handshake:
In normal TCP handshake, the client sends the syn packet and chooses a random initial sequence number. The server responds with a packet that has both syn and ack flags set, choosing a random
The modified TCP handshake uses the empty fields in the header. The server does not respond to connection requests without a special code generated along with the syn packet. The server also encrypts the ISN in the ack packet (2) and the final packet of the three-way handshake must have the correct acknowledgment for the servers ISN. The system is further protected from brute-force attacks by closing the connection if the first attempt for the third packet does not have the expected acknowledgment sequence.
Also, rather than use conventional encryption techniques like HMAC for verification, this system uses a file with random numbers as the key. This is because of the limited unused space available in the TCP/IP header which makes HMAC very weak. By using a shared file, the length of the key can be much greater than traditional systems and even though some parts of the key can be revealed by attacks, the server can protect itself from replay attacks.
The handshake:
1) Syn
The syn packet does not use the 32 bit acknowledgment field in the TCP header as it the the first packet to initiate the connection. Further the 16 bit IPID can be used to transmit information. In the current implementation only the 32 bit acknowledgment field is used. Currently the 32 bit ack is derived from a 64 KB file which contains random numbers. The ISN and the source IP address along with the random numbers are used to generate this value.
2) Syn/Ack
The ISN is encrypted using the random numbers from the 64 KB file using the destination IP address as well as a 16 bit random number used as IPID. I do not have code for this part yet.
3) Ack
The client decrypts the syn number from the encrypted syn, the key file, the 16 bit IPID and its own IP address and sends the ack packet. The server closes all connections from the client for couple of minutes if it sends a wrong ack value. Part of the security relies on the fact that the ISN generated by Linux 2.6 is fairly random.
Implementation:
I have implemented only the first part, which is the server expecting secret code along with the first syn packet from the client. Hence it is very possible to brute-force the server. Also the system is designed with the second phase in mind, which is the encrypted Initial Sequence Number in the ack packet and closing the connection if the correct ack is not sent on the first try. I do not have an implementation for that yet. The security will be increased greatly when the second phase is incorporated. Also the ability to detect brute-force attacks can be added to this system.
But the current system can be used for protecting the server from worms and random scanning. The use-case is similar to port knocking but it does not use the ugly system of opening the firewall for a couple of seconds. Vanilla port knocking is susceptible to brute-force attacks as well. Besides, inserting a kernel module to just ssh into your server will increase your mad sysadmin points.
Enhancements:
- TCP knocking with Phase 1 of the protocol was implemented.
<<lessOften a secure system needs a port open so that only authorized persons can access a particular service and also the service should not exposed to attackers and worms that may use vulnerabilities that exist in the listening server. Port knocking is designed to be used as a complementary service to the existing authentication mechanism. But one of the biggest problems with port knocking is manipulating the firewall with timeouts.
When the correct knock sequence is sent, the firewall is modified for couple of seconds. Having the firewall open automatically for a time period will make any system administrator uncomfortable. TCP knocking attempts to solve the problem by incorporating the knock into the TCP handshake. Tcp knocking is similar to port knocking, but instead sending UDP packets with secret ports, the TCP handshake packets must include secrete codes. It is at least as secure as port knocking and it can be made secure with more hardening.
Modified TCP handshake:
In normal TCP handshake, the client sends the syn packet and chooses a random initial sequence number. The server responds with a packet that has both syn and ack flags set, choosing a random
The modified TCP handshake uses the empty fields in the header. The server does not respond to connection requests without a special code generated along with the syn packet. The server also encrypts the ISN in the ack packet (2) and the final packet of the three-way handshake must have the correct acknowledgment for the servers ISN. The system is further protected from brute-force attacks by closing the connection if the first attempt for the third packet does not have the expected acknowledgment sequence.
Also, rather than use conventional encryption techniques like HMAC for verification, this system uses a file with random numbers as the key. This is because of the limited unused space available in the TCP/IP header which makes HMAC very weak. By using a shared file, the length of the key can be much greater than traditional systems and even though some parts of the key can be revealed by attacks, the server can protect itself from replay attacks.
