Re: strange network traffic
From: Jason Bowman (jasonb42lists@attbi.com)Date: 09/05/02
- Previous message: fmf3: "Re: Macintosh firewall"
- In reply to: Johan De Meersman: "Re: strange network traffic"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Jason Bowman <jasonb42lists@attbi.com> To: Johan De Meersman <jdm@operamail.com>, security-basics@securityfocus.com Date: Thu, 5 Sep 2002 11:53:09 -0400
On Wednesday 04 September 2002 10:16 am, Johan De Meersman wrote:
<snip>
> Now, the parallel firewall wil sniff all packets on the segment, and
> follow any traffic. If it detects a connection attempt or an ongoing
> connection that isn't allowed, it will spoof FIN and/or RST packets for
> both sides, thus effectively ending the connection. Simple, but very
> effective :)
<snip>
> I don't know any software that does this from the top of my head, but
> have a look at google and/or sf.net and I'm sure you'll find something
> useful.
Try dsniff. Among other things, you can set it up to kill tcp/ip connections
that match a tcpdump style query string.
Later,
Jason B.
- Previous message: fmf3: "Re: Macintosh firewall"
- In reply to: Johan De Meersman: "Re: strange network traffic"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
