icmp
ICMP Knock Server
Free and open source CLI based tool to listen for ICMP packets more>> Free and open source CLI based tool to listen for ICMP packets
ICMP Knock Server is a free tool that uses a concept similar to port knocking, which basically involves waiting for a range of packets that match given criteria before executing some action (typically exposing a port, e.g. for SSH connections, that is kept closed or blocked otherwise).
But instead of listening for TCP or UDP packets to arrive on specific ports in a specific order, it accepts ICMP echo requests and checks if their payload lengths and order of arrival match the given pattern.
The advantage is that this approach works with the standard PING tool. Programs with custom code or (although common) networking tools like netcat plus the ability to execute them are not required.
System requirements:
- Python
newLISP 10.1.6
newLISP is a brilliant and simple to use Lisp-like, general-purpose scripting language more>> newLISP 10.1.6 is a brilliant and simple to use Lisp-like, general-purpose scripting language. It has all the magic of traditional Lisp but is easier to learn and use. newLISP is friendly, fast, and small. Most of the functions you will ever need are already built in. newLISP runs on most OS platforms.
Major Features:
- A Modern Built-In API
- Indexing into nested lists and implicit indexing
- Nested associations
- Regular expressions PCRE
- Pattern matching with match and unify
- Networking functions: TCP/IP, UDP, HTTP, ICMP
- XML functions
- Advanced Math and classic Statistics functions
- Bayesian Statistics functions
- Financial functions
- Date and time functions
- I/O transparent over local files or remote files via HTTP
- Name spaces (contexts) for programming in modules
- FOOP Functional Object Oriented Programming. See example new
- Distributed computing support with remote evaluation and HTTP file API.
- Cilk-style API for multiprocessor support new
- Expandable API
- import functions from C libraries
- Modules for MySQL, SQLite, Zlib, Crypto, Postscript etc.
- document generation support for user written modules: newLISPdoc
- Complete Documentation
- Users Manual and Reference
- Cookbook for common solutions Code Patterns in newLISP
- Introductions, e.g.: Introduction to newLISP
- Training videos; see Documentation page
- Advanced Automatic Memory Management
- ORO memory management
- Synchronous for repeatable processing times in real-time tasks
- Fast and lower on resources
- Multiprocessing
- UNIX forks (not on Win32)
- Semaphores
- Shared memory
- local domain UNIX sockets for fast IPC (not on Win32)
- Cilk-style multiprocessing API
- Since v.10.1 a messaging API for process inter communication
- Distributed Computing Support
- net-eval function for remote evaluation on multiple network nodes
- HTTP and net-eval server modes built-in (no code required)
- most file operations can take URLs
- 64-bit support
- 64-bit standard for integers and some file operations in the standard 32-bit versions
- LP64 Memory model support makefiles for LINUX, MacOS X and SOLARIS, TRU64
- Small and portable
- Only around 200KB in size (depending on platform and compile flavor)
- Very fast load time for CGI and scripts
- Uses only very essential UNIX libs found on the smallest systems
- Makefiles for FreeBSD, NetBSD, OpenBSD, Mac OS X, LINUX, SOLARIS, TRU64, Win32.
- Embeddable
- Shared library versions for all Platforms (.so, .dylib, .dll)
- International
- UTF-8 and Unicode support compile flavors
- Enterprise
- fully documented
- support via responsive community
- Modules in isolated namespaces
- Automatic generation of source code API documentation using newLISPdoc utility (similar to javadoc).
- New and changed functionality: New reader-event specifies an event handler to translate expressions as they are read by newLISP when loading source. This can be used to create a reader, rewrite macro facility
- Changes and additions in external files:
-
- The SQLite sqlite3.lsp module has been expanded with parameter binding fucntionality for safer ussage of the database in web applications, where the danger of SQL injection exists. Bug fixes
- The new module macro.lsp implements a rewrite macro facility
- Bug fixes:
-
- The inf return value in floating point opertions is now signed (v.10.1.6): (div -1 0) ? -inf
- mod now returns NaN when the divisor (second argument) is 0 (v.10.1.6): (mod 10 0) ? NaN
- Memory was not freed correctly when using starts-with/ends-with with regular expressions
- Under some circumstances nil and true could confuse the sort and unique functions
Networking functions: TCP/IP, UDP, HTTP, ICMP (in net-ping) XML functions. Advanced Math and classic Statistics functions. Bayesian Statistics functions. Financial functions. Date and timeLicense:GPL
GrouchySmurf 1.0b
GrouchySmurf is a Mac port of the well known ICMP broadcast attack, also known as Smurf more>>
GrouchySmurf was the first release of a ICMP broadcast attack port for the macintosh.
An ICMP broadcast attack is a strong type of Denial of Service and is illegal. It should only be used against your own networks to test for vulnerable routers and for DDoS vulnerability.
