December 19th, 2005, 10:32 AM
i found the following article interesting,
for full article: http://www.cyberciti.biz/nixcraft/vi...ction-with.php
Cutting the tcp/ip network connection with cutter
Cutter is an open source program that allows Linux firewall administrators to abort TCP/IP connections routed over Linux based firewall. Very handy to terminate connection such as SSH tunnels or VPNs left by our own users, abort crackers attacks as soon as they detected, kill high bandwidth consuming connection, or kill peer-to-peer traffic.
Excuse me, is there an airport nearby large enough for a private jet to land?
December 19th, 2005, 06:47 PM
LOL. Who needs that when you can simply pull the ethernet cable right out of the switch - termination guaranteed.
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
December 20th, 2005, 12:49 AM
Well if all you want is to disconnect idle users or bandwidth hogs, it would be handy to not cut off everyone. Terminiating connections via software is also useful for automated monitoring of such things, and can be very helpful as part of an IDS.
Although, if you can customize any packet builder or firewall module to send arbitrary RST packets you can accomplish the same thing with less overhead.
Actually, iptables can do this just the way it is. The REJECT target can optionally send a tcp reset packet when dealing with rules matching the tcp protocol, with the "--reject-with tcp-reset" option.
So if a bandwidth hog is connected on port 1000 and you want to terminate the connection, add the rule "iptables -A INPUT -p tcp --dport 1000 -j REJECT --reject-with tcp-reset", and when the next packet is sent, they will be dropped without any icmp error messages. Then delete the rule when you want to allow that user back again. So no need to hack up any other software.
Government is like fire - a handy servant, but a dangerous master - George Washington
Government is not reason, it is not eloquence - it is force. - George Washington.
Join the UnError
December 20th, 2005, 07:47 AM
Nice tool but i must say i am very happy using dsniff and tcpkill for this purpose.