Network/Security Tools TLS 2.4 containing argus-1.5, arpwatch-1.7, courtney-1.3, dumpscreen-1.0, nacl-2, sockinfo-2.8, spyfs-1.1, ss-1.0, and tcpdump-3.0.4+ This is the high level README which describes features of each of the above programs. More information on each program can be found in the respective README file. The source code used to build the programs in this TLS is not available from SCO at this time. Most of the binaries in this TLS will not work on any SCO release prior to Open Server 5.0.0. Aside from sockinfo, versions of these programs are not available for releases prior to Open Server 5.0.0. These programs are being ported to UnixWare 2.1. So far, I have completed tcpdump. The UnixWare version does not require a dedicated NIC. Descriptions argus: gather statistics of packets applied against filter specification. arpwatch: maintains database of ARP or RARP traffic and sends root mail for new machines or when MAC or IP address changes courtney: perl wrapper around tcpdump to check for SATAN probes dumpscreen: show the contents of a multiscreen(M) to stdout. nacl: BSD socket access control list driver. sockinfo: netstat -a with a lot more detail. a similar program is lsof (anonymous ftp to vic.cc.purdue.edu:pub/tools/unix/lsof) spyfs: A filesystem that allows authorised users to watch people typing on console, serial ports, or pseudo ttys, as well as any program output. Also shows multiscreen(M) contents. Can also inject characters as if they typed it. ss: show STREAMS stacks and any data stuck in a queue. same as crash(ADM)'s stream and queue commands only displayed differently. tcpdump: shows network traffic on wire that matches a criteria you select. I'm interested in hearing any comments (good or bad) you may have on any of the programs in nettools. Send them via email to nathan@sco.com. Future work as time permits... ------------------------------ - add a "tap" STREAMS module between MDI driver and DLPI module to eliminate dedicated-NIC requirement for argus, arpwatch, and tcpdump. - add TLI and hours of operation support to nacl - create a "dup" interface for TCP/IP which will automatically send packets to the appropriate interface in case of NIC hardware problems. Required Legal Stuff -------------------- THIS SOFTWARE IS PROVIDED BY THE THE SANTA CRUZ OPERATION ("SCO") ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL SCO BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - THE END -