|
-
August 10th, 2007, 02:27 PM
#1
IPTABLES MIRROR Target
Some time ago the MIRROR target was dropped from iptables.
I know this was done for good security reasons.
However, I'd like to understand if this is still possible with the current iptables.
What is required is to take all packets sent from address x.x.x.x to y.y.y.y and swap the source and destination addresses of the packet and then allow the packet to return to the sender.
My knowledge of iptables isn't good enough to work out how to do this and despite much reading of how-tos etc I'm little the wiser.
Could anyone supply me with the relevant iptables command required to implement this so that I can then try to understand how this works.
Regards,
Steve
IT, e-commerce, Retail, Programme & Project Management, EPoS, Supply Chain and Logistic Services. Yorkshire. http://www.bigi.uk.com
-
August 20th, 2007, 10:20 PM
#2
You could try having snort listen for something from x.x.x.x to y.y.y.y then write an alert to a log file only used by this rule. Have logwatch or some custom script check that log every second, then re-writes the packet swapping the source and destination in the header with an ip spoofing tool such as hunt.
Similar Threads
-
By str34m3r in forum The Security Tutorials Forum
Replies: 7
Last Post: June 22nd, 2008, 06:29 PM
-
By HackerzMaster in forum IDS & Scanner Discussions
Replies: 18
Last Post: September 15th, 2007, 01:31 PM
-
By str34m3r in forum The Security Tutorials Forum
Replies: 16
Last Post: September 25th, 2006, 02:20 AM
-
By Natasha69 in forum *nix Security Discussions
Replies: 1
Last Post: November 8th, 2002, 09:45 PM
-
By UberC0der in forum Security Archives
Replies: 2
Last Post: December 23rd, 2001, 10:02 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote