PARD: Networking
netatalk is an implementation of the AppleTalk Protocol Suite for Unix
systems. The current release contains support for EtherTalk Phase I and II,
DDP, RTMP, NBP, ZIP, AEP, ATP, PAP, ASP, and AFP.
DDP is in the kernel. atalkd implements RTMP, NBP, ZIP, and
AEP. It is the AppleTalk equivalent of Unix routed and
ifconfig. There is also a client-stub library for NBP. ATP and ASP are
implemented as libraries. papd allows Macs to spool to lpd or a pipe, and
pap allows Unix machines to print to AppleTalk connected printers. psf is a
PostScript printer filter for lpd, designed to use pap. psorder is a
PostScript reverser, called by psf to reverse pages printed to face-up
stacking printers. afpd provides Macs with an interface to the Unix file
system.
Citadel/UX is a robust, powerful, flexible, scalable BBS program designed
for use on Unix (Linux) systems. Its powerful high-performance multithreaded
server core allows the system to be used for anything from a dial-up
hobbyist BBS to a large interactive Internet site.
Socket Script is a new scripting language to easily make networking oriented
applications.
Socket Script has been made for people that want to create
networking-oriented programs, but don't want to learn all the socket stuff.
It has multiple network commands that enable you to tell the script
interpreter where you want to connect, and all you have to do is focus on
the script itself, leaving the connection parts to SScript. The best part is
that most scripts will run on most Unix workstations, and win32 platforms.
gpppkill is a program for Linux that finishes the ppp connection if it not
receive a minimal amount of bytes during certain time.
The masqdialer system is designed to provide easily accessible control of
multiple dialout modem connections to the members of a LAN using IP
Masquerade for their internet connectivity. The system is a client/server
design, so as long as a client can be written for a particular platform,
that platform can take advantage of masqdialer's offerings. The masqdialer
daemon runs on the linux machine, and upon an authorized client request,
carries out the user's request.
TkMasqdialer is a client for the masqdialer daemon. You might find it useful
if you get sick and tired of telneting from a masqueraded machine without a
modem to a machine that has a modem to get online.
Some of the main features include a timer that displays how long a
connection has been active, plays a specified sound file on connection and
disconnection, sound can be muted, and status bar help.
Allows users over a network (LAN, WAN, Internet) to submit details of jobs
completed. Details can include cost, date, customer, and date. The admin is
able to generate a report based on data entered.
VNC stands for Virtual Network Computing. It is, in essence, a remote
display system which allows you to view a computing 'desktop' environment
not only on the machine where it is running, but from anywhere on the
Internet and from a wide variety of machine architectures.
mgetty allows you to make optimum use of your modem in a unix environment.
mgetty handles incoming calls without interfering with outgoing calls. If
the modem can do fax class 2 or 2.0, mgetty can also receive faxes.
sendfax is a standalone backend program to send fax files. If you have a
standard class 2 fax modem, with sendfax you are able to:
- send faxes directly or using shell scripts
- do fax polling,
this means you can call the weather station and get them to send you a fax
containing the current weather map. (Not all modem manufacturers implement
this feature in their modems!)
- create a fax queue, outgoing
faxes get sent automatically, the user is informed by mail about the result.
Karpski is a sniffer which runs on Xwindows and Gtk.
Karpski features watches, a protocol language to add new protocols, to-disk
capturing of packets, automatic station location, alarms when new stations
are found, realtime statistics, protocol identification by packet and bytes
and scan sounds (currently KITT's scan sound from Knight Rider :).
The programs are needed to turn your workstation in a NIS server. It
contains ypserv, ypxfr, rpc.ypxfrd, rpc.yppasswdd, yppush, ypinit,
revnetgroup, makedbm and /var/yp/Makefile.
InterNetNews is a complete Usenet system. The cornerstone of the package is
innd, an NNTP server that multiplexes all I/O. Think of it as an nntpd
merged with the B News inews, or as a C News relaynews that reads multiple
NNTP streams. Newsreading is handled by a separate server, nnrpd, that is
spawned for each client. Both innd and nnrpd have some slight variances from
the NNTP protocol (although in normal use you will never notice); see the
manpages. INN separates hosts that feed you news from those that have users
reading news.
Leafnode is a news server for small sites which is very easy to install and
maintain.
sn is a hassle-free usenet news system for small sites.
The primary use for suck is to feed a local INN or CNEWS server, without the
remote NNTP feeding you articles. It is designed for a small, partial news
feed. It is not designed to feed 10,000 groups and 3 Gigs of
articles a day.
This package contains software for copying news from an NNTP server to your
local machine, and copying replies back up to an NNTP server.
