Firewalking is a technique developed by Mike D. Schiffman and David E.
Goldsmith that employs traceroute-like techniques to analyze IP packet
responses to determine gateway ACL filters and map networks.
Firewalk the tool employs the technique to determine the filter rules
in place on a packet forwarding device.
This package was provided in PR 14020 by xs@nitric.net. I split it into
two separate packages, firewalk-gtk and firewalk, and modified it to use
buildlink functionality.
Firewalking is a technique developed by Mike D. Schiffman and David E.
Goldsmith that employs traceroute-like techniques to analyze IP packet
responses to determine gateway ACL filters and map networks.
Firewalk the tool employs the technique to determine the filter rules
in place on a packet forwarding device.
This package was provided in PR 14020 by xs@nitric.net. I split it into
two separate packages, firewalk-gtk and firewalk, and modified it to use
buildlink functionality.
LaBrea is a program that creates a tarpit or, as some have called it,
a "sticky honeypot". LaBrea takes over unused IP addresses on a
network and creates "virtual machines" that answer to connection
attempts. LaBrea answers those connection attempts in a way that
causes the machine at the other end to get "stuck", sometimes for a
very long time.
- Client works on Solaris again. It was broken in 3.2.
- Added DEFAULTROUTE=yes|no option to configuration file.
- Server parses address pool file better.
- Server address pool allows ranges of addresses on a line: a.b.c.d-e
- Added "-d" (=debug) and "-P" (=check pool file syntax) options to
pppoe-server.
- Client now ignores PADT's if they are from the wrong source MAC address
or to the wrong destination MAC address.
- Minor fixes to Makefile.in for Turbolinux.
- Improved KERNEL-MODE-PPPOE instructions
- Works with patched pppd 2.4.1
- Many improvements to server: Added "-u" and "-r" options; server can
now respond to request on multiple Ethernet interfaces.
- SECURITY BUG FIX: Server now ignores PADT's if they are from the wrong
source MAC address. You are STRONGLY RECOMMENDED to upgrade to 3.1
if you use pppoe-server in production.
- Many small improvements to server. Server now only makes one
discovery socket, systemwide, with addition of "-n" option to pppoe.
- Fixes for compilation problems on BSD, Solaris and some Linux platforms.
- Added "-p" option to pppoe-server to allow you to specify a pool of
IP addresses to assign to clients.
- Added GUI system (tkpppoe). This work was funded by Iospan
Wireless, Inc. The GUI includes a Set-UID wrapper (pppoe-wrapper)
which allows ordinary users to control a link (if so authorized.)
I believe the wrapper script is secure, but please audit the
source code (gui/wrapper.c) if you have any concerns.
- Changes to scripts and pppoe.conf. DNS setup is now dynamic (happens
each time adsl-connect runs.)
- Made relay.c check packet lengths rigorously; made it throw out Ethernet
frame padding on session packets as well as discovery packets.
Changes since 0.4.9:
* OAF instead of gnorba, thanks to Christophe Fergeau
<teuf@users.sourceforge.net>
* Added support for HTTPS protocol since wget supports it but you
need to upgrade wget to 1.7
* New icons thanks to Paolo Bacchilega <paolo.bacch@tin.it>
* Proxy settings are better looking now
* Timeout value for wget is configurable now
* Added new pref to run a shell command when all downloads
completed (in other words, when gtm has done all it can do without
user intervention).
* Fixed bugs:
- Crash when the config file was corrupted thanks to
João Alves Marques Carneiro <ee96090@fe.up.pt>
- Check that target dir exists and is writable
- Do not overwrite an existing file without asking the
user if he wants a override or a resume
- Fixed some problems in the spec file, thanks to Alex
Converse
Changes since 0.34:
* Added preforked childs to mode 'single'.
* t/server (Run): Child process is now waiting one second
in forking mode. Helps the script t/forkm.t to run fine.
some changes by me (strongly buildlinked now).
ATTENTION: If package compilation is failing for you on -current in the
linking step, make sure you have /usr/include/libintl.h v1.2 (2001/08/13)!
[Thanks for the tip, Johnny!]
Some of the changes since 2.3.9 (for a complete log see ${WRKSRC}/NEWS):
* sometimes lftp did not expand tilde in remote path - fixed.
* new setting ftp:home to specify starting directory explicitly. Set it
to `/' to override RFC1738 ftp url semantics if you don't like the
look of `ftp://host/%2Fpath'.
* improved abort sequence for passive mode, now wu-ftpd does not hang.
* fish protocol support (over plain ssh connection).
* use CONNECT method for https over http proxy.
* support for variable name completion (Nicolas Noble).
* queue editing support (Glenn F. Maynard).
* support http keep-alive in case of chunked transfer encoding.
* terminate some never-ending jobs before moving to background.
* support for HTTP/1.1 416 reply code.
* support for ftp ACCT command (ftp:acct variable) and for SITE GROUP command
(ftp:site-group variable). E.g. `set ftp:acct/user@host account/password'.
* new setting ftp:port-ipv4 to specify explicitly IP address sent with PORT
command (suggested by Julien Oster and Jonas Jensen with patches).
* new setting ftp:ssl-auth to specify AUTH argument to use (SSL, TLS, TLS-C
or TLS-P).
* roxen directory listing support.
* new settings ftp:retry-530 and ftp:retry-530-anonymous. Retry on server
reply 530 for PASS command if text matches these regular expressions.
These settings should be useful to distinguish between overloaded server
(temporary condition) and incorrect password (permanent condition).
* retry ftp login quickly on next address if the server has many (works
well on ftp.redhat.com, for example).
* improved fuzzy variable name matching. Exact prefix and exact name after
prefix are taken into account separately. E.g. http:pro is not ambigous
now between http:proxy and https:proxy.
* implemented -c option for reverse mirror (mirror -R -c).
* allow open "" to switch to disconnected dummy session.
* allow adding bookmark for disconnected dummy session.
* new translation zh_TW (by R.I.P. Deaddog <maddog@linuxhall.org>).
* made `lftp@' the default ftp password.
As well as many bug fixes and translation updates.
Changes from version 1.0:
Introduced support for reporting network address, broadcast address,
number of IPs, first IP and last IP.
Made some source adjustments to facilitate compiling under
Win32, MacOS Classic and MacOS X.
Optimized a routine or two.
Cleaned up code / headers.
* Many changes to the internal data structures (not backward compatible!)
* Centralized backups
* Lots of bug fixes
* Many other feature enhancements
Requested by Ben Wong <benjamin.wong@cc.gatech.edu>.
While there, fix the dependency on ocaml, and install some docs.
PACKAGE DEVELOPERS: please don't just include binaries into pkgs!
foo-* to foo-[0-9]*. This is to cause the dependencies to match only the
packages whose base package name is "foo", and not those named "foo-bar".
A concrete example is p5-Net-* matching p5-Net-DNS as well as p5-Net. Also
change dependency examples in Packages.txt to reflect this.
crank down the maximum number of commands to feed one sed. Otherwise
config.status won't work with any of sun's seds.
Doing something with gsed won't work because while you can tell a
package to use a given sed (via ${SED} if needed), you can't tell
configure to use a given sed.
Tcpslice extract pieces of and/or merge together packet trace files generated
using tcpdump's -w flag. Tcpslice uses libpcap, a system-independent interface
for user-level packet capture.
Provided in pkg/13926 by Stoned Elipot <seb@pbox.org>.
and Windows 2000 terminal servers, into the packages collection.
Package provided in PR 14059 by Grant Beattie (grant@grunta.com), slightly
modified by myself.
