Congratulations!

[Valid RSS] This is a valid RSS feed.

Recommendations

This feed is valid, but interoperability with the widest range of feed readers could be improved by implementing the following recommendations.

Source: http://www.habets.pp.se/synscan/rss.php

  1. <?xml version="1.0" encoding="iso-8859-1"?>
  2. <?xml-stylesheet type="text/xsl" href="rss.xsl"?>
  3.  
  4. <rss version="2.0"
  5. xmlns:synscanrss="http://www.habets.pp.se/synscan/synscan-rss.php">
  6. <channel>
  7. <title>Synscan</title>
  8. <link>http://www.habets.pp.se/synscan/</link>
  9. <description>Synscan. Thomas Habets stuff</description>
  10.  
  11. <language>en-us</language>
  12. <copyright>Copyright Thomas Habets 2004</copyright>
  13. <generator>fnord</generator>
  14. <docs>http://blogs.law.harvard.edu/tech/rss</docs>
  15. <ttl>60</ttl>
  16.  
  17. <item><title>arping</title><link>http://www.habets.pp.se/synscan/programs.php?prog=arping</link><description>Latest version: 2.18&lt;br/&gt;&lt;p&gt;NEW: Arping 2.x is for Libnet 1.1.x, arping 1.x is for libnet 1.0.x.&lt;/p&gt;&lt;p&gt;Broadcasts a who-has ARP packet on the network and prints answers. VERY useful when you are trying to pick an unused IP for a net that you don\'t yet have routing to. Then again, if you have no idea what I\'m talking about then you prolly don\'t need it.&lt;ul&gt;&lt;li&gt;You &lt;b&gt;really&lt;/b&gt; want this tool&lt;/li&gt;&lt;li&gt;It looks like ping (sort of)&lt;/li&gt;&lt;li&gt;It can ping ethernet addresses (if the target has IP configured)&lt;/li&gt;&lt;li&gt;Nice README with an FAQ&lt;/li&gt;&lt;li&gt;OSs: Linux, {Free,Net,Open}BSD, MacOS X, Solaris (and probably more).... and yes, even Windows (&lt;a href=&quot;http://mathieu.carbou.free.fr/wiki/index.php?title=How_to_compile_arping_under_Cygwin&quot;&gt;binary here&lt;/a&gt;)&lt;/li&gt;
  18. &lt;li&gt;&lt;a href=&quot;images/lj-2000-08-arping.jpg&quot;&gt;Mentioned in Linux Journal in aug 2000&lt;/a&gt;&lt;/li&gt;
  19. &lt;li&gt;Processors: alpha, arm, hppa, i386, x86-64, ia64, m68k, mips, mipsel, powerpc, s390, sparc, sparc64 and vax.&lt;/li&gt;&lt;/ul&gt;&lt;/p&gt;</description><synscanrss:version>2.18</synscanrss:version><synscanrss:bugs>Not a bug, but Arping 2.x is for libnet 1.1.x. For libnet 1.0.x, use arping 1.x (included in arping 2.08 package, just &quot;make arping1&quot;).</synscanrss:bugs></item><item><title>dejitun</title><link>http://www.habets.pp.se/synscan/programs.php?prog=dejitun</link><description>Latest version: 0.14&lt;br/&gt;&lt;p&gt;Creates a jitter-removing tunnel between hosts. Works on Linux and FreeBSD, but uses tun/tap API so it should be portable to more BSDs, Solaris and MacOSX.
  20. &lt;/p&gt;
  21. &lt;p&gt;
  22. The tunnel works by introducing an artificial delay. The tunnel will therefore have a long (configurable down to milliseconds) delay, but it will be stable.
  23. &lt;/p&gt;
  24. &lt;p&gt;
  25. The purpose of the tunnel is to get good TCP performance out of a tunnel with high jitter, since while a high round-trip time is handled well by TCP, jitter causes it to go haywire.
  26. &lt;/p&gt;
  27. &lt;p&gt;
  28. Mobile broadband (3G/GPRS) is a good example of high-jitter connections.
  29. &lt;/p&gt;</description><synscanrss:version>0.14</synscanrss:version><synscanrss:bugs>&lt;ul&gt;
  30. &lt;li&gt;Tunnel between FreeBSD and Linux currently requires option -A on both sides, and can (therefore) only tunnel IPv4 traffic&lt;/li&gt;
  31. &lt;li&gt;Endpoints currently must have correct time.&lt;/li&gt;
  32. &lt;/ul&gt;</synscanrss:bugs></item><item><title>gtping</title><link>http://www.habets.pp.se/synscan/programs.php?prog=gtping</link><description>Latest version: 0.15&lt;br/&gt;Like ping(8), but uses GTP ping requests to ping GGSNs and anything else that will answer them.
