mirror of
https://git.FreeBSD.org/ports.git
synced 2024-12-24 04:33:24 +00:00
despoof 0.9 is a utility for comparing the TTL of a received packet which
is considered "suspicious" with the actual TTL of a test packet sent to that host, to try and detect packet spoofing. It is intended to be used as part of an IDS system.
This commit is contained in:
parent
6d501683c5
commit
bad0268e82
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=32219
@ -46,6 +46,7 @@
|
||||
SUBDIR += datapipe
|
||||
SUBDIR += ddup
|
||||
SUBDIR += delegate
|
||||
SUBDIR += despoof
|
||||
SUBDIR += dgd
|
||||
SUBDIR += dgd-lpmud
|
||||
SUBDIR += dgd-net
|
||||
|
23
net/despoof/Makefile
Normal file
23
net/despoof/Makefile
Normal file
@ -0,0 +1,23 @@
|
||||
# New ports collection makefile for: despoof
|
||||
# Date created: 02 September 2000
|
||||
# Whom: Kris Kennaway <kris@FreeBSD.org>
|
||||
#
|
||||
# $FreeBSD$
|
||||
#
|
||||
|
||||
PORTNAME= despoof
|
||||
PORTVERSION= 0.9
|
||||
CATEGORIES= net security
|
||||
MASTER_SITES= http://razor.bindview.com/tools/files/
|
||||
EXTRACT_SUFX= .tgz
|
||||
|
||||
MAINTAINER= kris@FreeBSD.org
|
||||
|
||||
BUILD_DEPENDS= ${LOCALBASE}/lib/libnet.a:${PORTSDIR}/net/libnet
|
||||
|
||||
do-install:
|
||||
${INSTALL_PROGRAM} ${WRKSRC}/despoof ${PREFIX}/bin
|
||||
${MKDIR} ${PREFIX}/share/doc/despoof
|
||||
${INSTALL_DATA} ${WRKSRC}/README ${PREFIX}/share/doc/despoof
|
||||
|
||||
.include <bsd.port.mk>
|
1
net/despoof/distinfo
Normal file
1
net/despoof/distinfo
Normal file
@ -0,0 +1 @@
|
||||
MD5 (despoof-0.9.tgz) = 07f2ba923e414e86b0a7dd6aee21d5b6
|
17
net/despoof/files/patch-aa
Normal file
17
net/despoof/files/patch-aa
Normal file
@ -0,0 +1,17 @@
|
||||
--- Makefile.orig Sat Sep 2 18:33:10 2000
|
||||
+++ Makefile Sat Sep 2 18:35:05 2000
|
||||
@@ -1,10 +1,10 @@
|
||||
# despoof makefile
|
||||
#
|
||||
-CC=gcc
|
||||
-CFLAGS=-O3
|
||||
+CC?=gcc
|
||||
+CFLAGS?=-O
|
||||
PROG=despoof
|
||||
-DEFS=`libnet-config --defines`
|
||||
-LIBS=-lnet -lpcap
|
||||
+DEFS=-I${LOCALBASE}/include `libnet-config --defines`
|
||||
+LIBS=-L${LOCALBASE}/lib -lnet -lpcap
|
||||
|
||||
default: all
|
||||
|
11
net/despoof/files/patch-ab
Normal file
11
net/despoof/files/patch-ab
Normal file
@ -0,0 +1,11 @@
|
||||
--- despoof.c.orig Sat Sep 2 18:34:37 2000
|
||||
+++ despoof.c Sat Sep 2 18:34:45 2000
|
||||
@@ -150,7 +150,7 @@
|
||||
|
||||
if (targetaddr == ip->ip_src.s_addr)
|
||||
{
|
||||
- if (((inquery == 1) && (icmp->icmp_type == ICMP_ECHOREPLY)) || ((inquery == 2) && (icmp->icmp_type == ICMP_TIMESTAMPREPLY)) || ((inquery == 3) && (sport == ntohs(tcphdr->th_dport))))
|
||||
+ if (((inquery == 1) && (icmp->icmp_type == ICMP_ECHOREPLY)) || ((inquery == 2) && (icmp->icmp_type == ICMP_TSTAMPREPLY)) || ((inquery == 3) && (sport == ntohs(tcphdr->th_dport))))
|
||||
{
|
||||
if (ttlval == ip->ip_ttl)
|
||||
{
|
1
net/despoof/pkg-comment
Normal file
1
net/despoof/pkg-comment
Normal file
@ -0,0 +1 @@
|
||||
Command-line anti-spoofing detection utility
|
7
net/despoof/pkg-descr
Normal file
7
net/despoof/pkg-descr
Normal file
@ -0,0 +1,7 @@
|
||||
A command-line anti-spoofing detection utility. The idea is simple --
|
||||
if you receive a packet that you suspect is spoofed, try to determine
|
||||
the real TTL of the packet and compare it to the TTL of the packet you
|
||||
received. This is intended to be used as a component of an IDS
|
||||
toolkit.
|
||||
|
||||
WWW: http://razor.bindview.com/tools/
|
3
net/despoof/pkg-plist
Normal file
3
net/despoof/pkg-plist
Normal file
@ -0,0 +1,3 @@
|
||||
bin/despoof
|
||||
share/doc/despoof/README
|
||||
@dirrm share/doc/despoof
|
Loading…
Reference in New Issue
Block a user