The handshake:
1) Syn
The syn packet does not use the 32 bit acknowledgment field in the TCP header as it the the first packet to initiate the connection. Further the 16 bit IPID can be used to transmit information. In the current implementation only the 32 bit acknowledgment field is used. Currently the 32 bit ack is derived from a 64 KB file which contains random numbers. The ISN and the source IP address along with the random numbers are used to generate this value.
2) Syn/Ack
The ISN is encrypted using the random numbers from the 64 KB file using the destination IP address as well as a 16 bit random number used as IPID. I do not have code for this part yet.
3) Ack
The client decrypts the syn number from the encrypted syn, the key file, the 16 bit IPID and its own IP address and sends the ack packet. The server closes all connections from the client for couple of minutes if it sends a wrong ack value. Part of the security relies on the fact that the ISN generated by Linux 2.6 is fairly random.
Implementation:
I have implemented only the first part, which is the server expecting secret code along with the first syn packet from the client. Hence it is very possible to brute-force the server. Also the system is designed with the second phase in mind, which is the encrypted Initial Sequence Number in the ack packet and closing the connection if the correct ack is not sent on the first try. I do not have an implementation for that yet. The security will be increased greatly when the second phase is incorporated. Also the ability to detect brute-force attacks can be added to this system.
But the current system can be used for protecting the server from worms and random scanning. The use-case is similar to port knocking but it does not use the ugly system of opening the firewall for a couple of seconds. Vanilla port knocking is susceptible to brute-force attacks as well. Besides, inserting a kernel module to just ssh into your server will increase your mad sysadmin points.
Enhancements:
- TCP knocking with Phase 1 of the protocol was implemented.
Download (0.005MB)
Added: 2006-12-06 License: GPL (GNU General Public License) Price:
1054 downloads
tcptunnel 1.0
tcptunnel is a simple TCP tunnel written in Perl. more>>
tcptunnel is a simple TCP tunnel written in Perl.
Also is a versatile tcp tunnel. The tcptunnel uses:
- tunnelling through a firewall or proxy
- redirecting tcp connections to other ports or machines
- debugging tcp connections in-place
- packet sniffing
The tcptunnel listens on local port < port > and when a connection is made it connects the other end of the tunnel as follows:
a) With no proxy specified, it connects the other end
to < srvport > on < srv >.
b) With a proxy, it connects to < srvport > on < proxy >.
It then directs the proxy to telnet to < srv >, and then it connects the ends of the tunnel.
<<lessAlso is a versatile tcp tunnel. The tcptunnel uses:
- tunnelling through a firewall or proxy
- redirecting tcp connections to other ports or machines
- debugging tcp connections in-place
- packet sniffing
The tcptunnel listens on local port < port > and when a connection is made it connects the other end of the tunnel as follows:
a) With no proxy specified, it connects the other end
to < srvport > on < srv >.
b) With a proxy, it connects to < srvport > on < proxy >.
It then directs the proxy to telnet to < srv >, and then it connects the ends of the tunnel.
Download (0.005MB)
Added: 2006-07-01 License: GPL (GNU General Public License) Price:
1213 downloads
TCP Re-engineering Tool 1.4.3
TCP Re-engineering Tool monitors and analyzes data transmitted between a client and a server via a TCP connection. more>>
TCPreen is a simple tool to monitor and analyze data transmitted between clients and servers through connection-oriented streams data such as a TCP sessions; it supports TCP over either IPv4 or IPv6. This tool focuses on the data stream (software/socket layer), not on the lower level transmission protocol as packet sniffers do.
TCPreen listens on a TCP port and wait for incoming connections to come in. Then, it forwards data sent by the connecting client to another server port (possibly on another computer) and forwards server responses back to the client.
TCPreen can display data on your console in real-time and/or save it to log files for later reference.There are various display formats.
While it was originally meant to help developers reverse-engineer TCP-based protocols, it can also be very useful to debug network server or client software or for a system administrator to monitor a TCP service.
Enhancements:
- libsolve/getaddrinfo.{c,h}, src/winstub.{c,h}:
- dirty kludge to resolve getaddrinfo & co at run-time
- so that tcpreen can still run on Windows 2000 and older.