  33. </description><synscanrss:version>0.15</synscanrss:version><synscanrss:bugs></synscanrss:bugs></item><item><title>halfscan6</title><link>http://www.habets.pp.se/synscan/programs.php?prog=halfscan6</link><description>Latest version: 0.2&lt;br/&gt;An IPv6 tcp port scanner</description><synscanrss:version>0.2</synscanrss:version><synscanrss:bugs>Probably only works on Linux</synscanrss:bugs></item><item><title>ind</title><link>http://www.habets.pp.se/synscan/programs.php?prog=ind</link><description>Latest version: 0.12&lt;br/&gt;Indent output from subprocess. Perfect for scripting. Tested with FreeBSD &amp; Linux on x86 (version 0.10 tested with {free,net,open}BSD, linux, solaris, macosx on x86,amd64,alpha,sparc32,sparc64, ppc)</description><synscanrss:version>0.12</synscanrss:version><synscanrss:bugs>On BSD where stdin is terminal, but stdout is not (&quot;ind ./test | cat&quot;) it will bug out and not exit.
  34. </synscanrss:bugs></item><item><title>injcode</title><link>http://www.habets.pp.se/synscan/programs.php?prog=injcode</link><description>Latest version: 0.11&lt;br/&gt;Injcode attaches to the target process using ptrace(). It then copies code
  35. and data into the memory space of the process and runs that. Then it cleans
  36. up as if it was never there.
  37. Injected code includes:
  38. &lt;ul&gt;
  39. &lt;li&gt;move program from one tty to another&lt;/li&gt;
  40. &lt;li&gt;close fd&lt;/li&gt;
  41. &lt;li&gt;close fd and reopen another file in its place&lt;/li&gt;
  42. &lt;/ul&gt;</description><synscanrss:version>0.11</synscanrss:version><synscanrss:bugs>The tty-moving code doesn\'t seem to work on Linux 2.4.x yet.</synscanrss:bugs></item><item><title>ipidscan</title><link>http://www.habets.pp.se/synscan/programs.php?prog=ipidscan</link><description>Latest version: 0.2&lt;br/&gt;A portscanner using the ip.id method described by antirez on bugtraq on dec 15 1998. First public port scanner (that I\'m aware of) was published on bugtraq on dec 3 1999. This program was made public as a response to that on dec 4 1999.&lt;br /&gt;The scanner does not directly contact the target host and is therefore practically untracable.&lt;br /&gt;Requires libnet and libpcap.&lt;ul&gt;&lt;li&gt;Default is to send null packets for echo:ing, some firewalls block them. Override with -F&amp;lt;flags&amp;gt;&lt;/li&gt;&lt;li&gt;Lots of options. All nice.&lt;/li&gt;&lt;li&gt;Use -e instead of -o 256 if silent host is a windows box&lt;/li&gt;&lt;li&gt;Works on big and little endian boxen&lt;/li&gt;&lt;/ul&gt;</description><synscanrss:version>0.2</synscanrss:version><synscanrss:bugs>&lt;ul&gt;&lt;li&gt;Probably only works on linux.&lt;/li&gt;&lt;li&gt;Currently only uses one silent host per scan&lt;/li&gt;&lt;li&gt;ports are scanned sequentially&lt;/li&gt;&lt;/ul&gt;</synscanrss:bugs></item><item><title>irctree</title><link>http://www.habets.pp.se/synscan/programs.php?prog=irctree</link><description>Latest version: 0.10&lt;br/&gt;Show a tree representing the structure of an IRC network in ASCII. Depends on netcat.</description><synscanrss:version>0.10</synscanrss:version><synscanrss:bugs>No known ones.</synscanrss:bugs></item><item><title>moltiblock</title><link>http://www.habets.pp.se/synscan/programs.php?prog=moltiblock</link><description>Latest version: 0.10&lt;br/&gt;User-space plugin to netfilter for blocking lots of nets. No need to recompile kernel or patch other sources.
  43. &lt;br /&gt;
  44. A way way faster way (easier on the CPU) if you want to block lots of networks at once on a Linux-system.
  45. </description><synscanrss:version>0.10</synscanrss:version><synscanrss:bugs>Turning on stats (off by default) can cause a denial of service condition.</synscanrss:bugs></item><item><title>patch-linux-m1</title><link>http://www.habets.pp.se/synscan/programs.php?prog=patch-linux-m1</link><description>Latest version: 1&lt;br/&gt;Randomizes ip id numbers to disallow ip id portscan. It\'s not fool-proof, it only randomizes 8 bits out of a total of 16 bits to avoid reusing ip ids to soon. What this means is that it takes 256 (or 255 if port was open) packets per port to a host with this patch rather than 1 packet. Given that packets can (and are) lost now and then on that horrible Internet it\'s even safer than it sounds.