Current Stuff

• tcpreplay
  Edits pcap files and replays network traffic back onto the network.
• Cabernet
  Web based wine management software powered by MySQL and Ruby on Rails.
• flowreplay Design Notes (PDF)
  Some thoughts and musings about how my new project, flowreplay, should work. Currently a dead project because I don’t have the time to do it right.

Really Old Stuff

• Sedg2Divx
  I wrote this tool so I could view the .avi files my Samsung X205L/210L sports camcorders generate. It’s a semi-proprietary format which normally can’t be viewed under OS X. However, by making a few changes to the file, you can play the .avi files using VLC.
• ProcLog
  Procmail log reporting tool. Curious what folders procmail is delivering your mail to? ProcLog is for you.
• fatundel
  FAT16 file undeletion tool designed for recovering pictures from digital camera media.
• Firewall-1 Response.pl
  A perl script for CheckPoint Firewall-1 which provides some basic port-scan detection, reporting, and blocking.
• Network Insecurity with Switches
  This is an old computer security paper I wrote back in the day. If you think switches protect you from the bad guys, read this. You might be surprised. Update: The guys over at @Stake have done some more analysis on more recent Cisco code. Looks like Cisco got their act together and were able to fix the issues I reported in my paper.
• Why not to suid root Nmap
  Nothing really amazing really, but if you ever thought about setting Nmap suid root to let other people access the cool features they’re missing, here’s why you really don’t want to do that.