//
you're reading...
Linux

List of Security Tools Available in Ubuntu Part 3


21) ngrep – grep for network traffic

ngrep strives to provide most of GNU grep’s common features, applying them to the network layer. ngrep is a pcap-aware tool that will allow you to specify extended regular expressions to match against data payloads of packets. It currently recognizes TCP, UDP and ICMP across Ethernet, PPP, SLIP and null interfaces, and understands bpf filter logic in the same fashion as more common packet sniffing tools, such as tcpdump and snoop.

Install ngrep in ubuntu

sudo aptitude install ngrep

22) john – active password cracking tool

john, mostly known as John the Ripper, is a tool designed to help systems administrators to find weak (easy to guess or crack through brute force) passwords, and even automatically mail users warning them about it, if it is desired.
It can also be used with different cyphertext formats, including Unix’s DES and MD5, Kerberos AFS passwords, Windows’ LM hashes, BSDI’s extended DES, and OpenBSD’s Blowfish.

Install john in ubuntu

sudo aptitude install john

23) tcptrace – Tool for analyzing tcpdump output

Tcptrace is a tool for analyzing and reporting on tcpdump (or other libpcap) dump files. It can summarize the data or generate graph data for use with the gnuplot tool from the gnuplot package. Graph data can be created for throughput, RTT, time sequences, segment size, and cwin.

Install tcptrace in ubuntu

sudo aptitude install tcptrace

24) netdude – NETwork DUmp data Displayer and Editor for tcpdump trace files

It is a GUI-based tool that allows you to make detailed changes to packets in tcpdump trace files, in particular, it can currently do the following:

* Set the value of any field in IP, TCP and UDP packet headers.
* Copy, move and delete packets in the trace file.
* Fragment and reassemble IP packets.
* Netdude constantly communicates with a tcpdump process to update
the familiar tcpdump output that corresponds to the trace. This
also means that any changes made to your local version of tcpdump
are reflected in Netdude.
* Plugin architecture: people can easily add plugins for specific
tasks. The code comes with a plugin for checksum correction in IP,
TCP and UDP, and a dummy plugin.
* Through the plugin mechanism, Netdude provides a good facility for
writing tcpdump trace file filters.

Install netdude in ubuntu

sudo aptitude install netdude

25) tcpreplay – Tool to replay saved tcpdump files at arbitrary speeds

Tcpreplay is aimed at testing the performance of a NIDS by replaying real background network traffic in which to hide attacks. Tcpreplay allows you to control the speed at which the traffic is replayed, and can replay arbitrary tcpdump traces. Unlike programmatically-generated artificial traffic which doesn’t exercise the application/protocol inspection that a NIDS performs, and doesn’t reproduce the real-world anomalies that appear on production networks (asymmetric routes, traffic bursts/lulls, fragmentation, retransmissions, etc.), tcpreplay allows for exact replication of real traffic seen on real networks.

Install tcpreplay in ubuntu

sudo aptitude install tcpreplay

26) Dsniff – Various tools to sniff network traffic for cleartext insecurities

This package contains several tools to listen to and create network traffic:

* arpspoof – Send out unrequested (and possibly forged) arp replies.
* dnsspoof – forge replies to arbitrary DNS address / pointer queries
on the Local Area Network.
* dsniff – password sniffer for several protocols.
* filesnarf – saves selected files sniffed from NFS traffic.
* macof – flood the local network with random MAC addresses.
* mailsnarf – sniffs mail on the LAN and stores it in mbox format.
* msgsnarf – record selected messages from different Instant Messengers.
* sshmitm – SSH monkey-in-the-middle. proxies and sniffs SSH traffic.
* sshow – SSH traffic analyser.
* tcpkill – kills specified in-progress TCP connections.
* tcpnice – slow down specified TCP connections via “active”
traffic shaping.
* urlsnarf – output selected URLs sniffed from HTTP traffic in CLF.
* webmitm – HTTP / HTTPS monkey-in-the-middle. transparently proxies.
* webspy – sends URLs sniffed from a client to your local browser
(requires libx11-6 installed).

Install dsniff ubuntu

sudo aptitude install dsniff

27) scapy – Packet generator/sniffer and network scanner/discovery

Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery, packet sniffer, etc. It can for the moment replace hping, 85% of nmap, arpspoof, arp-sk, arping, tcpdump, tethereal, p0f, ….
In scapy you define a set of packets, then it sends them, receives answers, matches requests with answers and returns a list of packet couples (request, answer) and a list of unmatched packets. This has the big advantage over tools like nmap or hping that an answer is not reduced to (open/closed/filtered), but is the whole packet.

Install scapy in ubuntu

sudo aptitude install scapy

28) Ntop – display network usage in top-like format

ntop is a Network Top program. It displays a summary of network usage by machines on your network in a format reminiscent of the unix top utility.It can also be run in web mode, which allows the display to be browsed with a web browser.

Install ntop in ubuntu

sudo aptitude install ntop

29) NBTscan – A program for scanning networks for NetBIOS name information

NBTscan is a program for scanning IP networks for NetBIOS name information. It sends NetBIOS status query to each address in supplied range and lists received information in human readable form. For each responded host it lists IP address, NetBIOS computer name, logged-in user name and MAC address (such as Ethernet).

Install nbtscan in ubuntu

sudo aptitude install nbtscan

30) tripwire – file and directory integrity checker

Tripwire is a tool that aids system administrators and users in monitoring a designated set of files for any changes. Used with system files on a regular (e.g., daily) basis, Tripwire can notify system administrators of corrupted or tampered files, so damage control measures can be taken in a timely manner.

Install tripwire ubuntu

sudo aptitude install tripwire


About Made Sumitre

Saya hanya menulis dan membagikan apa yang sudah pernah saya baca.

Discussion

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

header

Timnas Indonesia Tim Sepakbola Nasional Indonesia mengenakan kostum baru yang diluncurkan di Stadion Utama Gelora Bung Karno, Senayan Jakarta.... Baca selengkapnya »

Anak Indonesia jadi siswa terbaik sekolah MU Anak Indonesia dari pasangan perkawinan campur, Jack Brown (11),.... Baca selengkapnya »

Timnas AFF Kuartet pemain Indonesia yang bermain di klub CS Vise di Divisi II Liga Belgia, yakni Syamsir Alam.... Baca selengkapnya »

TImnas IndonesiaPelatih Timnas PSSI, Nil Maizar, mengaku telah menemukan bentuk permainan timnas… Baca selengkapnya »

Blog Stats

  • 328,954 hits
%d bloggers like this: