Bugtraq mailing list archives
TCP SYN probe detection tool available
From: Doug.Hughes () Eng Auburn EDU (Doug Hughes)
Date: Tue, 14 May 1996 16:29:39 -0500
In light of the recent revival of interest in the TCP SYN probe that were undetected by conventional daemon means (e.g. klaxon), I wrote a promiscuous network monitor that runs as a packet filter and will catch any packet on the network that matches services that are given to the program as command line arguments. So far it runs on SunOS4.1.X (NIT) and Solaris2.X(DLPI). Individuals interested in running it on other architectures would need to do some porting. The DLPI code should be portable to other DLPI implementations. On SunOS and Solaris all you have to do is type Make. The README explains options, history, and implementation. Sample usage: ./tocsin tcpmux rje courier rmonitor link ttylink supdup It automatically backgrounds itself (unless run in debug mode). There is also a compile time option that will make it only match packets to the destination network that the program is listening on. availability: ftp.eng.auburn.edu:pub/doug/tocsin.tar.gz http://www.eng.auburn.edu/users/doug/second.html
Current thread:
- TCP SYN probe detection tool available Doug Hughes (May 14)
- Re: TCP SYN probe detection tool available Brian Mitchell (May 15)
- information on syslog bug wanted ALEXANDER SCHUETZ (May 17)
- BoS: SECURITY BUG in FreeBSD Krzysztof Labanowski (May 17)
- Re: BoS: SECURITY BUG in FreeBSD Dan Cross (May 17)
- Re: BoS: SECURITY BUG in FreeBSD Steve Reid (May 17)
- <Possible follow-ups>
- Re: TCP SYN probe detection tool available redeye () compulink gr (May 15)
- Re: TCP SYN probe detection tool available Casper Dik (May 16)
- SunOS 4.1.4 fingerd Andy Dills (May 16)
- Re: SunOS 4.1.4 fingerd Dave Dittrich (May 16)
- Re: fingerd problems Elliot Lee (May 16)
- Re: TCP SYN probe detection tool available Casper Dik (May 16)
- Re: TCP SYN probe detection tool available Brian Mitchell (May 15)