Entries Tagged as ‘console’

January 11, 2008

Decoding the SANS Christmas packet challenge using only NSM-Console

In my never-ending quest to find justification for writing NSM-Console, I hereby present the following tutorial on how to decode the SANS Christmas packet challenge using nothing but NSM-Console:
I’m going to be using NSM-Console version 0.4-DEVEL, which adds the features that allow this analysis to be performed without external tools. You can get the development [...]

3 Comments

Filed under analysis, base64, challenge, christmas, console, decode, encode, fun, geek00l, geekery, hex, nsm, nsm console, packet, ruby, sans, terminal, urlescape

January 8, 2008

NSM-Console version 0.3 release

Yep, I’ve just been cranking out code lately, so I am proud to present the 0.3 release of nsm-console!
You can download NSM-Console here:
http://navi.eight7.org/~hinmanm/files/nsm-console-0.3.tar.gz
This release was focused a bit more on usability, features and bugfixes rather than the addition of new modules, however, there were still a couple that were added. Since this release has some [...]

3 Comments

Filed under argus, console, decode, development, encode, fl0p, framework, hex, iploc, lgpl, monitoring, network, nsm, nsm console, opensource, ruby, script, security

January 5, 2008

Screencast: An introduction to NSM-Console

Well, I’ve been working on this for the last week or so, trying to get it all working the way I wanted, and after around 15 takes, I finally have a screencast for anyone interested in the idea behind and usage of nsm-console.
The version of nsm-console used in the screencast is the 0.3-DEVEL version. UPDATE: [...]

11 Comments

Filed under console, download, flash, mov, nsm, nsm console, ruby, screencast, video

November 28, 2007

NSM Console projected module list

Here’s a list of all the planned modules and completed (struck-out) modules for nsm-console: (if a module is struck out, it’s because I’ve finished making a module for it, it isn’t necessarily in the tarball for download)

aimsnarf
ngrep (gif/jpg/pdf/exe/pe/ne/elf/3pg/torrent)
tcpxtract
tcpflow
chaosreader
bro-IDS
snort
tcpdstat
capinfos
tshark
argus
ragator
racount
rahosts
hash (md5 & sha256)
ra
honeysnap
p0f
pads
fl0p
iploc

foremost – thanks shadowbq!
flowgrep
tcptrace
tcpick
flowtime
flowtag
harimau
clamscan

Think of any other useful modules? Leave me a comment and let [...]

3 Comments

Filed under aimsnarf, argus, bro-ids, capinfos, chaosreader, console, flowtag, flowtime, harimau, hash, honeysnap, md5, module, ngrep, nsm, p0f, ra, racount, ragator, rahosts, ruby, script, sha256, snort, tcpdstat, tcpflow, tcpxtract, tshark

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , ,

November 27, 2007

NSM Console – A framework for running things

Well, I’ve been hard at work for the last couple of days working on a (hopefully) useful tool for aiding in NSM file analysis (for pcap files, live analysis doesn’t work).
Behold! I present NSM-Console! (read more about it here, watch a screencast here)
Download the framework here.
Keep in mind this framework only includes 3 modules (mostly [...]

2 Comments

Filed under aimsnarf, analysis, console, framework, hex, module, nsm, pcap, plugin, ruby, script, security