Wednesday, February 26, 2014

3:45 AM
Good day!

Recently Ive installed some good and powerful linux command utility the "cutter" command in linux. You can download it if you are using debian based distro, issue this command:

$ sudo apt-get install cutter
Here's what it looks like

cutter

 While using cutter to manage my network connections, a friend of mine asked me if it is available on windows machine, and that said no.

Then I came at an idea to why not create one for windows user out there because this is so handy for network administrators still running windows machines.

Then I decided to write an application, the TCPKiller, it's a program written in C# running with .net framework 2.0 or higher. It will allow windows administrators to abort TCP/IP connected routed over Linux/Windows based firewall. This tool is very handy in situation like:


  • To terminate connection such as RDP sessions, SSH tunnels, or Proxy left by your user's
  • To abort crackers attacks as soon as they detected
  • To kill high bandwidth consuming connection
  • To kill unwanted connections, etc

tcpkiller.exe



Unlike cutter I integrated the list of active connections into TCPKiller so that you don't have to netstat and filter what is the active connections in your local machine and option to kill either local or remote <ip/port>.

I have an experiment to show how it works. First I installed openssh on my windows box. Then connect to it's ssh server using remote pc. The command tcpkiller.exe -l will list down active connections and in my case here's the result.

tcpkiller.exe

As you see, I got an active connection established to my ssh server @ port 22.

So to take this into action, I will try to close all active connection using the parameter tcpkiller.exe -l -p 22 to kill my connection on local server via port 22.

tcpkiller.exe

Then @ the remote box you will see something like this.

tcpkiller.exe
There!  I have successfully disconnected the one that is connected to my ssh server. Pretty cool eh? ;)


You can also kill foreign connection using ip by specifying something like tcpkiller.exe -r -i <remote-ip-here>.

TCPKiller is considered to be EXPERIMENTAL.  The author is releasing a tool that works on  the  systems he has access to (namely: Windows and Linux, and he is seeking any ideas for improvement, offers of sponsorship - etc.


Download binary file here:
http://www.mediafire.com/download/qqq4lj81f2wz8xa/tcpkiller.zip

MD5 Hash:
30d35ae4c97dd991f1cb9c431011f052

It has been compressed zip, so you need to extract it and run via cmd or powershell of windows.

Hope you enjoy my first tool released for windows :)

0 comments:

Post a Comment