addTraceLabels.pl | A Perl script to send a labeling frame for inclusion into a protocol analyzer trace file |
delta.pl | A Perl script to calculate the delta values between 2 or more sets of numbers contained in a file |
delta_time_stamp.pl | A Perl script to calculate the delta time between timestamps at the start of a line |
genpass2.pl | Perl script to generate "good" passwords based on easy to remember passphrase |
genpass_javascript.html | JavaScript script to generate "good" passwords based on easy to remember passphrase |
graph concurrent connections | Graph concurrent connections in a packet trace file not really a script but an example of how to do it using tshark and gunplot |
split-pcap.pl | Perl script to separate the TCP flows in a pcap file -- See split-pcap.py below for an updated version that does not have the file number limitation of this script |
tcplisten.pl | Perl script to listen on a TCP port and send back a specified message when there is a connection |
tshark-data-2-text.pl | A perl script that takes a character string in the format of XX:XX:XX:XX... where each XX is between 00 and FF and converts it to reachable text. Design to be used with tshark-follow-stream.sh. |
tshark-follow-stream.sh | A shell script that calls tshark to output a packet stream, color coding the segments in each direction, requires the tshark-data-2-text.pl perl script |
tuc.pl | Perl script to send a UDP datagram to a speficied IP address and por and wait for a response |
udpecho.pl | Perl script to listen on a UDP port and echo back a response when a datagram is received |
ping-date.sh | A shell script to ping a host using the date/time as text as the payload |
measure_retrans_effect.sh | A shell script to measure the effects of retransmissions |
average.sh | A simple wrapper around tshark to extract a fields from a set of packets and average them. |
build_filter.sh | Builds a tshark filter by ANDing or ORing the values in a list with a tshark variable |
bytes-in-flight.sh | Calculates the bytes-in-flight and available window for every single TCP segment in a connection instead of only when segments are sent (which is what Wireshark does). Gives a more (I think) realistic view of bytes in flight and available window.. |
check-subnet.sh | Test whether an IPv4 address is part of a subnet or not |
dns-time.sh | Calculates the DNS response time for each answered DNS query and lists unanswered queries. |
failed-connection-attempts.sh | Find TCP connection attempts that have a failed. There are 7 failure scenarios. |
find-ips.sh | Uses egrep to list all strings in a file that match an IPv4 address format and then sort -u to get a unique list. Really just a one-liner by this way I do not have to remember (or type) the egrep string. Its useful with build-filter.sh to create a filter to display all the IPs listed in say a log file. |
find-mangled-sequence-numbers.sh | Find TCP connections where some middleware device has rewritten the TCP header sequence numbers but not the numbers in the SACK block. |
find-reset-connections.sh | Find TCP connections that have been reset without being closed. |
find-retran-failures.sh | Find TCP connections that appear to have failed because of retransmission failures. |
fix-pcap.sh | Removes a partial packet at the end of a packet trace file. |
local-drops.sh | For each retransmitted TCP segment determine if the segment is seen more than once. |
packet-matcher-faster.sh | Compares IP ID and absolute TCP sequence and ACK numbers between two traces to match up TCP segments where the IP addresses and or TCP have been changed (i.e. NAT). |
packet-matcher.sh | Extracts byte strings from a TCP stream in a template trace and looks for the strings in a target trace. The goal is to find a match TCP stream in the target trace file. |
percent-retransmissions.sh | For every connection in the trace file calculate the percentage of retransmissions for every source IP address as retransmissions / not-retransmitted source segments. segments must contain data, i.e.will not identify retransmitted SYNs or FINs without data. |
ping-message.sh | A script to send an ICMP echo request (ping) with a 16 character message embedded in it instead of the standard sequence of ascii characaters. |
ping-time.sh | A script to send an ICMP echo request (ping) with a 16 character time stamp (HH:MM:SS.sssssssss) embedded in it instead of the standard sequence of ascii characaters. |
split-pcap.py | Reads X.pcap and creates a set of X.pcap_IP1-Port1_IP2-Port2_split.pcap files, one for each TCP four-tuple. Reads only pcap files not pcapng. Requires Python and the scapy module. |
start-packet-tracing.sh | Runs tcpdump in the background with 10 files of 100 Meg each. |
stream-throughput.sh | Calculate the throughput of all TCP streams in a trace file. |
throughput-per-sec.sh | Calculate throughput per second of a specific stream at resolutions of 1, 1/10, 1/100, and 1/1000 of a second. results are suitable for graphing. |
time-summary.sh | Finds all files in the current directory and any sub directories and displays then start and end times in sorted order. |
unterminated-connections.sh | Find TCP connections that have not been closed or reset. |
3rd_party_keep_alive.cm.cm | Command macro that given a socket's PCB address calls 3rd_party_keep_alive.pm every N minutes to keep a connection active |
3rd_party_keep_alive.pm | sends a TCP segment mimicking a keep-alive segment from the specified connection. |
arp_flush.cm | Flushes the STCP ARP cache by deleting each entry in the cache one at a time |
arp_scan.cm | Uses a fast ping to generate an ARP request for each host in a class C subnet and then dumps the resulting ARP table. Similar to scan.cm but simpler. |
beacon.c | Beacon packet to assist in protocol trace synchronization |
BPRI_LO_alert.cm | Sends 25th line message when current STREAMS memory usage exceeds specified threshold |
BPRI_LO_check.cm | Displays current and max STREAMS memory usage |
