tcpslice is a tool for extracting portions of packet trace
files generated using tcpdump's -w flag.
The basic operation of tcpslice is to copy to stdout all packets
from its input file(s) whose timestamps fall within a given range.
The tcpsplit utility breaks a single libpcap packet trace into some number
of sub-traces, breaking the trace along TCP connection boundaries so that
a TCP connection doesn't end up split across two sub-traces. This is useful
for making large trace files tractable for in-depth analysis and for
subsetting a trace for developing analysis on only part of a trace.
tcptrace is a TCP connection analysis tool. It can tell you detailed
information about TCP connections by sifting through dump files.
The dump file formats supported are:
Standard tcpdump format (you need the pcap library)
Sun's snoop format
Macintosh Etherpeek format
HP/NetMetrix protocol analysis format
NS simulator output format
NetScout
NLANR Tsh Format
To see the graphs, you'll also need Tim Shepard's xplot program,
available at http://www.xplot.org
TCPWatch is a utility written in Python that lets you monitor forwarded TCP
connections or HTTP proxy connections. It displays the sessions in a window
with a history of past connections. It is useful for developing and debugging
protocol implementations and web services.
tcptraceroute is a traceroute implementation using TCP packets.
The more traditional traceroute(8) sends out either UDP or ICMP ECHO packets
with a TTL of one, and increments the TTL until the destination has been
reached. By printing the gateways that generate ICMP time exceeded messages
along the way, it is able to determine the path packets are taking to reach the
destination.
The problem is that with the widespread use of firewalls on the modern Internet,
many of the packets that traceroute(8) sends out end up being filtered, making
it impossible to completely trace the path to the destination. However, in many
cases, these firewalls will permit inbound TCP packets to specific ports that
hosts sitting behind the firewall are listening for connections on. By sending
out TCP SYN packets instead of UDP or ICMP ECHO packets, tcptraceroute is able
to bypass the most common firewall filters.
tcpxd is a general purpose TCP/IP relay program designed
to be simple to get going, requiring only three parameters;
the port to listen on, the host to forward to, and the port
on that host to connect to.
tdetect detects someone running traceroute against your system.
It does this by detecting UDP (Unix traceroute) or ICMP ECHO (Windows
traceroute) packets with TTL fields == 1.
Enhanced version of VNC, called TightVNC (grown from the VNC Tight Encoder
project), which is optimized to work over slow network connections such as
low-speed modem links. While original VNC may be very slow when your
connection is not fast enough, with TightVNC you can work remotely almost
in real time in most environments. Besides bandwidth optimizations,TightVNC
also includes many other improvements, optimizations and bugfixes over VNC.
Note that TightVNC is free, cross-platform and compatible with the standard
VNC.