ANT software

The ANT project provides software for Packet Trace Analysis and Anonymization, IPv4 Census and Survey Analysis and Visualization, DNS Analysis and Privacy, DNS Experimentation, Security, Tools, and External.

Packet Trace Analysis and Anonymization

  • ANT spectrum A Spectrum Analysis tool package, including sample input/output files. This package requires the fftw library.
  • cryptopANT C/C++ Library/tool for IP address anonymization
  • dag scrubber Tool for scrubbing packet traces
  • dag trace generator The DAG Trace generator is a collection of tools for parsing a DAG formatted packet header trace. (Please see the enclosed README for instructions.)
  • ddos_filters/response_filter The DAG Trace generator is a collection of tools for parsing a DAG formatted packet header trace. (Please see the enclosed README for instructions.)
  • LANDER Trace Software LANDER Trace Capture software handles for packet capture, scrubbing, and triggering user-provided scripts
  • stream_merger traffic stream merger
  • mtracecap packet capture tool

IPv4 Census and Survey Analysis and Visualization

DNS Analysis and Privacy

  • ant_rdns_crawler The ANT RDNS crawler discovers reverse DNS names for the entire IPv4 space, quickly, politely, and correctly.
  • digit Digit is a client query tool for T-DNS (DNS with TCP and TLS), designed to measure performance.
  • dnsanon extract DNS traffic from pcap to text with optionally anonymization
  • dnsanon_rssac Dnsanon_rssac is an implementation of RSSAC-002v2 processing for DNS statistics
  • tdns-client-proxy Tdns-client-proxy is a client-side proxy for DNS, designed to run on a computer taking UDP in and sending it privately with T-DNS to a remote recursive resolver
  • tdns-server-proxy Tdns-server-proxy is a server-side proxy for DNS. It listens to incoming private T-DNS (with TCP and TLS) and turns it back into UDP queries to a local DNS resolver
  • T-DNS support for unbound patch Unbound patches add STARTTLS handling to incoming unbound queries (but not outgoing T-DNS)
  • verfploeter/packetcapr A packet capturer and forwarder for active measurement of anycast catchements.
  • verfploeter/pinger A pinger for active measurement of anycast catchements.
  • verfploeter/pingextract A ping analyzer for active measurement of anycast catchements.
  • verfploeter/plotter Plot a wordmap showing catchments from verfploeter pcaps or text files.

DNS Experimentation

Security

  • AuntieTuna Chrome browser extension to detect phishing websites

Tools

  • antlink Manage a tree of git or other VC repositories with funky symlinks
  • babarchive Manage babarchives, checksumed directory trees that can be validated
  • content-reuse-detection source code for content reuse detection paper
  • timefind and indexer Software to handle indexing and selection of multiple network data types based on a given time range.

External

  • libtrace libtrace is a library for packet trace processing
  • rejwreply rejwreply is a linux kernel patch set that adds echo-reply as a new feedback type in iptable REJECT rule.