cr.pl | Perl script to add (or remove) carriage return characters to the end of lines prior to (or after) transferring files to (or from) an MS Windows system using SFTP or FTP in binary mode |
cycle_output_files.cm | Runs a process till the output file gets to a certain size then stops it and runs it again cycling to another output file |
dump_process_set.cm | Execute a set of analyze_system requests against a set of running processes |
dump_streams.cm | Gather as much information as possible about the current STREAMS usage |
find_my_ip_address.cm | A script that can be used to determine your public IP address |
fnet.cm | Filter the output of the STCP netstat command |
gather_stcp.cm | Gather STCP Interface and Ethernet adapter statistics for performance monitoring and troubleshooting |
get_connection_meters.cm | Dump the stcp_meters statistics for a select connection or connections |
get_process_sockets.cm | A macro to dump the TCB and socket meters for all sockets associated with a process (or processes). This keys off of a process name or number |
get_socket_info.cm | Dump the stcp_meters statistics and/or TCB data for a select connection or connections. This keys off IP address, port number or TCB address |
get_switch_interface_stats.cm | A macro to dump the interfaces group counters from the MIB-II MIB for a specific port on a switch. |
list_all_process_network.cm | List all the STCP IP socket connections for all process currently running. See tcp_socket_owner.cm for a faster alternative that might do what you need. |
list_process_network.cm | List all the STCP IP socket connections for a given process |
list_vterm_parameters.cm | List the parameters needed for telnet_msd to work for all vterms matching a star name |
logd.c | C source code for a very simple log server |
map_connections.cm | A macro to call both map_telnetd_connections and map_secured_connections. |
map_telnetd_connections.cm | Display or write a file containing a list of all users who are connected to the module via telnetd, the device they are connected to and the IP address and port number they are connecting from. |
map_secured_connections.cm | Display or write a file containing a list of all users who are connected to the module via sshd, the device they are connected to and the IP address and port number they are connecting from. |
match.pl | Perl script to match lines from files or command output |
monitor_sdlmux_adapter_status.cm | Periodically checks the status of network links and sends 25th line message and puts entry in the syserr_log if it finds that a link is down or an adapter has failed. |
netstat-all-interfaces.cm | loop through all STCP interfaces doing netstat -interface |
netstat_filter.pl | Monitor netstat output filtering out uninteresting lines |
new_resolve.c | Example program showing how to call getaddrinfo to resolve host names |
osl_server_times.cm | Commad macro to display the last_run_time for all the osl_server processes |
personal_ssh_setup.cm | Set up Stratus STCP SSH to use public key authentication |
ping_forever.cm | Continuously ping a host without flooding the network |
pm.cm | Run STCP packet_monitor with the most common/useful options |
pm21line.pl | Combines all of the protocol header lines displayed by packet_monitor into 1 line eliminating non-header lines |
pm2text2pcap.pl | Perl script to process packet_monitor out so that text2pcap can be run over it to create a pcap file |
process_packet_monitor_scan.cm | Processes the output of packet_monitor to construct a list of seen IP addresses |
resolve.c | Example program showing how to call gethostname to resolve host names |
scan.cm | A scanner to find all hosts on a local subnet (uses ARP) |
send_cmds.c | C program that allows you to log into a remote system via "telnet" and execute commands in a script. Allows execution within a command macro |
smtp.pl | Perl script using the SMTP Perl module to sent an E-mail or SMS message |
socket_count.cm | Calculate the current socket usage and how close to the various limits you are |
start_more_osl_servers.cm | Command macro to start more osl_server processes |
stcp_deadgw.cm | Determine if a STCP gateway has stopped working and switch to another gateway (MS Word file) |
stcp_device_lockers.cm | List all the processes with an STCP device clone locked - sorted by number of devices locked |
stcp_tping.c | C program that "pings" a remote host by establishing a TCP connection (MS Word file). |
tcpos_deadgw.cm | Determine if a TCP_OS gateway has stopped working and switch to another gateway (MS Word file) |
tcp_socket_owner.cm | List processes attached to an STCP TCP socket. This is much faster than list_all_process_network.cm but does not list UDP sockets or identify the actual connections. It also requires perl. |
timeout_recv.c | An example of how to timeout a blocking recv so that it does not block forever |
whos_running.cm | list who bound the program module and who created the file for every running program module |
beacon.c | Beacon packet to assist in protocol trace synchrontization |
dgw.pl | Perl script to determine if a gateway has stopped working and switch to another gateway (MS Word file) |
genpass.exe | Password generation program, runs under Windows. |
kill_dumpcap.vbs | A VBS script to stop a dumpcap (Wireshark) trace when a packet is seen (or not seen) in a tracefile. |
list_dumpcap.vbs | A VBS script to list the PID of all the dumpcap (Wireshark) processes running. |
ListFilesBySize.vbs | A VBS script to list all files in a directory tree sorted by size |
netstat-statistics.vbs | A VBS script to periodically collect network statistics for baselining and trouble shooting Windows systems |
ping_trigger.vbs | VBS script to ping a host and execute a command if the ping fails |
tping-w.pl | Perl script that uses TCP to "ping" a host. |
mm.c | Proxy program to split and combine application layer messages accross and within TCP layer segments. This tests an applications ability to correctly handle TCP's byte stream protocol versus a mesage protocol. The program is written in C for FreeBSD but it should compile on just anout any Unix or Linux platform. |