-
Compiling tcpdstat on Mac OSX (quick fix)
November 29, 2007Quick fix for compiling tcpdstat on Mac OSX (Leopard, although probably works for Tiger too). If you get this error: cc -I. -I../libpcap-0.7.1 -DLINUX -D__FAVOR_BSD -D_LARGEFILE_SOURCE=1 -D_FILE_OFFSET_BITS=64 -L../libpcap-0.7.1 -c stat.c cc -I. -I../libpcap-0.7.1 -DLINUX -D__FAVOR_BSD -D_LARGEFILE_SOURCE=1 -D_FILE_OFFSET_BITS=64 -L../libpcap-0.7.1 -c net_read.c net_read.c:74:1: warning: “__FAVOR_BSD” redefined <command line>:1:1: warning: this is the location of the previous definition […]
-
NSM Console projected module list
November 28, 2007Here’s a list of all the planned modules and completed (struck-out) modules for nsm-console: (if a module is struck out, it’s because I’ve finished making a module for it, it isn’t necessarily in the tarball for download) aimsnarf ngrep (gif/jpg/pdf/exe/pe/ne/elf/3pg/torrent) tcpxtract tcpflow chaosreader bro-IDS snort tcpdstat capinfos tshark argus ragator racount rahosts hash (md5 & […]
-
NSM Console – A framework for running things
November 27, 2007Well, I’ve been hard at work for the last couple of days working on a (hopefully) useful tool for aiding in NSM file analysis (for pcap files, live analysis doesn’t work). Behold! I present NSM-Console! (read more about it here, watch a screencast here) Download the framework here. Keep in mind this framework only includes […]
-
First extra package available for Hex 1.0.2! (honeysnap-1.0.6.11)
November 23, 2007The first addon packages are now available for Hex (version 1.0.1 or 1.0.2)! I have successfully created a FreeBSD port and a Hex package for the honeysnap project. You can find the files here (navi.eight7.org) until they are put into an official hex repository. If you only want the port, download the honeysnap-1.0.6.11.tar.gz file (note […]
-
Joining the Hex Network Security Monitoring LiveCD project
November 20, 2007Yep, that’s right, I’m going to be helping out with the Hex LiveCD project. I will hopefully be doing some development for some of the NSM tools and fixing bugs in the CD. In case you don’t know what Hex is, let me give you a little synopsis (from the Trac): “HeX LiveCD is a […]
-
A good set of baseline ipfw firewall rules for Mac OSX
November 16, 2007I want to point out the excellent baseline firewall rules posted by rmogull over on his blog. Check them out if you’re looking for a starting point for ipfw rules on OSX. Thanks rmogull!
-
Compile Ettercap-NG-0.7.3 natively on Leopard Fix
November 15, 2007UPDATE 2: njstaticuser mentioned he would like to know where to get this file below: I believe the file should be in /opt/local/var/macports/build/ – there should be a folder called _opt_local_var_macports_sources_rsync.macports.org_release_ports_<ettercap-ng> where <ettercap-ng> will be something like “net_ettercap-ng” (I don’t know the exact name because it has been cleaned from that directory). Under this directory […]
-
Fix for being unable to bootstrap fink on Leopard
November 13, 2007If you run into the following error trying to bootstrap fink (I was using version 0.27.8) on Leopard: ./Command/failure………………….ok 1/0 ./Command/failure………………….NOK 24/0# Failed test at ./Command/failure.t line 85. # ” # != # ‘0’ ./Command/failure………………….ok 41/0# Looks like you failed 1 test of 49. ./Command/failure………………….dubious Test returned status 1 (wstat 256, 0x100) DIED. FAILED test […]
-
Error installing arpwatch on Mac OSX Fix
November 13, 2007Another quickie, Anyone running into the following error: $ sudo make install Password: /usr/bin/install -c -m 555 -o bin -g bin arpwatch /usr/local/sbin install: bin: Invalid argument make: *** [install] Error 67 When trying to install arpwatch, edit the Makefile and replace all the occurrences of “-o bin” with “-o root” and all the occurrences […]
-
aimsnarf version 0.11 released
November 12, 2007Yea yea, I know, it’s only been a few hours since the first release. Well, here’s the new release with a couple of major todos taken care of: Download the script here. Read about aimsnarf in the previous post about it. Changes in this version: Trillian is now supported, as well as AOL’s AIM client. […]