Tumblelog by Soup.io
Newer posts are loading.
You are at the newest post.
Click here to check if anything new just came in.

September 09 2011

July 20 2011

How to kill a TCP connection using netstat

You cannot kill a TCP connection using netstat utility. netstat is use for

Display network connections
Routing tables
Interface statistics
Masquerade connections
Multicast memberships
And much more

However Linux support two other commands or utility that can be used to kill a TCP connection.

May 26 2011

May 23 2011

Introduction to scapy - Packet Life

scapy is a Python framework for crafting and transmitting arbitrary packets. I've used scapy in labs for my articles a few times before, but today we'll be looking at scapy itself and why it's an invaluable component of every networker's virtual toolbox.

April 11 2011

streams - Play with pcap files

streams is a tool for browsing, mining and processing TCP streams in pcap files. It provides a command line prompt for filtering, selecting and dumping reassembled session data. It can further invoke external tools to pipe stream data through.

December 14 2010

September 12 2010

GNS3 | Graphical Network Simulator

GNS3 is a graphical network simulator that allows simulation of complex networks.

To allow complete simulations, GNS3 is strongly linked with :

* Dynamips, the core program that allows Cisco IOS emulation.
* Dynagen, a text-based front-end for Dynamips.
* Qemu, a generic and open source machine emulator and virtualizer.

GNS3 is an excellent complementary tool to real labs for network engineers, administrators and people wanting to pass certifications such as CCNA, CCNP, CCIP, CCIE, JNCIA, JNCIS, JNCIE.

It can also be used to experiment features of Cisco IOS, Juniper JunOS or to check configurations that need to be deployed later on real routers.

This project is an open source, free program that may be used on multiple operating systems, including Windows, Linux, and MacOS X.
Reposted bysicksinopalodefuego

Juniper Clue

Have Juniper routers? Have clue or need clue? If so, this site is for you.

Juniper Clue seeks to provide a compendium of useful knowledge, from the field, about Juniper products. This site is neither affiliated with nor endorsed by Juniper Networks. All users are encouraged to contribute by making edits to pages, see Help:Editing for more information.

July 14 2010

Yersinia is a network tool designed to take advantage of some weakeness in different network protocols

Yersinia is a network tool designed to take advantage of some weakeness in different network protocols. It pretends to be a solid framework for analyzing and testing the deployed networks and systems.


Scapy is a powerful interactive packet manipulation program. It is able to forge or decode packets of a wide number of protocols, send them on the wire, capture them, match requests and replies, and much more. It can easily handle most classical tasks like scanning, tracerouting, probing, unit tests, attacks or network discovery (it can replace hping, 85% of nmap, arpspoof, arp-sk, arping, tcpdump, tethereal, p0f, etc.). It also performs very well at a lot of other specific tasks that most other tools can't handle, like sending invalid frames, injecting your own 802.11 frames, combining technics (VLAN hopping+ARP cache poisoning, VOIP decoding on WEP encrypted channel, ...), etc.

perihel - closer to the sun

Mausezahn is a free fast traffic generator written in C which allows you to send nearly every possible and impossible packet. It is mainly used to test VoIP or multicast networks but also for security audits to check whether your systems are hardened enough for specific attacks.

June 14 2010

Test your IPv6.

Test your IPv6 connectivity.
Reposted byfaselipv6-groupMiGriathalis

April 08 2010

pwnat - NAT to NAT client-server communication

pwnat, pronounced "poe-nat", is a tool that allows any number of clients behind NATs to communicate with a server behind a separate NAT with *no* port forwarding and *no* DMZ setup on any routers in order to directly communicate with each other. The server does not need to know anything about the clients trying to connect. Simply put, this is a proxy server that works behind a NAT, even when the client is behind a NAT, without any 3rd party.

October 11 2009

Lava's IPv6 VLSM / CIDR Reference Chart

# Useable addresses: Network size minus two for Network & Broadcast and: # IPv6 uses 8 sets of 4 hex values, 16 bits each (128bit total) # /48 ISP "site assignments" have 65k possible subnets: bourne$ for a in {1..65536}; do printf "%04X\n" $a; done # Withing a /48, any combination of /49 ---> /64 are valid supernets (departmental, facility, function, other organizational model): $ ipv6gen 2001:0DC6:FF2B::/48 63|more # ...normally three or four more hosts are used for: 1) Switch VLAN1 2) Router Interface or 3) Two HSRP interfaces at .253 & .254 # "Route Summarization" = "Route Aggregation" = "Supernetting" # "terminal ip netmask-format [bitcount|decimal|hex]" on Cisco IOS to show netmasks as Dotted Decimal v.s. Hex # Print this document and keep on wall in cubical at all times. Memorize for fun. Quiz your spouse, offspring, inlaws, etc. # #include <std/disclaimer.h> in the event that a typo within snowballs your entire corporate network

August 26 2009

TAHI Project

Test and Verification for IPv6. Since 1998

August 24 2009

The BIRD Internet Routing Daemon Project

The BIRD project aims to develop a fully functional dynamic IP routing daemon primarily targetted on (but not limited to) UNIX-like systems and distributed under the GNU General Public License. 24.08.2009 - New release 1.1.2! Important core bug fixed - BIRD used as route server in LoNAP and NIX.CZ. What do we support: * Both IPv4 and IPv6 (use --enable-ipv6 when configuring) * Multiple routing tables * BGP * RIP * OSPF (IPv4 only) * Static routes * Inter-table protocol * Command-line interface (using the `birdc' client; to get some help, just press `?') * Soft reconfiguration -- no online commands for changing the configuration in very limited ways, just edit the configuration file and issue a `configure' command or send SIGHUP and BIRD will start using the new configuration, possibly restarting protocols affected by the configuration changes * Powerful language for route filtering

August 19 2009

July 28 2009

Multiple-port knocking Netfilter/IPtables only implementation

There are several methods of implementing port knocking (the sophisticated project Knockd for instance). Here we'll demonstrate a very simple means of achieving the port-knocking effect using nothing more than netfilter, or iptables, rules. You will need the iptables "recent" module compiled in you kernel or as a module - we've previously introduced using this to rate-limit incoming connections with the recent module.

June 18 2009

Slowloris HTTP DoS

Slowloris holds connections open by sending partial HTTP requests. It continues to send subsequent headers at regular intervals to keep the sockets from closing. In this way webservers can be quickly tied up. In particular, servers that have threading will tend to be vulnerable, by virtue of the fact that they attempt to limit the amount of threading they'll allow. Slowloris must wait for all the sockets to become available before it's successful at consuming them, so if it's a high traffic website, it may take a while for the site to free up it's sockets. So while you may be unable to see the website from your vantage point, others may still be able to see it until all sockets are freed by them and consumed by Slowloris. This is because other users of the system must finish their requests before the sockets become available for Slowloris to consume. If others re-initiate their connections in that brief time-period they'll still be able to see the site.
Older posts are this way If this message doesn't go away, click anywhere on the page to continue loading posts.
Could not load more posts
Maybe Soup is currently being updated? I'll try again automatically in a few seconds...
Just a second, loading more posts...
You've reached the end.

Don't be the product, buy the product!