This software can be used for good uses (personal testing of your own servers vulnerabilities, etc) or bad uses (flooding someone off the net, causing bsods (blue screen of death), crashing the machine, slowing down servers, etc).
ISH 0.2
Free and open source telnet-like protocol for your Mac more>> Free and open source telnet-like protocol for your Mac
ISH allows users to connect to a remote host and to open a shell using only ICMP to send and receive data. ICMP Shell is developed in C for the UNIX environment.
The ISHELL server is run in daemon mode on the remote server. When the server recieves a request from the client it will strip the header and look at the ID field, if it matches the server then it will pipe the data to "/bin/sh". It will then read the results from the pipe and send them back to the client and the client prints the results to stdout.
Enhancements:
- Fixed a compiling problem that was encountered on some Solaris machines
- Changed AF_LOCAL to AF_UNIX in ish_open functions
- Rearranged headers in ishell.h
- Changed u_intXX_t variables to uintXX_t
Cocoa Packet Analyzer 0.65
Cocoa Packet Analyzer is developed to be a useful native Mac OS X implementation of a network protocol analyzer and packet sniffer, which supports the industry-standard PCAP packet capture format for reading, capturing and writing packet trace files. more>>
Cocoa Packet Analyzer 0.65 is developed to be a useful native Mac OS X implementation of a network protocol analyzer and packet sniffer, which supports the industry-standard PCAP packet capture format for reading, capturing and writing packet trace files.
Major Features:
- Basic packet capturing (libPCAP/ tcpdump filter expressions can be used).
- Analyze and display packet trace files.
- Supports PCAP packet capture format.
- Quicklook plugin included - its basic but at least you can get an overview over packet trace files in finder.
Supported Types and Protocols:
- Ethertype ARP
- Ethertype IP (v4/ v6)
- Ethertype PPP
- Ethertype PPPoED/S
- Ethertype 802.1Q VLAN
- Linktype Loopback
- Linktype PPP
- IP-Protocol IP
- IP-Protocol TCP
- IP-Protocol UDP
- IP-Protocol ICMP
- IP-Protocol IGMP
- IP-Protocol L2TP
- PPPoE Discovery and Sessionstages
- PPP-Protocols: IP, LCP, IPCP, CCP, PAP, CHAP
- L2TP-Protocol (port based detection)
- RADIUS-Protocol (port based detection)
- SIP-Protocol (third party analyzer plugin)
Enhancements:
- added an option to save find queries.
- fixed some small memory leaks.
- optimized document types.
IP-Protocol ICMP. IP-Protocol IGMP. IP-Protocol L2TP. PPPoE Discovery and Sessionstages. PPPLicense:Freeware
License:Freeware
PPPoED/S, IP-Protocol TCP, IP-Protocol UDP, IP-Protocol ICMP, IP-Protocol IGMP, IP-Protocol IP, PPPoE Discovery and Sessionstages, PPP-Protocols: IP, LCP, IPCP, CCP, PAP, CHAP, L2TP-ProtocolLicense:Freeware
IP - Ethertype PPPoED/S - IP-Protocol TCP - IP-Protocol UDP - IP-Protocol ICMP - IP-Protocol IGMP - IP-Protocol IP Enhancements: - Added radius protocol. L2TP AVPs: can occur more than one timeNetstorm 0.25
Free and open source network security tester more>> Free and open source network security tester
Netstorm is a highly flexible and fast network security and reliability tester that will help you to setup real world low level flood attack scenarios (such as MITM, DoS and DDoS) within a local area network and on the internet.
Main features:
- Platform independent
- Anonymous ARP-Reply attacks
- Anonymous ICMP-Echo attacks (IPv4 and IPv6)
- Anonymous TCP-SYN attacks (IPv4 and IPv6)
- Window based TCP-RST attacks (IPv4 and IPv6)
- Anonymous UDP attacks (IPv4 and IPv6)
- Random or fixed packet count and or attack duration
- Random or fixed send delay for breaking flood detections
- Pattern based packet address configuration
- Intelligent address and address protocol detection
- Address adequate, wildcard based, randomization
- Packet data injection (Random buffering or file based)
- Daemon for setting up controlled DDOS-Attack networks
Enhancements
- Added TCP-ACK attack
- Updated documentation
- Fixed TCP acknowledgement number generation
- Set TCP window field to 0 on TCP-RST attacks
hping2 2.0.0 RC3
Free command-line oriented TCP/IP packet assembler/analyzer more>> Free command-line oriented TCP/IP packet assembler/analyzer
hping2 is an interactive packet costructor and responses analyzer that uses the same CLI of the ping program (but with a lot of extensions).
hping2 can be used to performs a lot of tasks, like testing of firewall rules, (spoofed) port scanning, et cetera.
