Network Monitoring

UPDATE: The Dude Network Monitor v4beta2!

July 20, 2010 10:51 am · 0 comments

by Black

in Security tools,Tool Updates

We wrote about The Dude Network Monitor previously in our post here. Now, MikroTik has released an updated beta version – 4beta2.?

โ€œThe Dude is a visual and easy to use network monitoring and management system designed to represent network structure in one or more cross linked graphical diagrams, allowing you to draw (includes automatic network discovery tool) and monitor your network however complicated it might be. The Dude is capable of monitoring particular services run on the network hosts, and alerting you about any changes in their status. It can read statistics from the devices monitored and show you graphs of the monitored values, allows you to test and connect to the devices easily, and provides some very basic RouterOS configuration tools.โ€

This is the official change log:

  • Improved window state saving.
  • Fixed bug causing “too many open files” problem on RouterOS dude server
  • Added “Remove Resolved” button to outages
  • Fixed images loading forever problem
  • Fixed data sources sometimes did not get correct values from SNMP
  • Fixed no gap in graph when service down for some time
  • Fixed server crash when connection to agent lost
  • Fixed unable to add more than one item in dialog box that should allow that
  • More fixes

Download The Dude Network Monitor v4beta2 here.

Tagged as: , ,

Be the first to comment!

NWMap: The Network Mapper!

June 24, 2010 11:26 am · 0 comments

by Black

in Open Source,Penetration Testing,Security Reconnaissance,Security tools

Mapping live IP addresses from a pcap dump can be a very tedious job. Not with NWMap!

NWMap is a Perl script which takes a PCAP file as input and identifies valid subnets in the same. It then assumes a netmask of /24 and searches all those subnets for live IP’s. It then groups all the IP addresses based on the number of hops.

You could probably use this tool and use it to enumerate live IP addresses before an actual penetration test.

Download NWMap version 0.1 here.

Searches leading to this post:
nwmap

Tagged as: , ,

Be the first to comment!

THC IPV6!

June 21, 2010 12:49 pm · 0 comments

by Black

in Open Source,Security Reconnaissance

A complete tool set to attack the inherent protocol weaknesses of IPV6 and ICMP6, and includes an easy to use packet factory library.

THC IPV6 is been presented all over the world:
* VnSec, Vietnam, August 2007
* Hack LU, Luxembourg, October 2006
* Hack in the Box, Kuala Lumpur, September 2006
* CanSecWest, Vancouver, April 2006
* EuSecWest, London, February 2006
* CCC Congress, Berlin, December 2005
* Pacsec, Tokyo, November 2005

33bdf2a987665f9d265840a1b2d47acc THC IPV6!

What new is added THC IPV6?

dnsdict6: big wordlist update
upgraded thc-ipv6 license to GPLv3

This code was inspired with IPv6, let learn more and more about it – and then found no tools to play (read: “hack”) around with.

Lets collect some tools for future.

What tools are included in THC IPV6?

- parasite6: ICMP neighbor solicitation/advertisement spoofer, puts you as man-in-the-middle, same as ARP mitm (and parasite)
- alive6: an effective alive scanning, which will detect all systems listening to this address
- dnsdict6: parallellized DNS ipv6 dictionary bruteforcer
- fake_router6: announce yourself as a router on the network, with the highest priority
- redir6: redirect traffic to you intelligently (man-in-the-middle) with a clever icmp6 redirect spoofer
- toobig6: mtu decreaser with the same intelligence as redir6
- detect-new-ip6: detect new ip6 devices which join the network, you can run a script to automatically scan these systems etc.
- dos-new-ip6: detect new ip6 devices and tell them that their chosen IP collides on the network (DOS).
- trace6: very fast traceroute6 with supports ICMP6 echo request and TCP-SYN
- flood_router6: flood a target with random router advertisements
- flood_advertise6: flood a target with random neighbor advertisements
- fuzz_ip6: fuzzer for ipv6
- implementation6: performs various implementation checks on ipv6
- implementation6d: listen daemon for implementation6 to check behind a fw
- fake_mld6: announce yourself in a multicast group of your choice on the net
- fake_mipv6: steal a mobile IP to yours if IPSEC is not needed for authentication
- fake_advertiser6: announce yourself on the network
- smurf6: local smurfer
- rsmurf6: remote smurfer, known to work only against linux at the moment
- sendpees6: a tool by willdamn(ad)gmail.com, which generates a neighbor solicitation requests with a lot of CGAs

Currently it supports Linux 2.6 kernels

Download THC IPV6 here

Searches leading to this post:
metasploitable hackable box

Tagged as: , , ,

Be the first to comment!

Page 1 of 6123456