Web Tools

Here are a few firewall- and web-related tools free to any who find them useful.

plog is a parser for the logged output of the ipmon utility that is part of the excellent IP-Filter packet-filtering and NAT package written and maintained by Darren Reed. plog translates the somewhat garbled output from ipmon into a report that aids analysis of your firewall traffic. The current version number is 0.10.
nntpd is a proxy NNTP daemon designed to be run from inetd. nntpd can be used as a firewall application proxy, or to stabilize an NNTP connection by providing an NNTP service running on a robust TCP/IP stack. In this manner you might use nntpd running on a Linux machine as a proxy on behalf of your Windows machines -- I find that this boosts throughput significantly. nntpd also can keep an NNTP connection from idling by issuing a dummy command periodically during idle time. nntpd now also provides automated obfuscation of your email address and suppression of undesired message headers in articles you post, so that you can conveniently avoid revealing information to spammers. nntpd now allows you to use a proxy HTTP daemon that supports the CONNECT verb as an intermediary. The current version number is 0.3.
stealport binds ranges of TCP or UDP ports, in order to keep them from being bound dynamically by programs that generate outgoing network traffic without explicitly binding a local endpoint. Using stealport you can simplify your firewall packet filters by blocking out complete ranges of ports for local services only. Read the documentation in the program for a better explanation. I'm not feeling too lucid right at the moment.
nfs is an NFS protocol client package that allows you to test security of NFS implementations. It includes a mountd client that enumerates exported filesystems and their root filehandles, and an NFS client that allows you to perform file transfers, directory listings, object renaming, and most other procedures supported by NFS. The NFS client resembles an FTP client, and includes command line completion and a history mechanism. It supports versions 2 and 3 of the NFS protocol, and can use TCP or UDP transport. Both programs compile successfully on Linux, FreeBSD, IRIX, and Solaris.
These are instructions for setting up a chrooted nameserver running as a non-root user under Red Hat Linux 6.x.