The interface is inspired to the ping(8) unix command, but hping isnt only able to send ICMP echo requests.
hping2 supports TCP, UDP, ICMP and RAW-IP protocols, has a traceroute mode, the ability to send files between a covered channel, and many other features.
hping2 is multi-platform and works on the following OSs: Mac OS X, Linux, FreeBSD, NetBSD, OpenBSD, Solaris, Windows.
Main features:
- Firewall testing
- Advanced port scanning
- Network testing, using different protocols, TOS, fragmentation
- Manual path MTU discovery
- Advanced traceroute, under all the supported protocols
- Remote OS fingerprinting
- Remote uptime guessing
- TCP/IP stacks auditing
- hping can also be useful to students that are learning TCP/IP.
Zenoss Core 2.4.1
Enterprise network and systems management application written in Python/Zope. more>> Enterprise network and systems management application written in Python/Zope.
Zenoss Core is an enterprise network and systems management application written in Python/Zope.
Zenoss provides an integrated product for monitoring availability, performance, events and configuration across layers and across platforms.
Zenoss Core is an easy to use IT monitoring and management software designed for Systems Administrators. Zenoss Core provides centralized and customizable dashboards to support the needs of companies of all sizes.
Zenoss Core is easy to implement and maintain and offers functionality that was previ- ously only available from expensive and non-integrated proprietary software vendors. Zenoss Core is reliable, scalable and affordable.
Zenoss Core is an award-winning open source IT monitoring product that delivers the functionality to effectively manage the configuration, health and performance of networks, servers and applications through a single, integrated software package.
Zenoss Core is being used by over 4,000 companies around the world, from small to medium sized enterprises to large global 2,000 corporations.
Supported monitoring targets:
- SNMP, any IP-addressable Device
- Windows, WMI and PerfMon
- Syslog
- Plug-in Support for any Secure Shell: Native or Custom
Main features:
Configuration Management Database (CMDB)
- First open source CMDB on the market
- Population through auto-discovery, web services API, XML import/export,and manual user input
- Modeling of entire environment including networks, servers, software, andapplications
Inventory and Change Tracking
- Scheduled automatic or manual discovery
- Automatic change history and detection
- Ability to import IT Component information from outside resources
Network Monitoring
- Flash based representation of your networks layer 3 topology
- Icon based device representation for Linux and Windows devices
- Google Maps Mashup for your WAN availability and performance monitoring
Availability Monitoring
- ICMP, SNMP, TCP/IP testing with intelligent suppression of alerts based on layer3 network dependencies
- Windows/Linux and Unix service and process availability testing
- Generate events based on availability issues
Performance Monitoring
- Scheduled collection and storage of SNMP OID values with support for Nagiosand Cacti performance collection scripts
- Provides performance metrics on Java wrappers for applications, services,components, and devices in a distributed network with Java Management Extension (JMX) Performance Collection for managed objects (MBeans)
- Ability to set multiple threshold levels on a specific metric
Event Management, Log Monitoring and Alerting
- Aggregation of events from various sources: availability monitoring, performance monitoring, syslog sources, SNMP trap sources, Windows Event log
- Ability to build event processing rules through GUI interface
- Layer 3 aware alerting to minimize "Alarm Fatigue"
- Web Portal, Dashboard and Reporting
- Rich Ajax-Enabled user interface with role based permissions
- Drag and Drop fully customizable dashboard
- Customizable and powerful reports that can be shared via e-mail
System requirements:
- 2GB RAM.
- 20 GB free disk space.
Enhancements
- Zenoss Setup Wizard, which guides you through initial system configuration and device addition.
- Additional, simplified method for adding devices.
- Ability to implement remote SSH monitoring (requires ZenPack creation following provided example information).
- Reporting normalization.
- Over 70 community-contributed ZenPacks .
- Expanded documentation, including the Zenoss Extended Monitoring guide.
for your WAN availability and performance monitoring Availability Monitoring - ICMP, SNMP, TCP/IP testing with intelligent suppression of alerts based on layer3 network dependencies - WindowsLicense:GPL
PeerGuardian 1.5.1
Security tool for P2P clients more>> Security tool for P2P clients
PeerGuardian is Phoenix Labs premier IP blocker for OS X. PeerGuardian integrates support for multiple lists, list editing, automatic updates, and blocking all of IPv4 (TCP, UDP, ICMP, etc), making it the easiest and safest way to protect your privacy on P2P.
A PeerGuardian widget is included.
NOTE: PeerGuardian is licensed and distributed under the terms of the GNU General Public License (GPL) and zlib/libpng License.
System requirements:
-
Enhancements
- Bug Fix: Missing lists in global status app and/or the main GUI app.
