|
Network Chemistry Packetyzer
|
|
Hits: 9 |
|
Date added: 12/05/2006 |
|
Network Chemistry Packetyzer
Packetyzer provides a Windows user interface for the well known Ethereal packet capture and dissection library. Ethereal is used by network professionals around the world for troubleshooting, analysis, software and protocol development, and education. It has all of the standard features expected in a protocol analyzer, and several features not otherwise available. Network Chemistry has taken advantage of its open source license to add a Windows front end to extend its use. |
|
|
|
|
|
Nmap 3.8 for USB
hot!
|
|
Hits: 90 |
|
Date added: 11/24/2006 |
|
Nmap is a free open source tool used for network exploration and vulnerability auditing. Using Nmap a user can quickly scan large networks as well as target specific hosts. Nmap uses IP packets in unique ways to figure ouw what hosts are available on a given network and can determine what operating system it is running as well as determine what services (including versions) it is running and can also discover what type of packet filters and firewalls are in use. Recent versions have been modified to run straight from a USB flash drive |
|
|
|
|
|
|
TXDNS
|
|
Hits: 24 |
|
Date added: 11/22/2006 |
|
TXDNS is a Win32 aggressive multithreaded DNS digger. Capable of placing, on the wire, thousands of DNS queries per minute. TXDNS main goal is to expose a domain namespace trough a number of techniques:
> Typos
> TLD rotation
> Dictionary attack
> Brute force
TXDNS may be used to:
1.Fill the reconnaiscence gap left due to DNS servers hardening, as dns-zone transfers are much like to fail.
2.Dig a given domain name for possible phishing variations based on common well-know typo algorithms and return dns queries on both used and not used names.
3.Stress-test DNS servers due is configurable aggressive behaviour.
TXDNS provides some cool options, such as:
1.Perform queries only for a given Resource Record type:
A, CNAME, HINFO, NS, TXT SOA
1.Perform non-recursive queries
2.Perform queries against a given DNS server |
|
|
|
|
|
PLA
|
|
Hits: 4 |
|
Date added: 11/18/2006 |
|
PIX Logging Architecture is a free and open-source project allowing for correlation of Cisco PIX Firewall Traffic and IDS Logs. PIX Log message parsing is performed through the use of the PLA parsing module or PLA Msyslogd module. Centralization of the logs is provided using a MySQL database, supported by a Web-based frontend for Log Viewing, Searching, and Event Management. PIX Logging Architecture is completely coded in the Perl programming language, and uses various Perl modules including Perl::DBI and Perl::CGI.
The PIX Logging Architecture parsing module, which is responsible for extracting the necessary fields from the PIX system log messages, gather information including, but not limited to, Translations (Xlate's), Informative Log Messages (i.e. PIX Failover, PIX VPN Establishment, PIX Interface Up/Down, PIX PPPoE VPDN establishment and the like). All the parsing information needed by the PLA Parsing Daemon (pla_parsed) in order to extract data from the logs is stored in the database, allowing for easy updates of the supported log messages without having to replace the parsing scripts.
The PLA Parsing Daemon runs as a daemonized Perl process in the background and reads straight and in quasi real-time from the system log files, so no more need to create crontab jobs like before and having to restart syslogd all the time.
Parse-Time Filtering:
With the PIX Logging Architecture v2.00 version comes the ability to perform parse-time filtering. Parse-time filtering allows you to use the PLA web interface to define traffic which you do not wish you log (i.e. between specific IP pairs and ports, on specific protocols, on specific firewalls). The PLA Parse Daemon (pla_parsed) then checks the incoming firewall logs and will exclude any traffic which matches the parse-time filters. Using these parse filters allows to keep tabs on the database size and prevents you from having to log all data.
Here's a summary of what you need to run PIX Logging Architecture v2.00 Beta 1:
1.Cisco PIX Firewall or FireWall Services Module
2.Logging host with syslog
3.Perl (and several Perl modules)
4.MySQL Database
5.Apache Web Server
6.PIX Logging Architecture (PLA) Parsing Daemon
7.(included in PLA v2.00 Beta 1 package) PIX Logging Architecture (PLA) Database SQL File
8.(included in PLA v2.00 Beta 1 package) PIX Logging Architecture (PLA) Web-based Front End
(included in PLA v2.00 Beta 1 package)
|
|
|
|
|
|
|
PIX Checksum DoS
|
|
Hits: 8 |
|
Date added: 11/13/2006 |
|
This is a proof of concept program that demonstrates the vulnerability of Cisco PIX devices to a Denial of Service attack using a spoofed bad checksum packet. |
|
|
|
