1.构造、发送数据包(Forging)
Packet forging tools-->
packeth, packit, packet excalibur, nemesis, tcpinject, libnet, IP
sorcery, pacgen, arp-sk, arpspoof, dnet, dpkt, pixiliate, irpas,
sendIP, IP-packetgenerator, sing, aicmpsend, libpal, . . .
Philippe
2.捕获、分析数据包(Sniffer)
Sniffing tools-->
ethereal, tcpdump, net2pcap, cdpsniffer, aimsniffer, vomit,
tcptrace, tcptrack, nstreams, argus, karpski, ipgrab, nast, cdpr,
aldebaran, dsniff, irpas, iptraf, . . .
3.试探工具:尝试回答 类似yes/no的问题(eg:ping)(Testing)
Testing tools-->
ping, hping2, hping3, traceroute, tctrace, tcptraceroute,
traceproto, fping, arping, . . .
4.扫描工具:大规模扫描(Scanning)
Scanning tools-->
nmap, amap, vmap, hping3, unicornscan, ttlscan, ikescan, paketto,
firewalk, . . .
5.身份识别验证(fingerprinting):通过试探辨别对端(Fingerprint)
Fingerprinting tools-->
nmap, xprobe, p0f, cron-OS, queso, ikescan, amap, synscan, . . .
6.攻击工具:用一些针对协议的特殊的包(Attacking)
Attacking tools-->
dnsspoof, poison ivy, ikeprobe, ettercap, dsniff suite, cain, hunt,
airpwn, irpas, nast, yersinia, . . .