[bglug] Ettercap ... e sniffare !

|k|b|s| bglug@lists.linux.it
Tue, 30 Jul 2002 17:40:58 +0200


Fernando Figaroli wrote:

> Per quanto riguarda l'OT .. si parla comunque di un software di Linux 
> ..OpenSurce..
Naturalmente, per cui ti consiglio di provare:


Sniffers and Network Analyzers

ipgrab.tgz - another libpcap based sniffer that provides verbose, but 
easy-to-read protocol decodes
ipaudit.tgz - contains two pcap monitoring tools (ipstrings and ipaudit)
nstreams.tgz - another libpcap network monitor that identifies streams 
(IPs endpoints & protocols)
ngrep.tgz - applies regexes to network traffic, besides being a general 
purpose sniffer
iptraf.tgz - a curses-based network analysis tool
pof.tgz - performs passive OS detection
sniffit.tgz - command-line/menu driven sniffer
dsniff.tgz - a sniffer and much more including SSH,SSL,TCP hijacking
utcpdump.tgz
angst.tgz - a "active" sniffer for capturing packets on switched LANs
ettercap.tgz - A curses-based sniffer that utilizes ARP spoofing to 
sniff across switches.
vomit.tgz - pcap based sniffer for decoding Cisco IP Phone conversations.
trafshow.tgz - a nice curses monitoring program for viewing active hosts 
Network

Mapping/Vulnerability Scanning

The following tools are useful for discovering network and system 
vulnerabilities. These are active security tools that probe systems and 
can be easily detected by IDS. Use of these tools may violate your 
organization's security policy. While none of these tools attempt to 
exploit vulnerabilities, these tools could crash servers or network 
devices. Use with caution.
arping.tgz - sends ARP and/or ICMP requests to determine if a 
host/interface is active
scanners.tgz - a dozen tools (many taken form SAINT/SARA) for 
discovering application-layer vulnerabilities in protocols such as FTP, 
HTTP, NFS/RPC, DNS, and more.
winscan.tgz - NetBIOS scanners including ADM-smb, nbtscan, and nbtstat
icmpenum.tgz - probes networks using ICMP echo/timestamp
firewalk.tgz - useful for determining the ACLs that are in place on a 
firewall/router.
telnetfp.tgz - conducts OS fingerprinting based on Telnet escape sequences.
xprobe.tgz - implements the ICMP fingerprinting techniques of Ofir Arkin

Da trinux.org

-- 
MPO about Windows? format C: /autotest
|k|b|s|  kbs(at)bglug.it