Monday, March 25, 2013

NetScanTools Pro v11.42 Released

NetScanTools Pro v11.42 was released on March 14, 2012 and includes the packet generator scripting improvements along with a few other minor changes. There was one change that was also quite important: the inclusion of the newest WinPcap 4.1.3 release. This version of WinPcap formally supports Windows 8.

These changes were also put into the most recent demo version posted on March 25.

Tuesday, March 5, 2013

Packet Generator Scripting Tips

After a recent tech support exchange, I felt that I should add a few more tips about using the NetScanTools Pro Packet Generator in scripting mode.

It's important to note that parameters or values shown on the main Packet Generator window can be overridden by script commands. In other words, the values shown, like Time To Live will be used in the packet unless you override the parameter with the TTL=64 command.

And more importantly there are a few parameters that you should override to be sure the packet you are sending is correctly sent. Those are the values and settings shown in the packet definition windows that appear when you press Send Now, no scripting.

For example when using a script to send UDP packets, you must specify source and destination ports, whether or not to override the UDP Length and Checksum with their corresponding values and the data payload you wish to send. So for UDP, you need to use these commands prior to doing a SEND directive - don't rely on defaults because there are none:

UDP_SOURCE_PORT=
UDP_DEST_PORT=
UDP_OVERRIDE_CHECKSUM=0 or 1
if 1, then specify UDP_OVERRIDE_CHECKSUM_VALUE
UDP_OVERRIDE_LENGTH=0 or 1
if 1, then specify UDP_OVERRIDE_LENGTH_VALUE
UDP_DATAFROMFILE=1 or 0
if UDP_DATAFROMFILE is 1, then set UDP_DATAFILEPATH to the fully qualified exact path of your data file you want sent. If UDP_DATAFROMFILE is 0, then you must specify UDP_DATA.

These values you set will remain during the running of the script. So if you need to change just one or two parameters, you do not have to change them all.

Sending a TCP packet requires even more default values.
Header flags:
TCP_FIN=0 or 1
TCP_SYN=0 or 1
TCP_RST=0 or 1
TCP_PSH=0 or 1
TCP_ACK=0 or 1
TCP_URG=0 or 1
TCP_ECN=0 or 1
TCP_CWR=0 or 1
Header Fields:
TCP_SEQUENCE
TCP_ACKNOWLEDGE
TCP_WINDOW
TCP_URGENT
TCP_MSS
TCP_SACK
TCP_WINDOW_SCALING
Ports:
TCP_SOURCE_PORT=
TCP_DEST_PORT=
Misc:
TCP_OVERRIDE_CHECKSUM=0 or 1
if 1, then specify TCP_OVERRIDE_CHECKSUM_VALUE
TCP_DATAFROMFILE=1 or 0
if TCP_DATAFROMFILE is 1, then set TCP_DATAFILEPATH to the fully qualified exact path of your data file you want sent. If TCP_DATAFROMFILE is 0, then you must specify TCP_DATA.

All of the above values are fully documented in the help file. Press the F1 key while viewing the Packet Generator Tool or click on Help/Help Topics. Then navigate to Manual Tools > Packet Generator > Packet Generator Scripting. Expand the 'Setting Parameters' grouping to see the parameters and their required values.

Like I said earlier, you only need to set each of these once in your script then send the packet(s), then change only the parameters you need to change before sending the next packet.

This applies to the other types of packets that can be sent. Reminder: You may need to disable your firewall for the packets to actually be sent. Use Wireshark or our Packet Capture tool to verify that you are sending them.

Coming in v11.42 - a way to see errors and debug scripts.

NetScanTools Pro 11.41 Released

The latest version of NetScanTools Pro was released on February 18, 2013. Version 11.41 is a minor version with many important fixes but no new tools. New tools are planned for v11.50.

We will be releasing v11.42 shortly to fix some issues with the Network Connections tool when used on a version of Windows without IPv6 and to better assist in debugging scripting in the Packet Generator.

v11.41 Changes:

-Registration Reminder Window: cleaned up and reduced visual clutter.

-Startup warning note added on the Welcome window if a default system DNS IPv4 address matches the IPv4 address of a default gateway.

-SSL Certificate Scanner: modified certificate signing bits column and added signature type column. If MD5 is seen, the signature type is shown in red.

-ARP Cache tool now properly shows the cache on Windows 8.

-Network Neighbors: Physical Address for Teredo now shows up properly on Windows 8.

-DNS Tools - Core: Simple Query - IPv6 will resolve and show IPv6 addresses for hostnames even if IPv6 is not properly configured in the operating system.

-Ping and Traceroute: hostnames will now resolve and show IPv6 addresses even if IPv6 is not properly configured in the operating system.

-IPv6/Show IPv6 Compatible Interfaces: results area redesigned and now shows multiple global IPv6 addresses. Instant searching on a column basis has been implemented. New right click menu with more export options.

-SMTP Server Tests: added results window so that the test results/log files are immediately shown after you send a test message or do a relay test.

-Updated SQLite to 3.7.15.2

-Updated database files.

Managed Switch Port Mapping Tool v2.06 Released

Yesterday, March 4, we released the latest version of the Managed Switch Port Mapping Tool, v2.06. It is a very minor release that adds support for full conversion of earlier database table formats to the latest version all the way back to v1.00. It also has a command line preset button for using ExtraPuTTY in Global Settings. The mac address to manufacturer database has been updated.

Please visit http://www.SwitchPortMapper.com/