Here’s some stuff I’ve been either working with or reading up on lately, cool stuff that I’ve heard about in passing but isn’t in general usage yet:

  • hping - network packet generator, more like a network script adaptor. It provides low level packet generation functions to a TCL interpreter. Hping always gets mentioned at DefCon, and I say “Wow, I should check that out”, and then promptly forget. I was just wishing it had a python interface instead….

  • scapy - which is a Python interface to the same low level kinds of packet manipulation. Yum. Time to install Linux on an Ipaq with 802.11 support and go cause some mayhem.

  • softflowd - captures network traffic and provides aggregate statistics. MTRG is cool, but the second question is always “so what’s causing that spike”, and I’m hoping this can help out with that. Check out this ONLamp article about netflows. Another one I’ve heard about but never tried.