A curses-based textmode ICQ client implementation. It is a
fully featured client, can do things like file transfer. Has
the ability to associate sounds with different actions/evens
and play them through a sound card, as well as the standart
beeping.
Things like colors are not hard-coded in the program itself,
but can be set in the corresponding config files
--
New dissectors include SUA Light, HCLNFSD, Rquota. Many other dissectors were
updated and bug-fixed. The wiretap library can now read Etherpeek files,
and write NetMon 2.x files. Capture filters and display filters are kept in
separate dialogues/files to help minimize confusion. A new "Decode As"
feature allows some run-time configuration of which dissectors are called
for a particular packet. You can now click on a byte in the hex dump and the
appropriate field in the protocol tree will be selected. The display filter
code was re-written, and some syntax changed (esp. for boolean variables).
Submitted by Wangden Kelsang <wngdn@src.uchicago.edu>.
Nslint reads the (BIND) nameserver configuration files and performs
a number of consistency checks on the dns records. Nslint is known
to work with BIND versions 4, 8, and 9.
This port had no real name associated with the listed address. When
trying to reach this person, the mail bounces. It also appears from
the logs that this person hasn't been maintaining this.
Sirc is an Internet Relay Chat programmable client written in
perl and C. It has a main perl script that can be run in 'dumb'
mode, standalone, and a separate split-screen front end in C,
called ssfe.
Sing is a little tool that sends ICMP packets fully customized from
command line. The main purpose is to replace/complement the niceful
ping command with certain enhancements as:
o Send fragmented packets.
o Send monster packets > 65534.
o Send/read spoofed packets.
o Send many ICMP Information types in addition to the ECHO REQUEST
type sent by default as Address Mask Request, Timestamp, Information
Request, Router Solicitation and Router Advertisement.
o Send many ICMP error types: Redirect, Source Quench, Time Exceeded,
Destination Unreach and Parameter Problem.
o Send to host with Loose or Strict Source Routing.
o Use little fingerprinting techniques to discover Window$ or Solaris
boxes.
o Send ICMP packets emulating certain OS: Cisco, Solaris, Linux, Shiva,
Unix and Window$ at the moment.
Angst provides methods for aggressive sniffing on switched
local area network environments.
It dumps the payload of all the TCP packets received on the
specified ports. Moreover, it implements methods for active
sniffing. Angst currently provides two active sniffing methods.
The first monitors ARP requests, and after enabling IP
forwarding on the local host, sends ARP replies mapping all IPs
to the local MAC address. The second method floods the local
network with random MAC addresses (like macof v1.1 by Ian Vitek),
causing switches to send packets to all ports. Made just for
testing purposes and fun. If you compile it on any other
platform except the ones listed below, please contact me at the
above email address. As always, published under a BSD style
license, see the included LICENSE file.
Changes: This version responds differently to *-class queries, and
to AXFR requests, to placate a few broken clients. The servers now
log ``starting'' messages.
--
tcpstat reports certain network interface statistics much like
vmstat does for system statistics. tcpstat gets its information by
either monitoring a specific interface, or by reading previously
saved tcpdump data from a file.
Major changes:
* tinydns automatically returns a random set of 8 addresses, in a
random order, from a cluster of any size.
* tinydns supports client differentiation. There's no longer any
reason to use pickdns.
* dnstracesort prints glue information. This reveals all sorts of
interesting inconsistencies.
--
BIND 9.1.0 has been released. Compared to BIND 9.0, BIND 9.1 has a
number of new features as well as numerous bug fixes and cleanups.
The new features include:
- Many BIND 8 features previously unimplemented in BIND 9,
including domain-specific forwarding, the $GENERATE
master file directive, and the "blackhole", "dialup",
and "sortlist" options
- Forwarding of dynamic update requests; this is enabled
by the "allow-update-forwarding" option
- A new, simplified database interface and a number of
sample drivers based on it; see doc/misc/sdb for details
- Support for building single-threaded servers for
environments that do not supply POSIX threads
- New configuration options: "min-refresh-time",
"max-refresh-time", "min-retry-time", "max-retry-time",
"additional-from-auth", "additional-from-cache",
"notify explicit"
- Faster lookups, particularly in large zones.
Submitted by Brian Caswell <bmc@mitre.org>.
ndiff compares two nmap scans and outputs the differences. It
allows monitoring of your network(s) for interesting changes in
port states and visible hosts.
Ethereal 0.8.15 has one of the biggest GUI changes in recent history;
display filters can now be constructed via an easy-to-use point-and-click
interface. Protocol dissectors now exist for: NFSv4, Mobile IPv6, X.25
over TCP, LAPBETHER, DEC LANBridge Spanning Tree Protocol, X.25 over LLC,
Frame Relay, MTP3 User Adaptation Layer, and ISDN Q.921 User Adaptation
Layer. Many other dissectors and core features were improved, and bugs
were squashed. The wiretap library can now read Sniffer Frame Relay files.
Capturing supports the "any" pseudo-device on Linux if you use libpcap 0.6
from www.tcpdump.org.
probes/attacks. Courtney receives input from tcpdump counting the
number of new services a machine originates within a certain time
window. If one machine connects to numerous services within that
time window, courtney identifies that machine as a potential SATAN
host.
Submitted by: Brian Caswell <bmc@mitre.org>
- update to 1.03
Major changes:
* dnscache drops old UDP queries in favor of new ones, and drops old
TCP connections in favor of new ones.
* dnscache supports $FORWARDONLY to forward queries to another cache.
The other cache is listed in root/servers/@.
* dnscache returns TTLs by default, so it can be used as the target
of forwarding.
* dnstrace | dnstracesort produces output that's very easy to scan.
Try dnstrace a www.netscape.com 198.41.0.4 | dnstracesort | less.
