Packet suckers?
From: David Carmean (dlc@halibut.com)Date: 07/29/02
- Previous message: faded: "Re: scanning for HTTP proxies, ports 80, 81, 1080, 3128, 4480, 6588, 8000, 8080, 8081"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 29 Jul 2002 12:53:04 -0700 From: David Carmean <dlc@halibut.com> To: incidents@securityfocus.com
Any of y'all running packet suckers outside your filters to see
what the kidz are up to? I've been playing with some patches
Hobbit made to tcp_wrappers, which sends telnet escapes to ask for
telnet environment variables, and various other strings to egg
on other clients.
It's a little clunky to configure/use, though. Wondering
if there are other packet sinks/suckers around for research
like this, or if most folks write their own?
I'm really not a programmer, but I'm contemplating trying to
hack LaBrea to do this kind of stuff before it optionally
tries to capture and hold the connection.
Thanks...
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
- Previous message: faded: "Re: scanning for HTTP proxies, ports 80, 81, 1080, 3128, 4480, 6588, 8000, 8080, 8081"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