<<lessTCPreen listens on a TCP port and wait for incoming connections to come in. Then, it forwards data sent by the connecting client to another server port (possibly on another computer) and forwards server responses back to the client.
TCPreen can display data on your console in real-time and/or save it to log files for later reference.There are various display formats.
While it was originally meant to help developers reverse-engineer TCP-based protocols, it can also be very useful to debug network server or client software or for a system administrator to monitor a TCP service.
Enhancements:
- libsolve/getaddrinfo.{c,h}, src/winstub.{c,h}:
- dirty kludge to resolve getaddrinfo & co at run-time
- so that tcpreen can still run on Windows 2000 and older.
Download (0.041MB)
Added: 2006-06-28 License: GPL (GNU General Public License) Price:
1216 downloads
Q Light Controller 2.6.0
Q Light Controller 2 (QLC) aims to be a free alternative to commercial lighting software and hardware. more>>
Q Light Controller 2 (QLC) aims to be a free alternative to commercial lighting software and hardware. The main emphasis is to build a software that can be used to control any kinds of lighting equipment.
QLC uses the dmx4linux driver suite to access various hardware interfaces. Currently DMX512, Analog 0-10V and MIDI control systems are being supported by dmx4linux. Refer to dmx4linux interfaces for more information on supported interfaces.
Q Light Controller is free software licensed under the GNU General Public License.
Main features:
- Easy to use device-oriented interface
- Control up to 512 DMX/Analog channels thru DMX4Linux
- Use one of the ready-made fixture definitions, or
- Define your own fixtures with the device class editor
- Create fast changing or smoothly fading scenes, chasers and sequences
- Easy programming of moving lights thru a pattern generator
- Conjure your favourite lighting desk layout with the virtual console
<<lessQLC uses the dmx4linux driver suite to access various hardware interfaces. Currently DMX512, Analog 0-10V and MIDI control systems are being supported by dmx4linux. Refer to dmx4linux interfaces for more information on supported interfaces.
Q Light Controller is free software licensed under the GNU General Public License.
Main features:
- Easy to use device-oriented interface
- Control up to 512 DMX/Analog channels thru DMX4Linux
- Use one of the ready-made fixture definitions, or
- Define your own fixtures with the device class editor
- Create fast changing or smoothly fading scenes, chasers and sequences
- Easy programming of moving lights thru a pattern generator
- Conjure your favourite lighting desk layout with the virtual console
Download (1.4MB)
Added: 2006-11-26 License: GPL (GNU General Public License) Price:
1081 downloads
Perl Advanced TCP Hijacking 0.8
Perl Advanced TCP Hijacking is a collection of tools for inspecting and hijacking network connections written in Perl. more>>
Perl Advanced TCP Hijacking is a collection of tools for inspecting and hijacking network connections written in Perl. It consists of a packet generator, an RST daemon, a sniffer, an ICMP redirection tool, an ARP redirection tool, an IDS testing tool and other.
If your system supports Perl just do the following steps:
cd modules
su
perl Makefile.PL
make
make install
If the script tell you it cant install all required modules automatically youll find that module on CPAN [http://www.cpan.org].
<<lessIf your system supports Perl just do the following steps:
cd modules
su
perl Makefile.PL
make
make install
If the script tell you it cant install all required modules automatically youll find that module on CPAN [http://www.cpan.org].
Download (0.46MB)
Added: 2006-07-05 License: GPL (GNU General Public License) Price:
1211 downloads
TUER Alpha
TUER is a 3D FPS written in JAVA + JOGL + JOGG. more>>
TUER is a 3D FPS written in JAVA + JOGL + JOGG.
TUER is a very small first player shooter. You can shoot robots in a museum with your rocket launcher. It uses a kind of dynamic lighting. You can also perform screenshots and snapshots.
<<lessTUER is a very small first player shooter. You can shoot robots in a museum with your rocket launcher. It uses a kind of dynamic lighting. You can also perform screenshots and snapshots.
Download (MB)
Added: 2007-08-23 License: Freeware Price:
487 downloads
TcpCat 0.1
TcpCat is a very lightweight tcp util. more>>
TcpCat is a cat like command but for tcp service.
TcpCat is a very lightweight tcp util. It take an IP address and a TCP port as argument, connect to it and give the result back to stdout.
