This list resulted from a round table discussion at the CAIDA ITL workshop Jun 2001 at the University of Virginia. Many are the suggestions of Evi Nemeth, the Co-Principal Investigator for the IEC/ITL. Other listings were from suggestions by the attendee's.
A central source for a number of tools for different operating systems. Worth the trip to the site.
http://www.networkuptime.com/tools/ This link go longer works. If anyone knows Network Uptime's new url, please submit it to me at levinm@gvsu.edu
ALTQ provides queuing schemes required to realize resource-sharing and quality of service. The ALTQ release is intended to be a flexible platform to promote network research and gain field experience.
Dia is designed to be much like the commercial Windows program 'Visio'. It can be used to draw many different kinds of diagrams. It currently has special objects to help draw entity relationship diagrams, UML diagrams, flowcharts, network diagrams, and simple circuits. It is also possible to add support for new shapes by writing simple XML files, using a subset of SVG to draw the shape.
dummynet is a flexible tool originally designed for for testing networking protocols, and since then (mis)used for bandwidth management.It simulates/enforces queue and bandwidth limitations, delays, packet losses, and multipath effects. It also implements a variant of Weighted Fair Queuing called WF2Q+. It can be used on user's workstations, or on FreeBSD machines acting as routers or bridges.
Ethereal is a free network protocol analyzer for Unix and Windows. It allows you to examine data from a live network or from a capture file on disk. You can interactively browse the capture data, viewing summary and detail information for each packet. Ethereal has several powerful features, including a rich display filter language and the ability to view the reconstructed stream of a TCP session.
LANguard Intrusion detection for ISA server - adds intrusion detection capabilities to ISA server. LANguard IDS can recognize over 800 attacks, including Windows NT null sessions, Microsoft Internet Information Services exploit attacks, NETBIOS over TCP/IP access, NETBIOS-SNMP-NT-UserList Enumeration, Network Access Brute force attempts and many more.
Sites which help to thoroughly understand Linux's new traffic control features, and the new iproute2 commands.
http://snafu.freedom.org/linux2.2/iproute-notes.html
http://defiant.coinet.com/iproute2/
http://www.linuxgrill.com/iproute2-toc.html
http://www.kcs-inc.co.jp/laser5sse/rpm2html/local/i386/iproute2-2.2.4-2.LS1.i386.html. This url provides the rpm package.
The Multi Router Traffic Grapher (MRTG) is a tool to monitor the traffic load on network-links. MRTG generates HTML pages containing GIF images which provide a LIVE visual representation of this traffic
Nam is a Tcl/TK based animation tool for viewing network simulation traces and real world packet traces. It supports topology layout, packet level animation, and various data inspection tools.
A group of small software utilities. Includes: Cable Length Calculator, Canonical Converter, Latency Calculator, Link Speed, IP Subnet Visualizer, OUI Lookup, IPX SAP Lookup, Ethernet Packets per Second, Etherchannel Calculator, Bit Budget Calculator, Hex to Decimal Converter, Subnet Calculator, and Multicast Calculator
Information from the L0pht Heavy Industries website is now available here in the Research Labs section of the @stake website.
@stake's Research Labs are dedicated to researching and documenting security flaws that exist in the Internet infrastructure.
RPM ready NetCat for RedHat
Netperf is a benchmark that can be used to measure the performance of many different types of networking. It provides tests for both unidirectional throughput, and end-to-end latency. The environments currently measurable by netperf include: TCP and UDP via BSD Sockets, DLPI, Unix Domain Sockets, Fore ATM API, HP HiPPI Link Level Access.
NeoTrace
NeoTrace Pro, a graphic traceroute, delivers a powerful tool for checking information on internet locations. You can trace any computer on the internet simply by entering an email, IP address or URL. The display shows you the route between you and the remote site including all intermediate nodes and their registrant information. Allows you to create a file of fictitious geographic locations for your ITL routers.
The NIST Net network emulator is a general-purpose tool for emulating performance dynamics in IP networks. The tool is designed to allow controlled, reproducible experiments with network performance sensitive/adaptive applications and control protocols in a simple laboratory setting. By operating at the IP level, NIST Net can emulate the critical end-to-end performance characteristics imposed by various wide area network situations (e.g., congestion loss) or by various underlying subnetwork technologies (e.g., asymmetric bandwidth situations of xDSL and cable modems). Linux.
Nmap ("Network Mapper") is an open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (ports) they are offering, what operating system (and OS version) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap runs on most types of computers, and both console and graphical versions are available. Nmap is free software, available with full source code under the terms of the GNU GPL.
This web document is a re-organized version of the "perl.1" man page for PERL version 4. A hypertexted Perl5 manual may be found at many sites, including perl.com.)
Includes software and installation instructions for the Chesapeake Port Scanner, a Java-based implementation of a TCP port scanner.
http://www.ccci.com/tools/portscan/index.html
Page contains instructions on installation and operation of SecurIT firewall
http://www.milkyway.com/libr/ProdesNT/nt411/nt411desc.html Couldn't reach on 12/31/02. If you know their new url, please submit it to me.
Source for Windows 2000 Security Recommendation Guides
As part of its Information Assurance mission, the National Security Agency (NSA) has join the computer security research community in investigating a wide range of computer security topics including operating system security. This is a release of their security-enhanced version of Linux.
A collection of CMU utilities used to merge MIB files, as well as their MIBs. Contains other analysis tools
Snort contains various tools relating to the Simple Network Management Protocol including: an extensible agent, an SNMP library, tools to request or set information from SNMP agents, tools to generate and handle SNMP traps, a version of the unix 'netstat' command using SNMP, and a Tk/perl mib browser
Snort is a lightweight network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Snort uses a flexible rules language to describe traffic that it should collect or pass, as well as a detection engine that utilizes a modular plugin architecture. Snort has a real-time alerting capability as well, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages to Windows clients using Samba's smbclient.
This page was started to collect various patches that have been floating around for LBL's tcpdump and libpcap programs, and to continue the work needed on both projects. The software is available here.
TCPDUMP - Capture tools etc
The home page of the Network Research Group (NRG) of the Information and Computing Sciences Division (ICSD) at Lawrence Berkeley National Laboratory (LBNL) in Berkeley, California.
FreeBSD Ports FTP site: Networking utilities.
URL offers (1) Analyzer, A public domain network analyzer. For Windows 95/98/NT platform, (2)WinDump,Windows porting of the famous tcpdump tool. For Windows 95/98/NT/2000, and (3) WinPcap, Windows Packet Capture Library; compatible with libpcap for UNIX. For Windows 95/98/NT/2000.
Pages give source for software and explains its use.
A central source for a number of tools for the Windows OS family. Worth the trip to the site.
http://www.networkuptime.com/tools/winnt/index.html This link go longer works. If anyone knows Network Uptime's new url, please submit it to me at levinm@gvsu.edu