&lt;ul&gt;&lt;li&gt;Can be turned off at compile and runtime (/proc/sys/net/ipv4/ip_random_id)&lt;/li&gt;&lt;li&gt;Should work on all architectures.&lt;/li&gt;&lt;li&gt;Not needed for 2.4.x since it has a better system for ip id randomness.&lt;/li&gt;&lt;li&gt;I ran this on ftp.habets.pp.se for 180 days straight, after which the UPS failed which caused downtime. So it\'s stable.&lt;/li&gt;&lt;/ul&gt;</description><synscanrss:version>1</synscanrss:version><synscanrss:bugs>None :)</synscanrss:bugs></item><item><title>pipebench</title><link>http://www.habets.pp.se/synscan/programs.php?prog=pipebench</link><description>Latest version: 0.40&lt;br/&gt;Measures the speed of a pipe, by sitting in the middle passing the data along to the next process. Works on at least Linux, OpenBSD, NetBSD, Solaris and x86, Alpha, HPPA, Sparc and Sparc64.</description><synscanrss:version>0.40</synscanrss:version><synscanrss:bugs>No known ones.</synscanrss:bugs></item><item><title>tlssh</title><link>http://www.habets.pp.se/synscan/programs.php?prog=tlssh</link><description>Latest version: 0.05&lt;br/&gt;Like SSH but based on TLS.  And you only log in using client certificates, never usernames or passwords.</description><synscanrss:version>0.05</synscanrss:version><synscanrss:bugs></synscanrss:bugs></item><item><title>uuturn</title><link>http://www.habets.pp.se/synscan/programs.php?prog=uuturn</link><description>Latest version: 0.1&lt;br/&gt;&lt;p&gt;Every wonder if someone is remotely logging in to one of your boxen
  46. and then going on to another? Now you can find out without even
  47. logging into the box by only analyzing the packets on the network!
  48. (bad description I know, but I\'m tired)
  49. &lt;/p&gt;&lt;p&gt;
  50. .debs are availible at &lt;a href=&quot;ftp://ftp.habets.pp.se/pub/synscan/debian/&quot;&gt;the ftp site&lt;/a&gt;.
  51. &lt;ul&gt;
  52. &lt;li&gt;Works on (at least) x86, sparc and hp&lt;/li&gt;
  53. &lt;/ul&gt;
  54. &lt;/p&gt;</description><synscanrss:version>0.1</synscanrss:version><synscanrss:bugs>Doesn\'t work on OpenBSD and solaris, and only tested on linux (busy busy, will fix)&lt;br&gt;
  55. &lt;b&gt;TODO&lt;/b&gt;&lt;ul&gt;
  56. &lt;li&gt;correlate UDP and ICMP to find backdoor shells&lt;/li&gt;
  57. &lt;li&gt;use some real connection tracker&lt;/li&gt;
  58. &lt;li&gt;resolving (off by default), also using custom hosts file
  59. &lt;li&gt;make ncurses interface&lt;/li&gt;
  60. &lt;li&gt;remove connections that close&lt;/li&gt;
  61. &lt;/ul&gt;</synscanrss:bugs></item><item><title>xor-analyze</title><link>http://www.habets.pp.se/synscan/programs.php?prog=xor-analyze</link><description>Latest version: 0.5&lt;br/&gt;XOR-analyze is a program for cryptanalyzing xor &amp;quot;encryption&amp;quot; with variable key length.&lt;ul&gt;&lt;li&gt;Could possibly crack bad implementations of one-time pads&lt;/li&gt;&lt;li&gt;Check http://www.habets.pp.se/synscan/files/ for windows binaries&lt;/li&gt;&lt;/ul&gt;</description><synscanrss:version>0.5</synscanrss:version><synscanrss:bugs>&lt;ul&gt;&lt;li&gt;I dunno, something just feels funny&lt;/li&gt;&lt;li&gt;Doesn\'t test all peaks of the \'graph\' generated by counting coincidences&lt;/li&gt;&lt;li&gt;TODO: add regexp rules to keys and input data&lt;/li&gt;&lt;/ul&gt;</synscanrss:bugs></item></channel>
  62. </rss>
  63.  

If you would like to create a banner that links to this page (i.e. this validation result), do the following:

  1. Download the "valid RSS" banner.

  2. Upload the image to your own server. (This step is important. Please do not link directly to the image on this server.)

  3. Add this HTML to your page (change the image src attribute if necessary):

If you would like to create a text link instead, here is the URL you can use:

http://www.feedvalidator.org/check.cgi?url=http%3A//www.habets.pp.se/synscan/rss.php

Copyright © 2002-9 Sam Ruby, Mark Pilgrim, Joseph Walton, and Phil Ringnalda