The suck/rpost combination allows you to run your own INN/CNEWS site,
controlling where you get your news, and where you post outgoing articles.
suck/rpost use only standard NNTP commands that are used by your favorite
news reader (tin, xvnews, strn) such as POST and ARTICLE. If you can use tin
or xvnews against a NNTP site, than you can use suck/rpost.
suck- Pull a small newsfeed from an NNTP server
-
lpost - Gives one article fetched by
suck to the
local server. rpost- Posts article(s) to a remote NNTP
server
testhost- Check to see what commands your host
recognizes or get the active or new list.
lmove- put
articles in news/group/number format.
Connect is a client-server program designed to ease the sharing a PPP link
over a small network. When a client requests the link to be open, the server
launches pppd and keeps it up until all previously logged clients have said
they would not need it any more. Clients come in two flavors, a command-line
program and java applet. This way, several users and/or background processes
may share the link without even knowing of others' connection needs since
connectd does the job.
apsfilter is a lineprinter input filter for systems with a BSD-like printing
mechanism (lpd, /etc/printcap), that saves users a lot of work when printing
different file types whether compressed or not.
Additionally it enables non Postscript printers, that are supported by the
free postscript emulator ghostscript, to print postscript files
automatically.
rsync is a replacement for rcp (and scp) that has many more features. It
uses the rsync algorithm which provides a very fast method for remote files
into sync. It does this by sending just the differences in the files across
the link, without requiring that both sets of files are present at one of
the ends of the link beforehand.
SSH (Secure Shell) is a program to log into another computer over a network,
to execute commands in a remote machine, and to move files from one machine
to another. It provides strong authentication and secure communications over
insecure channels. It is intended as a replacement for rlogin, rsh, rcp, and
rdist.ssh.
The IP Registry provides a public central database where information such as
email addresses, hostnames, IPs etc. can be stored and retrieved. It is
designed to be easily extensible.
One aim of this project is to solve some of the problems associated with
dynamic IPs. It provides a server that can store password-protected email
addresses with IPs and hostnames and accepts queries based on email
addresses. It has also been extended to support dynamic DNS, email and web
forwarding.
Samba is a suite of programs which work together to allow clients to access
to a server's filespace and printers via the SMB (Server Message Block)
protocol. Initially written for Unix, Samba now also runs on Netware, OS/2
and VMS.
In practice, this means that you can redirect disks and printers to Unix
disks and printers from Lan Manager clients, Windows for Workgroups 3.11
clients, Windows NT clients, Linux clients and OS/2 clients. There is also a
generic Unix client program supplied as part of the suite which allows Unix
users to use an ftp-like interface to access filespace and printers on any
other SMB servers. This gives the capability for these operating systems to
behave much like a LAN Server or Windows NT Server machine, only with added
functionality and flexibility designed to make life easier for
administrators.The components of the suite are:
- smbd, the SMB server. This handles actual connections from clients,
doing all the file, permission and username work
- nmbd, the Netbios name
server, which helps clients locate servers, doing the browsing work and
managing domains as this capability is being built into Samba
- smbclient,
the Unix-hosted client program
- smbrun, a little 'glue' program to help
the server run external programs
- testprns, a program to test server
access to printers
- testparms, a program to test the Samba configuration
file for correctness
- smb.conf, the Samba configuration file
- smbprint, a
sample script to allow a Unix host to use smbclient to print to an SMB
server
Sentry is part of the Abacus Project suite of security tools. It is a
program designed to detect and respond to port scans against a target host
in real-time. There are other port scan detectors that perform similar
detection of scans, but the Sentry has some unique features that may make it
worth looking into:
- Runs on TCP and UDP sockets to detect port scans against your system.
Sentry is configurable to run on multiple sockets at the same time so you
only need to start one copy to cover dozens of tripwired services.
-
Stealth scan detection (Linux only right now). Sentry will now detect
SYN/half-open and FIN stealth scans. Four new stealth scan
operation modes have been added to greatly increase the power of this
package.
- Sentry will react to a port scan attempt by blocking the host in
real-time. This is done through configured options of either dropping the
local route back to the attacker, using the Linux ipfwadm command, *BSD ipfw
command, and/or dropping the attacker host IP into a TCP Wrappers host.deny
file automatically.
- Sentry has an internal state engine to remember hosts
that connected previously. This allows the setting of a trigger value to
prevent false alarms and detect "random" port probing.
- Sentry will report
all violations to the local or remote syslog daemons indicating the system
name, time of attack, attacking host IP and the TCP or UDP port a connection
attempt was made to. When used in conjunction with Logcheck it will provide
an alert to administrators through e-mail.
© 1999 by Stefan Hornburg
<racke@linuxia.de>
Last modified 03. June 1999
