Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Management
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Any way to automatically change arbitrary headers of IP packets on-t

from [Foundation Linux] Network Security [Permanent Link]
Subject: Re: Any way to automatically change arbitrary headers of IP packets on-the-fly?
Date: Wed, 13 Apr 2005 09:52:03 -0700 
João Paulo Caldas Campello wrote:


Hi,


<snip>

I've already read Netfilter documentation (specially the "Linux
netfilter Hacking HOWTO") so I know this kind of packet mangling can
be done in userspace. I thought it could be done in the "MANGLE" table
of netfilter, but I found no TARGET that achieves that nor any
documentation about altering arbitrary IP headers.

The question is:

  - Does already exist such a tool, module or whatever way to change
arbitrary headers of IP packets on-the-fly or will I have to (try to)
write one? =)

Cheers,

João Paulo Campello,
Network Security Analyst,
Tempest Security Technologies.
 


Well, mangle in iptables only accepts TOS, TTL and MARK as valid targets
so you can't change arbitrary IP headers that way.  However, if TOS is
where you're fiddling, it might work.  Check out
http://www.faqs.org/docs/iptables/mangletable.html for a bit more info
as well as http://www.faqs.org/docs/iptables/targets.html#TOSTARGET.

The other option I can think of would be (in theory) to set nc (netcat)
up as a TCP proxy and script it to do what you want -- recreate a
duplicate packet with source-routing enabled. 
http://www.die.net/doc/linux/man/man1/nc.1.html


-Charles
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Any way to automatically change arbitrary headers of IP packets on-the-fly?, Sebastian Muñiz
Next by Date:  Re: Any way to automatically change arbitrary headers of IP packets on-the-fly?, DJ Ether
Previous by Thread:  Re: Any way to automatically change arbitrary headers of IP packets on-the-fly?, Sebastian Muñiz
Next by Thread:  Re: Any way to automatically change arbitrary headers of IP packets on-the-fly?, DJ Ether
Indexes:  [Date] [Thread] [Top] [All Lists]