Re: question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Marcin, 

iptables and netfilter will not do the job, unless you are willing to
sacrifice stability and security. The problem is that the strings that
netfilter will see are broken down into smaller pieces. So the string
"iptables and netfilter" might actually be transmitted as "iptables and"
and then "netfilter" in a separate packet. On top of this, people might
try to intentionally break your filters by fragmenting the above string
into "i", "p", "t", ... etc packets. 

The good thing to do in this case, is to wait until the TCP stream has
reached the application layer and has been reassembled properly. Hence,
you will want to either write your own proxy, or to use someone elses
proxy. 

If you want to use it, I just uploaded a tunnel/proxy program to
http://www.frozentux.net/stunnel.tgz. This is an unfinished program I
started on a couple of years ago. It is written in C. It is horribly
coded and pretty much sucks, but it has no memory leaks and might serve
as a starting point.

Have a nice day;).


On Thu, 2005-10-27 at 11:40 +0200, Marcin Giedz wrote:
> Dnia czwartek, 27 października 2005 11:09, Ruprecht Helms napisał:
> > Marcin Giedz wrote:
> > > I don't get it :(
> > > How with tcpdump as tcpdump is only dump traffic tool - as I know it
> > > can't change anything or I'm wrong?
> >
> > You are right. As I know it only dump.
> > What you need is a hexeditor or you are looking for a tool that do
> > hexediting in the fly.
> 
> Absolutely! 
> 
> >
> > But that is offtopic in this list.
> 
> But I really don't know where to start? Perhaps some did it earlier.
> 
> Marcin
> 
> >
> > Regards,
> > Ruprecht
> 

Attachment: signature.asc
Description: This is a digitally signed message part


[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux