Re: strange network traffic

From: Jason Bowman (
Date: 09/05/02

From: Jason Bowman <>
To: Johan De Meersman <>,
Date: Thu, 5 Sep 2002 11:53:09 -0400

On Wednesday 04 September 2002 10:16 am, Johan De Meersman wrote:
> Now, the parallel firewall wil sniff all packets on the segment, and
> follow any traffic. If it detects a connection attempt or an ongoing
> connection that isn't allowed, it will spoof FIN and/or RST packets for
> both sides, thus effectively ending the connection. Simple, but very
> effective :)
> I don't know any software that does this from the top of my head, but
> have a look at google and/or and I'm sure you'll find something
> useful.

Try dsniff. Among other things, you can set it up to kill tcp/ip connections
that match a tcpdump style query string.

Jason B.