MoocherHunter™ is a free mobile tracking software tool for the real-time on-the-fly geo-location of wireless moochers, hackers and users of wireless networks for objectionable purposes (e.g. paedophile activity, illegal file downloading, illegal music/video sharing, etc).
Haka is an open source security oriented language which allows to describe protocols and apply security policies on (live) captured traffic.
The scope of Haka language is twofold. First of all, it allows to write security rules in order to filter/alter/drop unwanted packets and log and report malicious activities. Second, Haka features a grammar enabling to specify network protocols and their underlying state machine.
The overall goal of Haka is to abstract low-level stuff like memory management and packet reassembly to non developer experts and to provide an easy way to analyze quickly new network protocols.
http://thisissecurity.net/2015/11/23/hackers-do-the-haka-part-1/
RouteFlow is an open source project to provide virtualized IP routing services over OpenFlow enabled hardware.
A typical RouteFlow use scenario is composed by an OpenFlow controller application (RFProxy), an independent RouteFlow server (RFServer), and a virtual network environment that reproduces the connectivity of a physical infrastructure and runs IP routing engines (e.g. Quagga).
The routing engines generate the forwarding information base (FIB) into the Linux routing tables according to the configured routing protocols (e.g., OSPF, BGP). In turn, the Linux IP and ARP tables are collected by RouteFlow client (RFClient) processes and then translated into OpenFlow tuples that are finally installed in the associated OpenFlow-enabled devices in the forwarding plane.
ut if an operator runs an exit from his or her home, and on their own internet connection, “they may be confused with being the source of the traffic, instead of an exit node of the traffic,” Opsahl told me. To anyone looking at activity flowing from the exit—whether that’s child abuse material, or an attempt to hack a website—it looks one and the same as the operator’s own personal usage. This could lead to a raid on the operator’s house, even though running an exit is arguably legal.
First published during the 'eighties as a series of articles in 'Umsebenzi'; later as a single pamphlet for underground operatives.
- INTRODUCTION
This is a pamphlet about the role of secrecy in solving the tasks of the Revolution. Secrecy gives us protection by starving the enemy of information about us. Secrecy helps us build a strong revolutionary movement to overthrow the enemy.
There is nothing sinister about using secret methods to help win freedom. Through the ages the ruling classes have made it as difficult as possible for the oppressed people to gain freedom. The oppressors use the most cruel and sinister methods to stay in power. They use unjust laws to ban, banish, imprison and execute their opponents. They use secret police, soldiers, spies and informers against the people's movements. But the people know how to fight back and how to use secret methods of work.
The early history of struggle in our country is full of good examples. Makanda, Cetshwayo, Sekhukhune and Bambatha made use of secret methods to organise resistance. Bambatha, for example, prepared his rebellion against colonialism in great secrecy from the Nkandla forest.
Secrecy has Helped us Outwit the Enemy:
The enemy tries to give the impression that it is impossible to carry out illegal work. The rulers boast about all our people they have killed or captured. They point to the freedom fighters locked up in the prisons. But a lot of that talk is sheer bluff. Of course it is impossible to wage a struggle without losses. The very fact, however, that the South African Communist Party and African National Congress have survived years of illegality is proof that the regime cannot stop our noble work. It is because we have been mastering secret work that we have been able, more and more, to outwit the enemy.
Discipline, Vigilance and Self-Control:
Secret methods are based on common sense and experience. But they must be mastered like an art. Discipline, vigilance and self-control are required. A resistance organiser in Nazi-occupied France who was never captured said this was because he `never used the telephone and never went to public places like bars, restaurants and post offices'. He was living a totally underground life. But even those members of a secret movement who have a legal existence must display the qualities we have referred to.
Study and Apply the Rules of Secrecy:
Most people know from films and books that secret work involves the use of codes, passwords, safe houses and hiding places. Activists must study the rules of secrecy and apply them seriously. This enables us to build up secret organisations linked to the people. This secret network becomes a vital force in helping to lead the people in the struggle for power. In our series we will discuss such topics as:
How to set up a secret network;
The rules of secrecy;
How to overcome surveillance (i.e. observation);
Secret forms of communication;
Technical Methods such as secret writing, hiding places etc.;
How to behave under interrogation (i.e. when being questioned by the enemy).
These are among the main elements of secret work.
To organise in secret is not easy, but remember: The most difficult work is the most noble!
Un bon petit topo Réseau en 4 parties: 1/ http://packetlife.net/blog/2015/jan/2/networking-faq-1-breaking-field/ 2/ http://packetlife.net/blog/2015/jan/9/networking-faq-2-certifications/ 3/ http://packetlife.net/blog/2015/jan/16/networking-faq-3-names-and-addresses/ 4/ http://packetlife.net/blog/2015/jan/26/networking-faq-4-fundamentals/ || Et les Cheatsheets qui vont bien: http://packetlife.net/library/cheat-sheets/
100Gb network adapters are coming, said Jesper Brouer in his talk at the LCA 2015 kernel miniconference (slides [PDF]). Driving such adapters at their full wire speed is going to be a significant challenge for the Linux kernel; meeting that challenge is the subject of his current and future work. The good news is that Linux networking has gotten quite a bit faster as a result — even if there are still problems to be solved.