It was written as a lightweight version of netcat. As such it work as the unix cat command but instead of displaying a file it display the result from a tcp service.
<<lessTcpCat is a very lightweight tcp util. It take an IP address and a TCP port as argument, connect to it and give the result back to stdout.
It was written as a lightweight version of netcat. As such it work as the unix cat command but instead of displaying a file it display the result from a tcp service.
Download (0.010MB)
Added: 2005-09-26 License: GPL (GNU General Public License) Price:
1489 downloads
TCP port scanner 1.0.4
TCP port scanner is a network scanner for Linux. more>>
TCP port scanner is a network scanner for Linux.
Installation:
1. Install - become root and gunzip/tar tcpscan-X-Y-Z.tar.gz.
2. Type ./confugure , make
3. Type install
4. Enjoy and try type tcpscan localhost
5. To get help - run tcpscan without parametres.
Usage:
tcpscan [-f] [hostname || IP_address]
tcpscan [-f] [first_IP_address] [last_IP_address]
<<lessInstallation:
1. Install - become root and gunzip/tar tcpscan-X-Y-Z.tar.gz.
2. Type ./confugure , make
3. Type install
4. Enjoy and try type tcpscan localhost
5. To get help - run tcpscan without parametres.
Usage:
tcpscan [-f] [hostname || IP_address]
tcpscan [-f] [first_IP_address] [last_IP_address]
Download (0.060MB)
Added: 2006-04-14 License: GPL (GNU General Public License) Price:
1299 downloads
3Delight for 32-bit Linux 7.0
3Delight is a renderer to produce photo-realistic images on 32-bit linux. more>> 3Delight is a fast, high quality, RenderMan-compliant renderer designed to produce photo-realistic images in demanding production environments. The renderer was introduced to the public in the year 2000 after being used for more than a year as the sole renderer in a sister production company. It is now widely used and earning a reputation as a benchmark in rendering technology.
Some of its features include ray tracing, global illumination (including photon mapping, final gathering and high dynamic range lighting and rendering), realistic motion blur, depth of field, complete geometry support (including efficient rendering of hair and fur), programmable shaders, quality antialiasing and antialiased shadow maps. Advanced features include Ri filtering, network caching and highly customizable workflow.
Follows a summary of 3Delights features.
-RenderMan Compliant
-RenderMan Shading Language Support
-Rendering Features
-Geometry Support
-Fast and Efficient Rendering
-Extensible Display Drivers
-Multi-platform Support with Specific Code Optimization<<less
Download (11.4MB)
Added: 2009-04-11 License: Freeware Price: Free
195 downloads
3Delight for 64-bit Linux 7.0
3Delight is a renderer to produce photo-realistic images on 64-bit linux. more>> 3Delight is a fast, high quality, RenderMan-compliant renderer designed to produce photo-realistic images in demanding production environments. The renderer was introduced to the public in the year 2000 after being used for more than a year as the sole renderer in a sister production company. It is now widely used and earning a reputation as a benchmark in rendering technology.
Some of its features include ray tracing, global illumination (including photon mapping, final gathering and high dynamic range lighting and rendering), realistic motion blur, depth of field, complete geometry support (including efficient rendering of hair and fur), programmable shaders, quality antialiasing and antialiased shadow maps. Advanced features include Ri filtering, network caching and highly customizable workflow.
Follows a summary of 3Delights features.
-RenderMan Compliant
-RenderMan Shading Language Support
-Rendering Features
-Geometry Support
-Fast and Efficient Rendering
-Extensible Display Drivers
-Multi-platform Support with Specific Code Optimization<<less
Download (10.1MB)
Added: 2009-04-12 License: Freeware Price: Free
194 downloads
Privbind 1.1
Privbind is allows secure running of unprivileged programs, but allowing them to bind to privileged (<1024) TCP/UDP ports. more>>
Privbind is a small tool allowing secure running of unprivileged programs, but allowing them to bind to privileged (<<less
Download (0.30MB)
Added: 2007-06-20 License: GPL (GNU General Public License) Price:
856 downloads
TCPWatch 1.3
TCPWatch is a utility written in Python that lets you monitor forwarded TCP connections or HTTP proxy connections. more>>
TCPWatch is a utility written in Python that lets you monitor forwarded TCP connections or HTTP proxy connections.
