If you like this, you can use flattr. ;)
- Quickpost: Inspiring Windows software profilers and checkers
- 0x41 - back to bugs
- low footprint/hardware assisted virtualization with Linux and GrSec
- Postfix troubleshooting - a security nightmare
- New content soon
- 0x41 - (weekly) exploitation matters - Vista Heap, scripting debuggers with debug libs and how to learn to use that knowledge
- 0x41 - weekly exploitation matters - Shellcode and frameworks
- Explicit and implicit security in software development - measures and change
- 0x41 - weekly exploitation matters - Heap overflow fundamentals
- 0x41 - weekly exploitation matters - About
- wishinet: http://www.godblock.com/#what "block sexual, and psychologically harmful material" like "holy texts". Protect "from being indoctrinated"
- wishinet: Load average: 23.69 20.11 14.95 - jepp, this is obviously bad.
- wishinet: http://img2.moonbuggy.org/imgstore/ethernet-killer.jpg
- wishinet: According to my 400d stats the most viewed page at my blog is phpids's xss warning. You can do better! :)
- wishinet: I'm super-hungry after some meditation... guess this isn't normal. :-) 0xf000000d
UnprotectedHex - about formal software verification
Sean's blog
Xecurity - a security feed collecter
Reddit RCE group
Freedom To Tinker
Emergent Chaos
Woodmann RCE forums
OpenRCE community forums
SecViz - security data visualization
DAVIX Live - for security metrics
Hex Live
Security Metrics
Immunity's Free Software
Core Security's OpenSouce research
Zynamics Blog
Revision: flowtag Tk
Thu, 05/15/2008 - 19:34 | wishi
txtI had some problems installing Flowtag on a 10.5 Mac... it's solved. There's lots of very interesting research going on.
The Visual Firewall i. e. sounds more than interesting!!!
You need to reinstall the whole ruby bundle and put +Tk or +mactk (and +thread_hooks) as options into the prompt while installing the dependencies via MacPorts. I recommend +mactk because you don't want x11. mactk seems to be faster.
Very cool tool. It can display graphically where your traffic goes to like iftop. But it's doing this with pcaps. I'll test it out. I like the interface very much.
nsm features flowtag too, easing your work:
Modules:
[-] aimsnarf - Extracts AIM messages from a pcap file
[-] argus-basic - Perform basic argus flow statistics on
the file, see info for details
[-] bro-ids-protocol - The Bro Intrusion Detection System
(analyze protocols for alarms)
[-] bro-ids-stream - The Bro Intrusion Detection System (extract stream contents)
[-] capinfos - Extract information about a capture file
[-] chaosreader - Trace TCP/UDP sessions and fetch application data
[-] clamscan - Scan extracted files for malware
[-] fl0p - Analyze the flow of packets for fingerprints
[-] flowtag - Visualizes the flows of a pcap file
[-] flowtime - Create a timeline for network traffic flows
[-] foremost - Extract files from a data file
[-] harimau - Check IPs in the pcap file against the harimau blacklist
[-] hash - Create hashes of the pcap file
[-] honeysnap - Perform honeysnap analysis on pcap file captured from a honeypot
[-] iploc - Determine location of inbound and outbound traffic
[-] ngrep - Grep through pcap file for data
[-] p0f - Passive OS fingerprinting
[-] pads - Passive Asset Detection System
[-] snort - Generate snort alerts from a pcap file
[-] tcpdstat - Extract statistics about a pcap file
[-] tcpflow - Extract flow information from a pcap file
[-] tcpick - Generate traffic statistics and tcp stream files
[-] tcptrace - Perform trace analysis on the packet file
[-] tcpxtract - Extract data files from a pcap session
[-] trace-summary - Generate a breakdown of network traffic
[-] tshark - Analyze network traffic
These are the modules... Everything is possible! The researching in this network topic is not blocked by reading all the manpages in detail. You can easily concentrate on the network logic. Have fun!
Post new comment