I will use this tip to collect tcpip related tips with a flavor or useful in penetration testing. If there is a site that should be listed here or if a link goes dead, please let me know.
- AckCmd : remote command prompt using only TCP ACK segments to pass firewalls W2K , free
- ARP Poisoning
- ARP0c connection interceptor
- ArpWatch
tool that monitors ethernet activity and keeps a database of ethernet/ip address pairings. It also reports certain changes via email. Arpwatch uses libpcap, a system-independent interface for user-level packet capture. Platforms: AIX, BSDI, DG-UX, FreeBSD, HP-UX, IRIX, Linux, NetBSD, OpenBSD, SCO, Solaris, SunOS, True64 UNIX, Ultrix, UNIX
- Ethernet Bridge
This is a small utility (driver and console application) for MAC level bridging TCPIP bound network interfaces. It can be used an example for bridging wireless and wired Ethernet when IP address space can’t be divided into subnets.Jan 2002
- Hunt : TCP hijacking
- Hping: Create custom ICMP/UDP/TCP packets
- IP:
- IP Insecurity ComputerWorld article
- IP spoofing Department of Computer Science, Princeton University
- IP spoofing Demystified ==Phrack Magazine==
- IP Spoofing : A Mammoth Description
- IP Subnetter Free Utility
calculates subnets, subnet mask, binary hosts, binary masks, broadcast address, host range, and more
- IP Insecurity ComputerWorld article
- ISN Initial Sequence Number Vulnerability
- Monitor network activities
- Netcat: TCP/IP Swiss Army knife tool
- Ngrep:
- NICs:
- Diagram to build a read-only Ethernet cable
- PromiScan W2K Pro; searches for promiscuous nodes on the local net
- Diagram to build a read-only Ethernet cable
- Nmap:
- Fastest port scanner linux
- NDiff compares two nmap scans and outputs differences. Automate change analysis.
- Fastest port scanner linux
- Probing TCP implementations
- Source routing : Loose Source Routing, why is it still here?
- tcpdump / libpcap
- tcpdump and tcp/ip pocket reference
- tcpdump : tools of the trade
- tcpflow : A TCP Flow Recorder
captures data transmitted as part of TCP connections (flows), and stores the data in a way that is convenient for protocol analysis or debugging
- TCP/IP Subnetting Tables
- TCP Wrappers:
- Traceroute, Tracing the Traceroute: A White Paper by Ankit Fadia
- Wireshark : network protocol analyzer for Unix and Windows freeware