It displays the sessions in a window with a history of past connections. It is useful for developing and debugging protocol implementations and web services.
Enhancements:
- Made compatible with versions of tcl that have threads enabled.
- Log file numbers are now sequential.
- "user@host" is now accepted as a destination hostname (the user name is ignored).
<<lessIt displays the sessions in a window with a history of past connections. It is useful for developing and debugging protocol implementations and web services.
Enhancements:
- Made compatible with versions of tcl that have threads enabled.
- Log file numbers are now sequential.
- "user@host" is now accepted as a destination hostname (the user name is ignored).
Download (0.013MB)
Added: 2005-10-15 License: GPL (GNU General Public License) Price:
1476 downloads
TCPreen 1.4.2
TCP Re-engineering Tool monitors and analyzes data transmitted between a client and a server via a TCP connection. more>>
TCPreen is a simple tool to monitor and analyze data transmitted between clients and servers through connection-oriented streams data such as a TCP sessions; it supports TCP over either IPv4 or IPv6. This tool focuses on the data stream (software/socket layer), not on the lower level transmission protocol as packet sniffers do.
TCPreen listens on a TCP port and wait for incoming connections to come in. Then, it forwards data sent by the connecting client to another server port (possibly on another computer) and forwards server responses back to the client.
TCPreen can display data on your console in real-time and/or save it to log files for later reference. Various display formats are available.
While it was originally meant to help developers reverse-engineer TCP-based protocols, it can also be very useful to debug network server or client software or for a system administrator to monitor a TCP service.
<<lessTCPreen listens on a TCP port and wait for incoming connections to come in. Then, it forwards data sent by the connecting client to another server port (possibly on another computer) and forwards server responses back to the client.
TCPreen can display data on your console in real-time and/or save it to log files for later reference. Various display formats are available.
While it was originally meant to help developers reverse-engineer TCP-based protocols, it can also be very useful to debug network server or client software or for a system administrator to monitor a TCP service.
Download (0.040MB)
Added: 2005-04-11 License: GPL (GNU General Public License) Price:
1660 downloads
libtcp++ 0.1.2
libtcp++ is a C++ class library to facilitate the creation of TCP/IP clients and servers. more>>
libtcp++ is a C++ class library to facilitate the creation of TCP/IP clients and servers. libtcp++ has three classes, TcpClient, TcpServer and TcpIpRuleSet.
TcpServer has build it logging capability peer detection method, and IP-based access control in addition to regular server functionality.
TcpClient supports a user specified timeout on connect(), nice for port/host scanning, and other situations when you may be connecting to a dead host or a firewalled port.
<<lessTcpServer has build it logging capability peer detection method, and IP-based access control in addition to regular server functionality.
TcpClient supports a user specified timeout on connect(), nice for port/host scanning, and other situations when you may be connecting to a dead host or a firewalled port.
Download (0.068MB)
Added: 2006-05-24 License: Freeware Price:
1251 downloads
tcptrack 1.2.0
tcptrack provides a packet sniffer that displays TCP connections similarly to top. more>>
tcptrack provides a packet sniffer that displays TCP connections similarly to top.
tcptrack is a packet sniffer, which passively watches for connections on a specified network interface, tracks their states, and lists them in a manner similar to the Unix top command.
It displays source and destination addresses and ports, connection state, idle time, and bandwidth usage.
<<lesstcptrack is a packet sniffer, which passively watches for connections on a specified network interface, tracks their states, and lists them in a manner similar to the Unix top command.
It displays source and destination addresses and ports, connection state, idle time, and bandwidth usage.
Download (0.11MB)
Added: 2007-02-21 License: GPL (GNU General Public License) Price:
584 downloads
Secleted [ 0 ] software to compare
Copyright Notice:
Software piracy is theft, Using crack, password, serial numbers, registration codes, key generators is illegal and prevent future software development. The above tcp lighting search only lists software in full, demo and trial versions for free download. Download links are directly from our mirror sites or publisher sites, torrent files or links from rapidshare.com, yousendit.com or megaupload.com are not allowed
