Generates IP/TCP/UDP/ICMP packets, with a curses interface
Generates TCP/IP packets with a scripting language
Module generates TCP/IP packets by a shell pipe (IP, TCP, UDP)
Karyl F. Stein)
Touch of Death. Is able to kill connections, if used with
Send and receive UDP Packets
Network Scanning and Diag
good Port scanning tool which supports all well-known methods. On the namp Page is a link list of other scanning tools, too.
Collection of Diagnosis Tools: strobe, tcpspray, trafshow, statnet, netwatch, tcpblast and netload. Source can be found on all Debian Mirrors in source/net/netdiag*.tar.gz
from Hobbit -
Swiss Army Knife for TCP and UDP (like socket). Simple Port
Scanner, simple Port redirector and simple access to sockets from Scripts.
LAN statistic utility for Linux
Beholder, The Next Generation RMON compliant Ethernet monitor
A Linux Security Toolkit. Boot-Disks with some Scan/Sniff Tools
SMB Network Analysis Tool (1.0 and 2.0beta)
ADM smb is a security scanner for Samba/LAN Manager Server Message Blocks/Window Shares from the ADM CreW
a simple TCP Portscanner
MCI's DOSTracker can recognize and trace quite a few Deny-Of-Service Attacks on CISCO Networks back to the entry point of the attack.
Queso identifies operating systems via the TCP packet signature
SMB (Windows Share) Scanner by !Hispahack
can visualize amount of traffic on IP networks between hosts
Scanner with Web Frontend from Dan Farmer and Wietse Venema (look at his papers and tools)
a security Scanner for Linux, *BSD*, Solaris and NT with different Frontends like Java and GTK
Modular Linux Scanner Uses a user-friendly Curses GUI
scanner based on Satan (not realy free)
a Un*x host security tool from Dan Farmer
'tiger' is a set of scripts from TAMU that scan a Un*x system looking for security problems, in the same fashion as Dan Farmer's COPS.
The main goal of the HUNT project is to develop a tool for
exploiting well known weaknesses in the TCP/IP protocol suite.
It implements some "new" features which apparently are not
available in any other free product.
Uses libcap to capture network packets
Packet Sniffer (Brecht Claerhout)
offline protocol analyser for tcpdump ([html] Peter Tobias)
reformats tcpdump output ([mail] Mike Ryan)
List of software in the Internet Traffic Archive, used to analyse, simulate and anonymize traffic
CMUs Network Monitoring Tool. Note: Argus 1.7 is ported to a lot of architectures, but it is not Free anymore.
A Gtk based sniffer with a nice GUI, well suited for ARP monitoring
it's a utility that lets you capture and analyze network traffic. Based on GTK.
IP Accounting Frontend to ipfwadm
TAMUs network logging toolkit [dir] including logging monitors for UDP and TCP, an extractor, and [txt] netwatch a real time network monitor
KSniff is a packet sniffer/analyzer developed for the KDE
project which supports plugins written in TCL.
Netwatch allows a user to monitor an Ethernet segment or PPP
line and examine activity on the network.
IP Filter, NAT, VPN, IP encryption
Crypted IP Encapsulation (Daemon and Module for Linux). Very lightweight secure VPN Solution by Olaf Titz
(TCP/IP Packet Filtering package for *BSD* based Systems and Linux including NAT, transparent Proxies and statefull screening.
for Linux and winmasq
the win32 frontend from Jaume Miralles.
about Linux build in packet filter by Jos Vos.
the new Linux IP Filter
The Linux FreeS/Wan Project
with IPSEC, ISAKMP/Oakley and DNSSEC
dynamic statefull packet filter for Linux.
Linux IP-NAT Forum
real RFC NAT with Linux 2.0 from Michael Hasenstein
VPN for OpenBSD
in the current-tree of OpenBSD you can find a IPsec implementation
and a photurisd key management daemon. This is documented in [html] vpn(8).
Tunnel PPP over an arbitrary TCP connection
PPP on top of SSH
simple scripts to build a VPN based on SSH
TAMU's Filtering Bridge, a firewall Solution. Old Versions where running on DOS, the current version [dir] is running on FreeBSD.
Virtual Private Server for building VPNs based on PPP-over-SSH
The GNU Privacy Guard, a free PGP (2.6, 5.x, OpenPGP)
... A free Shecure Shell Implementation
is a freeware PGP-interoperable encryption software package (including a PGP lib and a Mac Client)
about aaplications based on SSLeay
SRP Telnet and FTP
Secure Remote Password Project
Secure voice conversation
Freeware Voice-over-IP Solution for Win32 with PGP security
pure Java package for strong encryption
gtk-interface to PGP and GnuPG
Superservers and TCP Wrappers
xinetd is a replacement for inetd, the internet services daemon
An interesting inetd replacement including tcpwrapper/chrootuid/relay
small and simple tcp server
API-level Emulators and Proxies
API-level Emulators and Proxies
redirects multiple tcp connections to remote hosts (behind the firewall)
from Thomas Boutell at Boutell.Com, Inc
simple TCP Port redirector
See describtion in Section Network Scanning
The program implements access to TCP sockets from shell level.
