Ports 搜索

NetSPoC is a tool for security managment of large computer networks with different security domains. It generates configuration files for packet filters controlling the borders of security domains. NetSPoC provides its own language for describing security policy and topology of a network. The security policy is a set of rules that state which packets are allowed to pass the network and which not. NetSPoC is topology aware: a rule for traffic from A to B is automatically applied to all managed packet filters on the path from A to B. Currently NetSPoC generates ACLs and static routing entries for Cisco routers and PIX firewalls. Support for network address translation and IPSec has not been implemented yet.

To ease the task of network administration, decrease the likelihood of erronous command execution and to maintain all network services from a central point, EnderUNIX SDT anounces the availability of its 9th open-source tool, netUstad. It has been coded in C language and includes its own HTTP server. The newly anounced version provides a web interface for system administrators to add/delete/update FreeBSD IPFW and Linux IpTables rulesets, manage routing table and network interfaces. You can manage your Firewall via a TCP/IP connected remote PC, easily. Project Page:

This program is a lightweight access- and prefix-list generator for Cisco routers and GateD/Zebra. Access lists are generated based on RADB/RIPE data. This tool is not so powerful as RAToolSet, but has some features missing in RAToolSet, such as optional filtering of more specific routes in the same AS or acl string aggregation; also, it does not requires Tcl/Tk to be installed.

The OpenLLDP project aims to provide a comprehensive implementation of the IEEE standard 802.1AB Link Layer Discovery Protocol. LLDP is an industry standard protocol designed to supplant proprietary Link-Layer protocols such as Extreme's EDP (Extreme Discovery Protocol) and CDP (Cisco Discovery Protocol).

TkTopNetFlows - GUI tool for NetFlow data visualisation. Written as Perl and Tcl/Tk scripts. It need Blt & Tktable extension for Tcl and Cflow extension for Perl. Netflow data is expected to be collected by flow-capture from flow-tools package.

from the README: Passive OS fingerprinting is based on information coming from a remote host when it establishes a connection to our system. Captured packets contain enough information to identify the operating system. In contrast to active scanners such as nmap and QueSO, p0f does not send anything to the host being identified. For more information, read Spitzner's text at: http://www.enteract.com/~lspitz/finger.html . from the maintainer: Use of this program requires read access to the packet filtering device, typically /dev/bpf0. Granting such access allows the users who have it to put your Ethernet device into promiscuous mode and sniff your network. See http://www.infoworld.com/articles/op/xml/00/05/29/000529opswatch.xml if you do not understand how this can be harmful. Running p0f with no options will cause it to analyse packets intended for other hosts.

Packit is a network auditing tool. Its value is derived from its ability to customize, inject, monitor, and manipulate IP traffic. By allowing you to define (spoof) nearly all TCP, UDP, ICMP, IP, ARP, RARP, and Ethernet header options, Packit can be useful in testing firewalls, intrusion detection systems, port scanning, simulating network traffic, and general TCP/IP auditing. Packit is also an excellent tool for learning TCP/IP.

PADS is a signature based detection engine used to passively detect network assets. It is designed to complement IDS technology by providing context to IDS alerts. Goals: * Passive: Records and identifies traffic seen on a network without actively "scanning" a system. There will never be a packet sent from the pads applications. * Portable: Has the ability to be placed easily on a remote system. Does not require additional external libraries other than those associated with libpcap. * Lightweight: Logging is sent to a simple CSV file. There is no need for a database or other data repository installed on the local machine. All correlation is done outside of the pads program.

A simple program designed to send 'Cisco Discovery Protocol' and 'Link Layer Discovery' packets on network.

The pftabled daemon is a small helper to make your pf tables reachable from other hosts. You can add/delete/flush IP addresses to/from a remote table with a single UDP datagram. A simple client program is included to do this from the command line.