prads - Online in the Cloud

Run prads in OnWorks free hosting provider over Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator

This is the command prads that can be run in the OnWorks free hosting provider using one of our multiple free online workstations such as Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator

Run in Ubuntu Run in Fedora Run in Windows Sim Run in MACOS Sim

PROGRAM:

NAME

PRADS - Passive Real-time Asset Detection System

SYNOPSIS

prads -i eth1 -v

DESCRIPTION

PRADS is a Passive Real-time Asset Detection System.

PRADS employs digital fingerprints to recognize services on the wire, and can be used to
map your network and monitor for changes in real time.

Real-time passive traffic analysis will also let you detect assets that are just connected
to the network for a short period of time, since PRADS can glean useful information from
every packet.

PRADS aims to be the one-stop-shop for passive asset detection, and currently does MAC
lookups, TCP and UDP OS fingerprinting as well as client and service application matching
and a connection state table. Various output plugins include logfile and FIFO and make
PRADS a useful replacement for p0f, pads and sancp.

PRADS was built from the ground up for a small footprint and modern networks with IPv6 and
gigabits of throughput.

OPTIONS

-i <iface>
Network device <iface> (default: eth0).

-r <file>
Read pcap <file>.

-c <file>
Read config from <file>.

-b <filter>
Apply Berkeley packet filter <filter>.

-u <user>
Run as user <user> (Default: uid 1).

-g <group>
Run as group <group> (Default: gid 1).

-d Do not drop privileges.

-a <nets>
Specify home nets (eg: '192.168.0.0/25,10.0.0.0/255.0.0.0').

-D Daemonize.

-p <pidfile>
Name of pidfile - inside chroot.

-l <file>
Log assets to <file> (default: '%s')n", config.assetlog.

-f <FIFO>
Log assets to <FIFO>.

-B Log connections to ringbuffer.

-C <dir>
Chroot into <dir> before dropping privs.

-XFRMSAK
Flag picker: X - clear flags, F:FIN, R:RST, M:MAC, S:SYN, A:ACK, K:SYNACK

-UTtI Service checks: U:UDP, T:TCP-server, I:ICMP, t:TCP-cLient

-P DHCP fingerprinting.

-s <snaplen>
Dump <snaplen> bytes of each payload.

-v Verbose output - repeat for more verbosity.

-q Quiet - try harder not to produce output.

-L <dir>
log cxtracker type output to <dir> (will be owned by <uid>).

-O Connection tracking [O]utput - per-packet!

-x Conne[x]ion tracking output - New, expired and ended.

-Z Passive DNS (Experimental).

-H DHCP fingerprinting (Expermiental).

-h This help message.

PROBLEMS

1. Doesn't detect everything out there :-P

2. This man page.

Use prads online using onworks.net services