Daemon to redirect connections, with some support for load balancing from Peter da Silva
simple udp redirector
a general-purpose email filter integrated into sendmail, written in Perl and based on the MIME-tools. (not realy free)
Free Store+Forward SMTP Relay with Header-Filtering
ssh (not realy free)
inetd redirector for SSL to unsecure services like POP3 or HTTP
SSL wrapper like sslwrap can run from inetd or standalone,
can wrap remote services
HTTP (and CONNECT for SSL)
A personal Proxy for Filtering Internet Access (HTTP, SMTP, POP3, NNTP) (not realy free)
A Proxy for IRC (Internet Relay Chat) featuring DCC support by Bjarni Einarsson
Proxy/Cache/conversion/server for multiple protocols (FTP, HTTP, NNTP, ...) runs on different platforms
allows X11 connections through one-way firewalls like socks.
free implementation of Microsofts and SyBase' TDS (Tabular DataStream) database client access protocol
a simple irc bouncing (proxy) tool
Authentication and Directory Services
an extended Version of Cisco's TACAS Server by Vikas Aggarwal
Cistron RADIUS server
by Miquel van Smoorenburg
Mig's RADIUS LAbs
some summaries on the Linux-radius list
RADIUS Whitepaper, FAQ and Server
RADIUS Services for NDS
Novell offers this for free download
Basic Merit AAA Server
The Server formerly known as Merit Radius Server
LDAP at U-M
free Server and Clients for LDAP and X.500
Linux directory services
integrating LDAP into Linux (as a replacement for NIS)
Innosoft's LDAP World Implementation Survey
including free implementations
the General Authentication Protocol by Olaf Titz.
rewrite if an identd/auth protocol server
LDAP Tools based on the UMich's LDAP
Simple Distributed DataBase (SDDB)
a system designed to hold network directory type information across multiple machines. It is
designed to be an intranet level service rather than in an internet level
one. It allows updates to occur in multiple places (seperated by WAN links)
and yet the data to be merged into one seamless directory.
file integrity checker (like tripwire)
It monitors system files for change in inode, size, etc. and notifies you if a change occurs.
Detects TCP and UDP Port scaning, including stealth scans (not realy free)
Network Management, Data Collecting
the GNOME Network Management Application. On this page you find some good links to SNMP Solutions
Scotty and Tkined
TKined is small and nice network management station based on Scotty which extends TCL with interesting network capabilkities.
distributed data collecting with Postgres SQL backend
system management tool
SNMP suit from the UC Davis, including support for Linux ipfwadm
managing a great number of user accounts at a site
monitors systems, reports problems, and fixes those problems automatically whenever possible
GTK network shell which maps hosts and offers tools to work on them, uses portscanner and queries OStype
Fast and Reliable Log File Auditing (not realy free)
WOTS is a logfile monitoring utility written in perl5. It's based on swatch but is brand new.
analyse squid logfiles for refresh pattern setting
a logscanner which can perform realtime notifications
Firewall Configuration and Adminstration UI
Fireall Configuration tool can generate ipfwadm and IPFilter Rules
ipfwadm dotfile module
makes setting up of ipfwadm files for simple installations easy.
John Hardin wrote that module for Jesper Pedersen's
[html] Dotfile Generator.
shellscript which generates ipfwadm rules by sniffing actual traffic patterns ([mail] William Stearns)
relace existing systems with backup servers (hot spare backup systems)
Operating Systems (Kernel, Patches, Extensions, Hardening)
pretty secure OS
Rule Set Based Access Control for Linux
is a collection of programs, each of which either fixes or tightens one or more potential security problems with a particular aspect in the setup or configuration of a Solaris/Unix system. Conceived and created by Brad Powell, it was written in Bourne shell, and its simple modular design makes it trivial for anyone who can write a shell script or program to add to it, as well completely understand the internal workings of the system.
Diverse stuff related to DDoS (Distributed Denial of Services). Docs and tools can be found here.
from SOS Corporation
Patches for Security Tools from SOS.
Juniper Firewall Toolkit
from Obtuse Systems Corporation
Freier Store und Forward SMTPd
Utilities Sammlung from Obtuse.
The Firewall Toolkit
A lot of information and the Patches for transparent support
newer, faster and more secure Mail Transfer Agent.
Remote Integrated Graphical Administration Tools.
BlackMail SPAM Protection