- Bug Fix: possibility of allow lists to being ignored in the kernel filter (dependent on load order).
- Other minor bug fixes.
lists, list editing, automatic updates, and blocking all of IPv4 (TCP, UDP, ICMP, etc), making it the safest and easiest way to protect your privacy on P2P. A PeerGuardian widget is included. EnhancementsMac Analysis 2.3.2
Avoid security breeches on servers. more>>
MacAnalysis also has functions such : LiveUpdate support, Trace IP, Ping, NameScan, Port Scan, Service Scan, NS lookup, System Information, Finger, Whois, ReverseIP, Traceroute, Looking Glass, OS Fingerprinting, Brute Force,Nph-Browser, Proxy Support, Network Info, ICMP logger, DUP Broadcast Scanner, and Telnet client .
Layer Four Traceroute 3.1
LFT (Layer Four Traceroute) is a sort of traceroute that often works much faster than the commonly-used Van Jacobson method and goes through many configurations of packet-filter based firewalls more>>
Layer Four Traceroute 3.1 offers you a useful network administration tool which often works much faster than the commonly-used Van Jacobson method and goes through many configurations of packet-filter based firewalls. More importantly, LFT implements numerous other features, including TCP, UDP, and ICMP trace methods, AS number lookups through several reliable sources, loose source routing, netblock name lookups, and more.
LFT also distinguishes between TCP-based protocols, which make its statistics slightly more realistic, and gives a savvy user the ability to trace protocol routes, not just layer-3 hops. Also includes WhoB, a whois client designed specifically for network engineers.
For example, rather than only launching UDP probes in an attempt to elicit ICMP "TTL exceeded" from hosts in the path, LFT can send TCP SYN or FIN probes to target arbitrary services. Then, LFT listensBlade Finder RSS Viewer 1.0
Blade Finder RSS Viewer - Subscribe to and view the Blade Finder product RSS feed in your Macs Dashboard more>> XMonitor is a real-time computer, email, and remote host monitoring application for Mac OS X.
XMonitor allows you to easily monitor your disk, cpu, ram and network usage, PPP status, IP address, Email, and more. XMonitor can also monitor the status of up to 25 remote servers via http or ICMP ping requests. XMonitor can automatically generate HTML reports of past and current activity and graph past performance for up to 30 days.
XMonitor is Free Software distrubuted under the Free Software Foundations GPL.<<less
FFT for OSX 1.9.9b6
Alternative traceroute program. more>>
As a result, FFT often executes much faster and sees behind some configurations of packet- filter based firewalls. FFT has been around since 1998, but this is its first release on Darwin/MacOSX.
LFT 2.5
LFT brings a comprehensive, user friendly network tool. more>>
LFT 2.5 brings a comprehensive, user friendly network tool. LFT, short for Layer Four Traceroute, is a sort of 'traceroute' that often works much faster (than the commonly-used Van Jacobson method) and goes through many configurations of packet-filter based firewalls. More importantly, LFT implements numerous other features including AS number lookups, loose source routing, netblock name lookups, et al.
What makes LFT unique? Rather than launching UDP probes in an attempt to elicit ICMP TIME_EXCEEDEDs from hosts in the path, LFT accomplishes substantively the same effect using TCP SYN or FIN probes. Then, LFT listens for TIME_EXCEEDED messages, TCP RESET, and various other interesting heuristics from firewalls or other gateways in the path. LFT also distinguishes between TCP-based protocols (source and destination), which make its statistics slightly more realistic, and gives a savvy user the ability to trace protocol routes, not just layer-3 (IP) hops.
HenWen 2.1.2
HenWen - Network security package runs Snort. more>>
HenWen is a software with only one goal - to simplify setting up and maintaining software that will scan network traffic for undesirable traffic a firewall may not block.
Everything you need to have is bundled in; there is no compiling or command line use necessary. A NIDS has a number of practical uses on a network. For people that use Mac OS X Server or otherwise provide network services with their Macs, a NIDS will inform the administrator that someone from a specific place on the network is trying to scan the server for possible vulnerabilities, or try to compromise security.
A NIDS can also scan the network for bad TCP or ICMP traffic, or traffic that suggests someone on the network (or the local computer) is trying to do something that the network administrator does not want them doing (ie. trading pirated software or using software theyre not supposed to be using).
While a NIDS is mainly used by network administrators, a NIDS is also a useful thing for home users to have as well, especially for home users who are always connected to the Internet and/or have a home network installed.
Enhancements:
- Restored compatibility with Mac OS X 10.2.x.
- Fixed a problem which made it impossible to edit variables and rules under Mac OS X 10.4.x.
- The "Launch Snort as a startup item" menu item works again under Mac OS X 10.4.x.
- Page: 1 of 1
- 1
