IPTraf 2.1.1 is an ncurses-based IP LAN monitor that generates various network statistics including TCP info, UDP counts, ICMP and OSPF information, Ethernet load info, node stats, IP checksum errors, and others.
7aef3943210e51d61bcdd66e73a562b0d51d7a2a61d5d226ffc0a1067b2ede59
Utility to send a trojan to any unpatched IIS 4.0 system by exploiting a buffer overflow. (Without SP6). Archive password is set to p4ssw0rd. Use at your own risk.
8abefcb4d3a8d21e73681f483d24cf77218d8acc3a3b8a414dcf13843aaca94f
If you're running BIND 8.2.2, and you have the victim.dom name servers in your cache, and victim.dom changes its server names, then any user who can make recursive queries through your cache can break your victim.dom lookups until the old records time out. The complete attack is one brief burst of legitimate packets. This is, of course, not as disastrous as BIND's next buffer overflow, but it's still an interesting example of how an attacker can use BIND's bogus "credibility" mechanism to exacerbate the effects of a seemingly minor bug.
c72ec0dd61841711d365e087961f01b3cc66fb2e349bb4274b3c897e6f364742
OS tested was Windows 2000 and ICQ v99b 1.1.1.1. ICQ is a very popular chat client that is affected by a exploitable buffer overflow when it parses an URL sent by another user. What this means is that arbitary assembly code can be run on the remote machine.
c56d1f4e56219b6d49de977af302c96651bb3965e3248d8a7976706cedb0949c
orel Linux comes with a program called "Corel Update" to manage the ".deb" files. This X oriented program is setuid root. The program is "get_it" and it's located in the /usr/X11R6/bin directory. If you can run it, it's easy to get root privileges in your system.
638e23401a5d45ff0435f80bdbe0006c13f71306efdb836fc11c7244771cbff7
Patch to sh(1) that adds denying and logging features (user ID, username, process ID, parent process ID, parent process name, login name). Checks against /etc/sh.deny and if the parent/calling program is listed then execution is halted and logged.
e7f2e3bc323b328a675b4a4435ca103b1eb24ea40133b716e01a44446063df6e
nsuncat 0.01b - Unix socket connectivity from the command line. (works just like netcat for tcp/udp sockets)
49088a575ee48d6c5401773d67d701fbde1b7fe01256a0d55e04ed9c19f06f5b
Dust v0.2 is a shell script which runs 22 DoS attacks discovered in 1999. Linux only.
6ee872e397c22ba40d1d8534251ba7aa9c8a767b1cfdc42d379004c10d933253
Pretty Simple Password Generator (PSPG) is a small and fast password generator for creating secure, non-pronounceable passwords which are harder to break.
d45a1367af53af6cdfdcecd6c7047ac0e26fb1907028ea08ad53ab7e83009b33
ipaudit records network activity. It stores a count of bytes and packets exchanged for every combination of host/port pairs and protocol. It can be signalled after a fixed interval (30 minutes is typical) to output results. It's useful for identifying heavy bandwidth users, intrusive telnet sessions, denial of service attacks, scans, etc. There is also an option (like tcpdump) to save raw packet headers for detailed analysis with packages such as tcpdump or ethereal.
1b4a2f607b16ee8714ad2c63bb1e5bb45fcae275e760e2ca06fa870c52bb64db
Packet Storm Contest Entry - GNIDS - Early Detection of Unknown Threats.
27506f2302d5ac51fe2ff3d94a76ad42b306262c323ecb385ae8749bb1bd76ae
Winning Packet Storm Contest Entry - Protecting Against the Unknown - A guide to improving network security to protect the Internet against future forms of security hazards.
0e6222b8be5665deed5eefcf97e95600e15395e70fc048b75e1a1963cb6c8da9
Packet Storm Contest Entry - Purgatory 101: Learning to cope with the SYNs of the Internet.
acbfe437758ef4ccfb79fde7993aac9a5d2d865fa6ba4948cd195b2923ef09cf
Packet Storm Contest Entry - What pure or applied technical measures can be taken to protect the Internet against future forms of attack?
b0be1a071bb2e0cd451041db46a6141f23ffb470c2a62f0f376fd69b529fbbf4
Packet Storm Contest Entry - Strategies for Defeating Distributed Attacks.
adbb93cf6584385ff3b5f74b554128ad787340889c56f79cd9fcd7d9e7965277
Packet Storm Contest Entry - Distributed Attacks and the Way To Deal With Them.
1a42adf4a368ec5cf3cb42e9d92d3461129fdbe6b553d0b6eeedf486e1da348e
PowerPoint presentation on Snort - Lightweight Intrusion Detection for Networks.
ad624664b0dd306cea5ff87e2c546a2310c71bff4dd37c3c5130db342db4cad9