Rpc_Gotcha is a network based intrusion detection tool for detecting rpc based scans and attacks (buffer overflows). The program will passively sit on the network perimeter and process packets while analyzing the rpc message data payload looking for signs of a possible attack. Rpc_Gotcha will log all rpc calls made to the network and display payload data for possible attacks. Changes : This version has some major bug fixes , memory leaks and signature issues. It will also read tcpdump capture files in a batch mode.
47e916295ba31b13f5d2c3e1ee1298ccbaa67084f08de4d1c4ed07f5a57002d2
Rpc_Gotcha is a network based intrusion detection tool for detecting rpc based scans and attacks (buffer overflows). The program will passively sit on the network perimeter and process packets while analyzing the rpc message data payload looking for signs of a possible attack. Rpc_Gotcha will log all rpc calls made to the network and display payload data for possible attacks.
e2ccfd68a343a3485c93f6ce4cc1b8bf77c771ab659892b0f547ca1fb0ed14d2
Basic Packet-Sniffer Construction from the Ground Up - This is a detailed whitepaper on how to constuct a working packet-sniffer in ansii C. Excellent work, very detailed, a "must-read" for everybody.
9dc4360866696481bed37f38e0c1d8753fbc93355eaafe013ed8bf6f0339c6d2