TCPKILL(8) System Manager's Manual TCPKILL(8)NAME
tcpkill - kill TCP connections on a LAN
SYNOPSIS
tcpkill [-i interface] [-1...9] expression
DESCRIPTION
tcpkill kills specified in-progress TCP connections (useful for libnids-based applications which require a full TCP 3-whs for TCB cre-
ation).
OPTIONS -i interface
Specify the interface to listen on.
-1...9 Specify the degree of brute force to use in killing a connection. Fast connections may require a higher number in order to land a
RST in the moving receive window. Default is 3.
expression
Specify a tcpdump(8) filter expression to select the connections to kill.
SEE ALSO dsniff(8), tcpnice(8)AUTHOR
Dug Song <dugsong@monkey.org>
TCPKILL(8)
Check Out this Related Man Page
DSNIFF(8) System Manager's Manual DSNIFF(8)NAME
dsniff - password sniffer
SYNOPSIS
dsniff [-c] [-d] [-m] [-n] [-i interface | -p pcapfile] [-s snaplen] [-f services] [-t trigger[,...]]] [-r|-w savefile] [expression]
DESCRIPTION
dsniff is a password sniffer which handles FTP, Telnet, SMTP, HTTP, POP, poppass, NNTP, IMAP, SNMP, LDAP, Rlogin, RIP, OSPF, PPTP MS-CHAP,
NFS, VRRP, YP/NIS, SOCKS, X11, CVS, IRC, AIM, ICQ, Napster, PostgreSQL, Meeting Maker, Citrix ICA, Symantec pcAnywhere, NAI Sniffer, Micro-
soft SMB, Oracle SQL*Net, Sybase and Microsoft SQL protocols.
dsniff automatically detects and minimally parses each application protocol, only saving the interesting bits, and uses Berkeley DB as its
output file format, only logging unique authentication attempts. Full TCP/IP reassembly is provided by libnids(3).
I wrote dsniff with honest intentions - to audit my own network, and to demonstrate the insecurity of cleartext network protocols. Please
do not abuse this software.
OPTIONS -c Perform half-duplex TCP stream reassembly, to handle asymmetrically routed traffic (such as when using arpspoof(8) to intercept
client traffic bound for the local gateway).
-d Enable debugging mode.
-m Enable automatic protocol detection.
-n Do not resolve IP addresses to hostnames.
-i interface
Specify the interface to listen on.
-p pcapfile
Rather than processing the contents of packets observed upon the network process the given PCAP capture file.
-s snaplen
Analyze at most the first snaplen bytes of each TCP connection, rather than the default of 1024.
-f services
Load triggers from a services file.
-t trigger[,...]
Load triggers from a comma-separated list, specified as port/proto=service (e.g. 80/tcp=http).
-r savefile
Read sniffed sessions from a savefile created with the -w option.
-w file
Write sniffed sessions to savefile rather than parsing and printing them out.
expression
Specify a tcpdump(8) filter expression to select traffic to sniff.
On a hangup signal dsniff will dump its current trigger table to dsniff.services.
FILES
/usr/share/dsniff/dsniff.services
Default trigger table
/usr/share/dsniff/dsniff.magic
Network protocol magic
SEE ALSO arpspoof(8), libnids(3), services(5), magic(5)AUTHOR
Dug Song <dugsong@monkey.org>
BUGS
dsniff's automatic protocol detection feature is based on the classic file(1) command by Ian Darwin, and shares its historical limitations
and bugs.
DSNIFF(8)
I have a SUN environment running an WebLogic that communicates w/a 3rd party running IIS. When the IIS site goes down (frequently), I am stuck with sockets in an ESTABLISHED state, and cannot seem to figure out how to avoid this. No exceptions are thrown as I can still open connections to the IIS... (1 Reply)
Hello. I would like to know how to close an existing tcp socket. I have read some stuff and learned how to create a socket and then close it but have not found anything about how to close an existing tcp socket created by another application. The situation is this: I have an ODBC server running and... (6 Replies)
Hi forum,
I've run into a problem here and I can't seem to figure it out.
OS=Solaris 10 u11 SPARC.
This application (running on a local zone) was having a conflict with a port and I can't seem to find that port listed. (eg 41468)
I've tried
netstat -an|grep 41468
I am pretty sure this... (2 Replies)