RE: Forgate 0.9 Released!

From: shannong (shannon_at_gillenwater.name)
Date: 01/26/04

  • Next message: shannong: "RE: Viewing Cisco NSDB information" 
    To: "'Darren Bounds'" <dbounds@intrusense.com>, <focus-ids@securityfocus.com>
Date: Sun, 25 Jan 2004 21:39:24 -0600

    What's are the functional differences between Forgate an ettercap? The
    website doesn't give much info about Forgate.

    -S

    -----Original Message-----
    From: Darren Bounds [mailto:dbounds@intrusense.com]
    Sent: Friday, January 23, 2004 12:57 PM
    To: focus-ids@securityfocus.com
    Subject: Forgate 0.9 Released!

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Hello all,

    I thought I'd let you know that I just posted the initial of a little tool
    I've spent the last week working on. It's called Forgate and it's available
    at: http://forgate.sourceforge.net.

    Forgate (Forge Gate) allows you to capture traffic from a 3rd party in a
    switched environment, at the expense of a slight increase in latency to that
    3rd party host. Using ARP cache poisoning, packet capture and packet
    reconstruction, Forgate works with nearly all TCP, ICMP and UDP
    IPv4 traffic flows. Essentially it redirects the traffic flow, analyses and
    displays the packet information, then reconstructs it and sends it back on
    it's way.

    Forgate was written as a proof of concept so don't blame me if you break
    something. :)

    It requires libnet 1.1 or greater as well as libpcap and has been
    successfully compiled and tested to run on FreeBSD, and Linux.

    Regards,

    Darren Bounds, CISSP
    Intrusense LLC.
    http://www.intrusense.com

    - --
    Intrusense - Securing Business As Usual

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.2.4 (Darwin)

    iD8DBQFAEW6IsvxTSz2eaa8RAoECAJ0Sr7sOhNZIuTnbyh+6Ne7ecKQUxACgpPJu
    iTRGVl9FqxwpCB+xzI5/UpA=
    =a+eP
    -----END PGP SIGNATURE-----

    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------

    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------

  • Next message: shannong: "RE: Viewing Cisco NSDB information"

    Relevant Pages

    • [Full-Disclosure] Forgate 0.9 Released!
      ... It's called Forgate and it's ... packet reconstruction, Forgate works with nearly all TCP, ICMP and UDP ... IPv4 traffic flows. ... Intrusense LLC. ...
      (Full-Disclosure)
    • Forgate 0.9 Released!
      ... It's called Forgate and it's ... packet reconstruction, Forgate works with nearly all TCP, ICMP and UDP ... IPv4 traffic flows. ... Intrusense LLC. ...
      (Focus-IDS)
    • Quantcast