From owner-freebsd-security Mon May 31 21:12:54 1999 Delivered-To: freebsd-security@freebsd.org Received: from henry.cs.adfa.edu.au (henry.cs.adfa.edu.au [131.236.21.158]) by hub.freebsd.org (Postfix) with ESMTP id 42F7D14D08 for ; Mon, 31 May 1999 21:12:49 -0700 (PDT) (envelope-from wkt@henry.cs.adfa.edu.au) Received: (from wkt@localhost) by henry.cs.adfa.edu.au (8.9.2/8.9.1) id OAA48498 for security@freebsd.org; Tue, 1 Jun 1999 14:12:48 +1000 (EST) (envelope-from wkt) From: Warren Toomey Message-Id: <199906010412.OAA48498@henry.cs.adfa.edu.au> Subject: Pkt loggers: the port To: security@freebsd.org Date: Tue, 1 Jun 1999 14:12:48 +1000 (EST) Reply-To: wkt@cs.adfa.edu.au X-Mailer: ELM [version 2.4ME+ PL43 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org All, Several people sent in suggestions and improvements for my UDP and TCP packet logging software. I've taken onboard those ideas, and I've just created a FreeBSD port for the new software. Before I submit the final port, would anybody care to try it out and let me know if I've made any dumb mistakes! The port (as a shar file) is below. Thanks, Warren # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # pktsuckers1_2/Makefile # pktsuckers1_2/pkg/COMMENT # pktsuckers1_2/pkg/DESCR # pktsuckers1_2/pkg/PLIST # pktsuckers1_2/pkg/md5 # echo x - pktsuckers1_2/Makefile sed 's/^X//' >pktsuckers1_2/Makefile << 'END-of-pktsuckers1_2/Makefile' XDISTNAME= pktsuckers1_2 XCATEGORIES= security XMASTER_SITES= ftp://minnie.cs.adfa.edu.au/pub/NetSecurity/ XPREFIX= /usr/local X XMAINTAINER= wkt@cs.adfa.edu.au X X.include END-of-pktsuckers1_2/Makefile echo x - pktsuckers1_2/pkg/COMMENT sed 's/^X//' >pktsuckers1_2/pkg/COMMENT << 'END-of-pktsuckers1_2/pkg/COMMENT' XLog contents of unwanted UDP packets and TCP connections END-of-pktsuckers1_2/pkg/COMMENT echo x - pktsuckers1_2/pkg/DESCR sed 's/^X//' >pktsuckers1_2/pkg/DESCR << 'END-of-pktsuckers1_2/pkg/DESCR' XThe two programs tcpsuck and udpsuck run out of the Inetd daemon on Xunused ports. They log the contents of packets or connections to these Xports. This allows you to read the contents of the network strobe Xattacks on your machine. It also slows the strobes down, as they think Xyou're actually running a service on several ports when you aren't. X XWarren Toomey, wkt@cs.adfa.edu.au END-of-pktsuckers1_2/pkg/DESCR echo x - pktsuckers1_2/pkg/PLIST sed 's/^X//' >pktsuckers1_2/pkg/PLIST << 'END-of-pktsuckers1_2/pkg/PLIST' Xlibexec/tcpsuck Xlibexec/udpsuck END-of-pktsuckers1_2/pkg/PLIST echo x - pktsuckers1_2/pkg/md5 sed 's/^X//' >pktsuckers1_2/pkg/md5 << 'END-of-pktsuckers1_2/pkg/md5' XMD5 (pktsuckers1_2.tar.gz) = c3fe342b3afe8107854787fdf2631e35 END-of-pktsuckers1_2/pkg/md5 exit To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message