Index of /netreconn
Name Last modified Size Description
![[DIR]](/icons/back.gif)
Parent Directory 24-Jul-2010 10:54 -
![[DIR]](/icons/folder.gif)
.git/ 24-Jul-2010 10:55 -
![[TXT]](/icons/text.gif)
COPYING 24-Jul-2010 10:54 18k
ChangeLog 24-Jul-2010 10:54 4k
Makefile 24-Jul-2010 10:54 1k
README 24-Jul-2010 10:54 3k
netreconn.lsm 24-Jul-2010 10:54 1k
passive_scan.c 24-Jul-2010 10:54 4k
![[ ]](/icons/unknown.gif)
scanlan.1 24-Jul-2010 10:54 2k
scanlan.c 24-Jul-2010 10:54 16k
wiretraf.1 24-Jul-2010 10:54 1k
wiretraf.c 24-Jul-2010 10:54 13k
README FILE FOR NETRECONN
=========================
LICENSE: See COPYING in the source distribution for details.
THE NAME: '(net)work-(reconn)oiter' (netrecon is trademarked ...)
ABOUT: netreconn is a collection of network scan/recon tools that are
relatively small and usually faster compared to their larger cousins.
scanlan: A network port scanner that only does port scanning
wiretraf: A simple ipv4 traffic monitor, packet decoder and
arp traffic monitor
It should be noted that these tools are not meant to replace existing ones
but instead to compliment the *nix network troubleshooters toolbox. There
are certain things purposely missing in these in order to keep them small.
RECOMMENDED
-----------
For *deep* scanning nmap (http://www.nmap.org) is a far better utility
although it is larger than scanlan. For long distance
few ports scans take a look at doscan http://www.enyo.de/fw/software/doscan/.
Tcpdump is the obvious in depth sniffer if wiretraf is not meeting ones
needs. Also there is the tshark command line sniffer from wireshark which
is relatively small.
FEATURES
--------
- Ping-like only fast connect/select check
- Precheck support (skips dead hosts) and keeps going
- Tiny footprint with only one dependency (pcap) for the sniffer
- Easy to use and modify for your own systems
- Simple port range support e.g. -p 23 or -p 22-80
- Fine grained timeout support in seconds, useconds or both
- Fast by default but able to do non-strobes (past port 1024/no service mapping)
- Optional full tcp connect for every port
- Very fast packet watching capability with little tiny footprint
- Simple subnet specification in the form of x.x.x.x-X
- ipv6 support (EXPERIMENTAL)
- Session dump capability using libpcap during scans in parallel
- Simple packet payload decoding in ascii
- Added ARP traffic monitoring
SEE ALSO: Top of src files for TODOs
CONFIGURE
---------
Not all systems support the destination directories for manual pages and
binaries, edit the top of the Makefile to change these.
BUILD AND INSTALL UTILITIES
---------------------------
Netreconn has to be built for your platform. Tested platforms are:
linux freebsd netbsd darwin
* cd to where the sources are
* make <platform-name>
For instance - NetBSD do the following:
* cd to where the sources are
* make netbsd
Each binary (in case you are missing a library) can be compiled seperately
by name; e.g. 'make ip4map' will only compile that binary.
To try it out just:
./scanlan -v <hostname_or_IPaddress>
or
sudo ./wiretraf not port 22
Run `make install` to install to /usr/local/bin.
UNINSTALL
---------
Run `make uninstall` in the source directory to remove.
QUESTIONS/BRICKS
----------------
pantos.sys@gmail.com