Showing 1 - 7 of 7

Files from fryxar

snort-covert.txt: Posted Dec 6, 2006; Authored by fryxar; Snort patch based on the "tcpstatflow" tool and written to be compiled with snort-2.6.1.1 using the stream4 preprocessor. It is designed to detect traffic that is not HTTP / HTTPS / FTP / SMTP, with a reasonable margin of error.; tags | tool, web, sniffer; SHA-256 | 3e7d1c6ba3cd8817eff4ec346d0ef9b08d438b4e3d0085d7760509a1fd878e23; Download | Favorite | View

dnsPoison.cpp.txt: Posted Jun 18, 2004; Authored by fryxar; Symantec Enterprise Firewall dnsd proxy, versions 8 and later, is vulnerable to cache poisoning attacks when acting as a caching nameserver. Full proof of concept exploit included.; tags | exploit, proof of concept; SHA-256 | cb84018e4595e260c546cc412ec384eecb358019a95b682a3b76aa4857dc9956; Download | Favorite | View

frag.c: Posted Nov 21, 2003; Authored by fryxar | Site geocities.com; Fragmented ICMP packet generator.; systems | unix; SHA-256 | ff8302c76379341492e7d4b5c00d34c04aaceee1802459aaf36d4bd83c34b98f; Download | Favorite | View

mod_icmp.c: Posted Nov 21, 2003; Authored by fryxar | Site geocities.com; This linux kernel module acts like an icmp proxy for echo/echo-reply packets at kernel level, preventing icmp tunnels through firewalls or directly to the server it is installed on.; tags | kernel; systems | linux; SHA-256 | 9fad32f633cbf5845c1c9aa19434551345fd747ac16e91b836ef8dfa81ef6435; Download | Favorite | View

tunnelshell_2.3.tgz: Posted Nov 21, 2003; Authored by fryxar | Site geocities.com; Tunnelshell is a client/server program written in C for Linux users that tunnels a shell using various methods which can bypass firewalls, such as fragmented packets, tcp ACK packets, UDP, ICMP, and raw IP packets (ipsec).; tags | tool, shell, udp, tcp, rootkit; systems | linux, unix; SHA-256 | 11113a593b4f526f8fca20dd243ea7d92507104f9d79654f598013a116da4886; Download | Favorite | View

tcpstatflow_v1.1.tgz: Posted Nov 21, 2003; Authored by fryxar | Site geocities.com; TCPStatFlow is a tool for network administrators which detects covert network tunnels running on ports which are accepted by most outbound firewalls by sniffing the network and measuring the symmetry of the data sent. HTTP / HTTPS / FTP / SMTP / POP3 protocols send much more data one direction than the other, and if a ssh server is set up on these ports, this tool will detect it by noticing that the amounts of data sent don't look like the protocol which is supposed to run on that port.; tags | tool, web, protocol, intrusion detection; systems | unix; SHA-256 | edb152cf1f06f1962ff42720fbff6cfbd9daa4d1d85ea1d53115ce88c1b4b64d; Download | Favorite | View

tunnelshell_v1.tgz: Posted Jan 31, 2002; Authored by fryxar; Tunnelshell is a client-server backdoor which uses fragmented packets to traverse firewalls. Written in C, tested on Linux.; tags | tool, rootkit; systems | linux, unix; SHA-256 | cad32eeada78f1ea9cbd18a6eec29d4d5a74e7a4359cc941b571364ca2498d29; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days