Re: strange network traffic

From: Jason Bowman (jasonb42lists@attbi.com)
Date: 09/05/02


From: Jason Bowman <jasonb42lists@attbi.com>
To: Johan De Meersman <jdm@operamail.com>, security-basics@securityfocus.com
Date: Thu, 5 Sep 2002 11:53:09 -0400

On Wednesday 04 September 2002 10:16 am, Johan De Meersman wrote:
<snip>
> Now, the parallel firewall wil sniff all packets on the segment, and
> follow any traffic. If it detects a connection attempt or an ongoing
> connection that isn't allowed, it will spoof FIN and/or RST packets for
> both sides, thus effectively ending the connection. Simple, but very
> effective :)
<snip>
> I don't know any software that does this from the top of my head, but
> have a look at google and/or sf.net and I'm sure you'll find something
> useful.

Try dsniff. Among other things, you can set it up to kill tcp/ip connections
that match a tcpdump style query string.

Later,
Jason B.



Relevant Pages

  • X & Gnome crashes the system with iptables
    ... kernel 2.4.21, ... I spent a lot of time to write rules for iptables to obtain a good firewall. ... # Support for connection tracking ... packets are denied until ...
    (comp.os.linux.x)
  • X & Gnome crashes the system with iptables
    ... kernel 2.4.21, ... I spent a lot of time to write rules for iptables to obtain a good firewall. ... # Support for connection tracking ... packets are denied until ...
    (comp.os.linux.setup)
  • X & Gnome crashes the system with iptables
    ... kernel 2.4.21, ... I spent a lot of time to write rules for iptables to obtain a good firewall. ... # Support for connection tracking ... packets are denied until ...
    (alt.linux)
  • X & Gnome crashes the system with iptables
    ... kernel 2.4.21, ... I spent a lot of time to write rules for iptables to obtain a good firewall. ... # Support for connection tracking ... packets are denied until ...
    (comp.os.linux.security)
  • Re: How to establish connections to the servers inside a DMZ?
    ... Each server is assigned one of those IPs. ... >> (inside the DMZ) is accessed. ... >Directing packets to the dmz is accomplished with route table entries. ... >packets) and use connection tracking and ESTABLIHED, ...
    (comp.os.linux.networking)