This is a first of a series of interdisciplinary workshops, hosted this year at Mobisys 2015, that wish to build on a recent successful Dagstuhl seminar on DIY networking. That seminar brought together a highly diverse group of researchers and practitioners to reflect on technological and social issues related to the use of local wireless networks that operate outside the public Internet; see our final report, which documents our interdisciplinary exchanges and the description of selected case studies for which DIY networking solutions can facilitate the creative interplay between technological and human networks in the city.
Want to know more about the Software-Defined better understand the security model? Grab a Wireless Networking (SDWN) architecture or big cup of coffee and dig in.
MASSCAN: Mass IP port scanner
This is the fastest Internet port scanner. It can scan the entire Internet in under 6 minutes, transmitting 10 million packets per second.
It produces results similar to nmap, the most famous port scanner. Internally, it operates more like scanrand, unicornscan, and ZMap, using asynchronous transmission. The major difference is that it's faster than these other scanners. In addition, it's more flexible, allowing arbitrary address ranges and port ranges.
NOTE: masscan uses a custom TCP/IP stack. Anything other than simple port scans will cause conflict with the local TCP/IP stack. This means you need to either use the -S option to use a separate IP address, or configure your operating system to firewall the ports that masscan uses.
This tool is free, but consider funding it here: 1MASSCANaHUiyTtR3bJ2sLGuMw5kDBaj4T
The few major European telecom companies generally do not defend individual rights on the Internet access, as we can notice by their opposition to network neutrality enforcement and their lack of care regarding dark zones and the "digital divide", as their investments follow their profit scheme rather than pursuing better Internet access for everyone.
libtins is a high-level, multiplatform C++ network packet sniffing and crafting library.
Its main purpose is to provide the C++ developer an easy, efficient, platform and endianess-independent way to create tools which need to send, receive and manipulate network packets.
It uses a BSD-2 license and it's hosted at github.
We are a broad, international coalition of network engineers, community change makers, researchers, architects, and thinkers that are building decentralized and autonomous communications infrastructure. We know that the Internet is deeply broken, and we are rebuilding, from the inside out. We mitigate the ills of interception and interference on the net by facilitating networks that are owned, operated, and governed by the people that use them. This international free networks coalition aims to be the next step toward bridging successful local initiatives into a wide federation with global impact.
tcpdump is the premier network analysis tool for information security professionals. Having a solid grasp of this über-powerful application is mandatory for anyone desiring a thorough understanding of TCP/IP. Many prefer to use higher level analysis tools such as Ethereal Wireshark, but I believe this to usually be a mistake.
Deep in the jungles of West Papua’s central highlands, there is a village with its own mobile telecommunications network. That network runs in a box latched to the top of a tree, providing the only reliable cell coverage anywhere within a four-hour drive. This small setup has created a booming local mobile economy—and it could be the harbinger of a whole new class of private and community mobile networks that change the shape of mobile for those who have been underserved or overcharged by traditional phone carriers.
In the scalability is specialization department here is an interesting paper presented at HotNets '13 on high performance networking: Network Stack Specialization for Performance.
Activities in complex networks are often both too important to ignore and too tedious to watch. We created a network monitoring system, Peep, that replaces visual monitoring with a sonic `ecology' of natural sounds, where each kind of sound represents a specific kind of network event. This system combines network state information from multiple data sources, by mixing audio signals into a single audio stream in real time. Using Peep, one can easily detect common network problems such as high load, excessive traffic, and email spam, by comparing sounds being played with those of a normally functioning network. This allows the system administrator to concentrate on more important things while monitoring the network via peripheral hearing.
====
A déployer en data-center ? :D
http://peep.sourceforge.net/intro.html
http://peep.sourceforge.net/demo/inc-mail.mp3
http://peep.sourceforge.net/demo/out-mail.mp3
http://peep.sourceforge.net/demo/bad-query.mp3
http://peep.sourceforge.net/demo/telnetd.mp3
http://peep.sourceforge.net/demo/water21.mp3
http://peep.sourceforge.net/demo/users.mp3
http://peep.sourceforge.net/demo/demo.mp3
http://peep.sourceforge.net/demo/demo2.mp3
When diagnosing anomalous behavior on a network, a system administrator
has two separate areas to focus on: the packets traveling over the
network (i.e., the network view), and the information contained on the
individual hosts connected to the network (i.e., the host view). The
network view provides a glimpse into the overall communication activity
of the network, but it does not reveal what processes are causing this
activity. On the other hand, the host view contains details on the
processes producing the network traffic, but it does not contain
information on which packets are associated with which process. This
inability to correlate packets with their associated process is a
fundamental (although intentional) shortcoming of the modern network
stack. To bridge this gap we introduce the Hone (Host-network)
correlator, an open-source tool that correlates packets to processes to
diagnose problems seen on a network.
While the idea of correlating packets to processes is a simple one, the
implementation requires kernel modifications that alter the way the
network stack works. Perhaps this complication is responsible for the
fact that no other tool takes this approach. While there have been
several tools that have come close to the packet-process correlation
approach taken here, they differ from Hone in fundamental ways.