My next class:
LINUX Incident Response and Threat HuntingOnline | US EasternJan 29th - Feb 3rd 2025

Followup to packet tools story

Published: 2007-05-22. Last Updated: 2007-05-22 18:57:13 UTC
by Jim Clausing (Version: 1)
0 comment(s)
As promised (several weeks ago) here is the followup to my earlier story asking for suggestions of tools for capturing, generating/modifying, or replaying IP packets.  The response from our readers was overwhelming and I wanted to thank all who responded.  Since the day job and family life got in the way of posting this sooner, I'm just going to post the list of tools today.  Later this week, I hope to update this story and categorize the tools a little bit.  Because of the tremendous response, I plan to look at a couple of the tools in more detail on my next HOD shift (unless there is some massive breaking story that requires my attention then).

  • netdude
  • nemesis
  • ettercap
  • daemonlogger
  • netcat
  • dsniff
  • yersinia
  • hunt
  • bittwist
  • scruby
  • sing
  • rain
  • nbtscan
  • netwox
  • thc-rut
  • ntop
  • scanrand
  • CommView (commercial tool)
  • xprobe2
  • lft
  • tcpflow
  • tcpxtract
  • kismet
  • queso
  • fragrouter
  • amap
  • thcipv6
  • thcscan
  • juggernaut
  • gspoof
  • aldeberan
  • dhcping (there are apparently 2 different tools by this name)
I would also be remiss if I didn't include a pointer to fellow handler Bill Stearns' page of pcap tools (why didn't I just ask him first....?) at http://www.stearns.org/doc/pcap-apps.html.  Again, thanx to all those who responded.
Keywords:
0 comment(s)
My next class:
LINUX Incident Response and Threat HuntingOnline | US EasternJan 29th - Feb 3rd 2025

Comments


Diary Archives