Cheops Network User Interface ============================= Mark Spencer http://www.marko.net What is Cheops? --------------- Cheops is a network "swiss army knife". It's "network neighborhood" done right (or gone out of control, depending on your perspective). It's a combination of a variety of network tools to provide system adminstrators and users with a simple interface to managing and accessing their networks. Cheops aims to do for the network what the file manager did for the filesystem. Location: --------- http://www.marko.net/cheops (home page) ftp://ftp.marko.net/pub/cheops (FTP site: look here for newest releases) But reports can be e-mailed to me (Mark Spencer) at markster@marko.net, but any questions answered in the FAQ at the main cheops page will not be answered. Suggestions and ideas for improving it are welcomed. Build: ------ (Note: If you run a libc5 system, you will need to edit the Makefile. Also if you want to enable GNOME support, edit the Makefile) Type "make" and (optionally) "make install" You may wish to make the cheops executable setuid root, but it may be possible for users to obtain raw network sockets, should bugs exist in gtk and/or gnome. Run: ---- Run "cheops" (or "./cheops" if you did not do the "install" part). Cheops does not yet use any command line options, however, you can set the CHEOPS_HOME environment variable to the place cheops should look for its pixmaps and configuration file. Mechanics: ---------- While the interface that cheops provides is new, he mechanics of its operation are nothing new: * Simple ICMP "ping" packets are used to initially search a network for hosts that are alive. (ping) * Domain Name Transfers are used to list hosts in a domain (nslookup) * OS detection is done using invalid flags on TCP packets (queso) * Port detection is done (somewhat) silently using half-open TCP connections in order to avoid unnecessarily starting services or logging on the remote machine. (halfscan) * Mapping is done using UDP (or optionally ICMP) packets with small time-to-live values (traceroute and mtr, respectively) Notes: ------ It requires GTK but should build with gtk 1.0 or 1.1 series. This *IS NOT* designed to be a hacker tool, and you *MAY NOT* use it to explore domains you do not have authorization to access. I do not take any responsibility for use of this tool on unauthorized domains! Distribution is governed by the GPL, included in this archive. Credits: -------- halfscan: halflife@saturn.net queso: savage@apostles.org