Provided by: cheops_0.61-13ubuntu1_i386 bug


       cheops - network monitor tools for system administration




       Cheops  is  a  network "swiss army knife".  It’s "network neighborhood"
       done right (or gone out of control,  depending  on  your  perspective).
       It’s  a  combination  of  a  variety of network tools to provide system
       adminstrators and  users  with  a  simple  interface  to  managing  and
       accessing  their  networks.  Cheops aims to do for the network what the
       file manager did for the filesystem.

       Cheops features:
              Host discovery

              Machine fingerprinting to determine OS

              Use of DNS and ICMP to

              Network monitors

              Interface with SNMP

       Thus, cheops has taken on the role of a network management  system,  in
       the same category as one might put HP Openview or Scotty (also known as
       Tkined a very nice, although a  bit  outdated  free  network  monitor).
       Notice that while this program thus not provide as many features as the
       aforementioned it does provide a nicer interface  and  is  still  under
       development (so nicer things might be available in the near future).

       Cheops  must  be  run  by  the root user, since it is not installed (by
       default) setuid.  You can make it setuid but there are (quite probably)
       bugs that might make this a security risk. It needs to run as superuser
       due to the use of raw sockets in order to do TCP/IP fingerprinting.

       This IS NOT designed to be an attacker’s tool, and you SHOULD  NOT  use
       it  to  explore  domains  you do not have authorization to access.  The
       author does not  take any  responsibility  for  use  of  this  tool  on
       unauthorized  domains!   Be  aware that cheops is not stealthy and that
       using it on a remote network, it will be  very  obvious  that  you  are
       doing so!

       This  manual  page  was  written  for the Debian GNU/Linux distribution
       because the original program does not have a manual page.


       The interface presented shows a view of hosts available on the  network
       showing,  if  possible,  the  operating system they use with a distinct
       pixmap. The user can select a given host and monitor processes  running
       there,  also,  new  hosts or networks can be added using the menu above
       the network display.

       The mechanics of cheops operation are nothing new:

              Simple ICMP "ping"  packets  are  used  to  initially  search  a
              network for hosts that are alive. (ping)

              Domain  Name  Transfers  are  used  to  list  hosts  in a domain

              OS detection is done using invalid flags on TCP packets (queso)

              Port detection is done (somewhat) silently using  half-open  TCP
              connections in order to avoid unnecessarily starting services or
              logging on the remote machine. (halfscan)

              Mapping is done using UDP  (or  optionally  ICMP)  packets  with
              small time-to-live values (traceroute and mtr, respectively)

              Monitoring  is  done using normal connect() sequences using sets
              of chained stages centerd around the gtk_input_add routine.


       Cheops does not yet use any command line options.

       Virtually everything is configured via the graphical interface.   After
       discovering  hosts,  right  clicking  on  them  will give you a list of
       possible choices.


              The place cheops should look for its pixmaps  and  configuration
              file.   Plugins  are  stored in a system dependent directory (in
              Debian /usr/share/cheops/).





              Automatically generated per-user configurations  file.   DO  NOT
              EDIT MANUALLY!


       Cheops is beta software, and consequently still has bugs and incomplete

       But reports can be e-mailed to Mark Spencer at or to
       the  Debian  maintainer  of  this package using the Debian Bug Tracking
       System ( , but any questions  answered  in  the
       FAQ  at  the  main  cheops  page will not be answered.  Suggestions and
       ideas for improving it are welcomed.



       Additional information at the  main  site:
       (home  page)  (FTP site:  look here for
       newest  releases)  and  in   the   default   location   for   installed
       documentation /usr/shared/doc/cheops/


       This   manual   page   was   written   by   Javier   Fernandez-Sanguino
       <>, for the Debian GNU/Linux system (but may be used by

       Cheops  was  originally  written  by  Mark  Spencer,  and was sponsored
       greatly by Adtran, Inc.