diff options
Diffstat (limited to 'Documentation/Summary')
-rw-r--r-- | Documentation/Summary | 59 |
1 files changed, 0 insertions, 59 deletions
diff --git a/Documentation/Summary b/Documentation/Summary deleted file mode 100644 index 2863d60..0000000 --- a/Documentation/Summary +++ /dev/null @@ -1,59 +0,0 @@ -Tools: -////// - -The toolkit is split into small, useful utilities that are or are not -necessarily related to each other. Each program for itself fills a gap as -a helper in your daily network debugging, development or audit. - -*netsniff-ng* is a high-performance network analyzer based on packet mmap(2) -mechanisms. It can record pcap files to disc, replay them and also do an -offline and online analysis. Capturing, analysis or replay of raw 802.11 -frames are supported as well. pcap files are also compatible with tcpdump -or Wireshark traces. netsniff-ng processes those pcap traces either in -scatter-gather I/O or by mmap(2) I/O. - -*trafgen* is a high-performance network traffic generator based on packet -mmap(2) mechanisms. It has its own flexible, macro-based low-level packet -configuration language. Injection of raw 802.11 frames are supported as well. -trafgen has a significantly higher speed than mausezahn and comes very close -to pktgen, but runs from user space. pcap traces can also be converted into -a trafgen packet configuration. - -*mausezahn* is a performant high-level packet generator that can run on a -hardware-software appliance and comes with a Cisco-like CLI. It can craft -nearly every possible or impossible packet. Thus, it can be used, for example, -to test network behaviour under strange circumstances (stress test, malformed -packets) or to test hardware-software appliances for several kind of attacks. - -*bpfc* is a Berkeley Packet Filter (BPF) compiler that understands the original -BPF language developed by McCanne and Jacobson. It accepts BPF mnemonics and -converts them into kernel/netsniff-ng readable BPF ``opcodes''. It also -supports undocumented Linux filter extensions. This can especially be useful -for more complicated filters, that high-level filters fail to support. - -*ifpps* is a tool which periodically provides top-like networking and system -statistics from the Linux kernel. It gathers statistical data directly from -procfs files and does not apply any user space traffic monitoring that would -falsify statistics on high packet rates. For wireless, data about link -connectivity is provided as well. - -*flowtop* is a top-like connection tracking tool that can run on an end host -or router. It is able to present TCP, UDP(lite), SCTP, DCCP, ICMP(v6) flows -that have been collected by the kernel's netfilter connection tracking -framework. GeoIP and TCP/SCTP/DCCP state machine information is displayed. -Also, on end hosts flowtop can show PIDs and application names that flows -relate to as well as aggregated packet and byte counter (if available). No -user space traffic monitoring is done, thus all data is gathered by the kernel. - -*curvetun* is a lightweight, high-speed ECDH multiuser VPN for Linux. curvetun -uses the Linux TUN/TAP interface and supports {IPv4,IPv6} over {IPv4,IPv6} with -UDP or TCP as carrier protocols. Packets are encrypted end-to-end by a -symmetric stream cipher (Salsa20) and authenticated by a MAC (Poly1305), where -keys have previously been computed with the ECDH key agreement -protocol (Curve25519). - -*astraceroute* is an autonomous system (AS) trace route utility. Unlike -traceroute or tcptraceroute, it not only display hops, but also their AS -information they belong to as well as GeoIP information and other interesting -things. On default, it uses a TCP probe packet and falls back to ICMP probes -in case no ICMP answer has been received. |