Autotunnel is a small program for setting up ipip-tunnel automatically.
BlockSSHD protects computers from SSH brute force attacks by dynamically blocking IP addresses by adding iptables rules.
brip is a tool that performs bulk or stream resolution of IP addresses and hostnames, in any combination. It can read from STDIN, the command line, or a file.
clusterit is a collection of clustering tools, to turn your ordinary everyday pile of UNIX workstations into a speedy parallel beast.
Complemento is a collection of tools for penetration testing. LetDown is a TCP floder written after reading the Fyodor article "TCP Resource Exhaustion and Botched Disclosure". Reverse raider is a domain scanner that uses brute force wordlist scanning for finding a target's subdomains or reverse resolution for a range of IPs. Httsquash is an HTTP server scanner, banner grabber, and data retriever. It can be used for scanning large ranges of IPs for finding devices or HTTP servers.
Expiretable is a utility for removing entries from a pf table based on the age of the entries. This, among other things, can be used with a pf overload table to build a maintenance-free SSH brute force blocker.
Fake allows you to take over the IP address of another machine in the LAN by bringing up an additional interface and making use of ARP spoofing.
fixsrcip is a tool for binding outgoing TCP and UDP client sockets (IPv4) to specific source IP addresses on multi-homed hosts.
force_bind allows you to force binding on a specific IP and/or port. It works with both IPv4 and IPv6.
Gip Internet Protocol Calculator
Gip is an IP address calculator that integrates well with the GNOME desktop environment. Gip provides system administrators with tools for IP address based calculations.
Giplet is a simple GNOME panel applet that displays your computer's ip address. Giplet can either display the ip address of a specified ethernet interface or the ip address the outside world sees.
grepcidr can be used to filter a list of IP addresses against one or more Classless Inter-Domain Routing (CIDR) specifications, or arbitrary networks specified by an address range. As with grep, there are options to invert matching and load patterns from a file.
Hostinfo is a utility for looking up hostnames and IP(v4) addresses. Hostinfo uses the gethostbyname and getaddrbyname function calls.
This is a small application for tunnelling an arbitrary TCP socket connection over HTTP. It can be used, for example, to tunnel traffic out from behind a restrictive firewall that only allows outgoing HTTP web connections.
IP Sentinel tries to prevent unauthorized usage of IPs within the local ethernet broadcastdomain by giving an answer to ARP-requests. After receiving such a faked reply, the requesting party stores the told MAC in its ARP-table and will send future packets to this MAC.
The goal of IP-Link is to see the relationships between different IP from network traffic capture, thus quickly for a given address with the IP that communicates the most.
ipac-ng is an ip accounting package for linux. It collects, summarizes and nicely displays ip accounting data.
ipcalc takes an IP address and netmask and calculates the resulting broadcast, network, Cisco wildcard mask, and host range.
ipclassify is a user space application that blocks/marks connections from/to hosts based on lists specified in a configuration file.
Iproute2 is the name of a collection of utilites for controlling TCP / IP networking and Traffic Control.
ipset allows administration of sets of IP addresses/networks, ports, MAC addresses, and interfaces, which are stored in hash or bitmap data structures
iptoip maintains an ipvsadm table coherent. It is specially useful when using an intermittent internet conection or when your ISP breaks conections to reaffect IP adresses.
LCDNetstat displays the TCP/IP connections of a computer on a external LCD screen.
Local IP Takeover
Local IP Takeover provides network link redundancy within a single server that has multiple network interface cards (NICs) with each NIC connected to separate network switches.
MAC Changer is a utility for viewing/manipulating the MAC address of network interfaces.
Network Tracker builds a table which records which user is connected on which port of a switch by scanning SNMP-enabled devices.
NorthStar is a system to help track and allocate IP Addresses in an IP Network.
Paketto Keiretsu is a collection of tools that use new and unusual strategies for manipulating TCP/IP networks. They tap functionality within existing infrastructure and stretch protocols beyond what they were originally intended for.
Program Guard allows the user of a Linux workstation to specify which application programs that are allowed TCP/IP connections to the Internet (Internet addresses are defined as any IP address not in the range of 10.0.0.0/24 or 192.168.0.0/16).
pySortNet sorts IP addresses (IPv4 and IPv6) and hostnames given on standard input such that addresses and names are grouped in logical groups.
SendIP is a command line tool to allow sending arbitrary IP packets.
shd-tcp-tools is a set of TCP network tools that supports port forwarding, network load balancing, rate limiting, and running servers behind firewalls.
sipcalc is an ip subnet calculator that currently comes in two versions. A console version and a web (cgi) version.
StdioTunnel allows you to tunnel arbitrary TCP connections through any connection that approximates a tty with a clear 8-bit data path. In this sense it provides the same kind of functionality as ppp, but for a limited, fixed set of connections.
Stone TCP/IP packet repeater
Stone is a TCP/IP repeater in the application layer. It repeats TCP and UDP from inside to outside of a firewall, or from outside to inside.
Tableutil is a utility for converting, aggregating and performing operations (currently unions, differences, complements and intersections) on lists of IP-addresses. Its primary use is to convert files into a format pfctl can read, but if you find another use for it
TCP/IP Connection Cutter
TCP/IP Connection Cutter allows network administrators to close TCP/IP connections running over a Linux/iptables firewall.
tcpjunk is a tool for testing TCP protocols by generating and fuzzing network traffic.
TN3270RG is a TCP/IP TN3270 gateway that dynamically assigns resources to a connection from a pool of available addresses. Features include an easy to use web interface for management and a PostgreSQL database backend.
trafcalc calculates the size of the tcp-payload on a system via packet capturing and connection tracking at the user level instead of the ip level.
Transparent Mobile IP
Transparent Mobile IP aims to provide IP mobility across multiple networks, ensuring that all active TCP sessions will be maintained upon migration.
TRIPP is a utility to rewrite incoming and outgoing IP packets. Since it can rewrite both headers and payload, it can be used to configure the TCP/IP stack behavior in order to perform various tasks mainly intended for network tests, simulations, and development. It is configured via a small rule-based language, which allows the user to intercept packets, set arbitrary header values, increment or decrement numeric header fields, set an arbitrary payload, rewrite parts of the payload, or fragment, delay, multiply, or drop packets.
ttmap passively analyzes values of TCP Timestamps in captured IP packets. After collecting enough data, it computes characteristic remote machine parameters. These values let it guess remote operating systems and identify unique machines behind a single IP address. For example, it can analyze remote IP load-balanced clusters.
TunnelIt is a simple tool that uses the TUN/TAP driver to tunnel Ethernet networks over IP connections. Its simple command line interface is meant to resemble "netcat" where it is logical to do so.
UCARP allows a couple of hosts to share common virtual IP addresses in order to provide automatic failover. It is a portable userland implementation of the secure and patent-free Common Address Redundancy Protocol (CARP, OpenBSD?s alternative to the patents-bloated VRRP).
User Level Networking is software designed to allow the dynamic allocation of IP addresses. The basic idea is to give different IP addresses to different users, thus identifyng the couple UID-HOST with just the IP address.
ViperTracker lets any kind of server using any protocol update their IP address on ViperTracker.
Whatmask is a small C program that lets you easily convert between three common subnet mask notations.