Notes for TCP/IP Weapons School Students
This note is intended for students in my TCP/IP Weapons School class at USENIX Security 2006 . These are the tools that will be discussed. Remember, this is a class on TCP/IP -- tools are not the primary focus. However, I needed something to generate interesting traffic. Nemesis Arping Arpdig Arpwatch Arp-sk Dsniff suite Ettercap Yersinia Fragroute Sing Gnetcat Packit Gont attacks ICMPshell The traces we will analyze are available at www.taosecurity.com/taosecurity_tws_v1_traces.zip . You will need to have Ethereal , Wireshark , or a similar protocol analyzer installed to review the traces. Tcpdump might be somewhat limited for this class but you can at least inspect packets with it.