MIRROR target for tcp attacks......i wrote something like this
Hello world!
I proved the experimental target MIRROR versus some incoming tcp_packets not desired.....but the Shell told me that the target doesn't exist......why?.....my distribution support it but i can't use it! I wrote something like this: iptables -A INPUT -s ip.ip.ip.ip -i eth0 -p tcp -j MIRROR thanx for any hint! |
See if you have the ipt_MIRROR module on your system:
find / | grep ipt_MIRROR If it's present you should get a list of modules. If not, you'll just see some libs. I didn't notice it, but the MIRROR match doesn't appear to be supported by default on Fedora Core 3, but it is on all my older boxes. I looked through the 2.6 kernel change log and sure enough the MIRROR taget was dropped: http://64.233.161.104/search?q=cache...&hl=en&start=4 |
The find command has found:
/lib/iptables-mandrake/libipt_MIRROR.so /lib/iptables-vanilla/libipt_MIRROR.so I think there are not modules....may be it's for the kernel..... i'll see the links you gave me and i'll try to understand something more.:scratch: thanx for your time. |
If ipt_MIRROR was installed, you would have seen something like:
/lib/modules/<kernel-version>/kernel/net/ipv4/netfilter/ipt_MIRROR.o If you would really like to use the MIRROR target, you can try patching the kernel with the netfilter patch-o-matic (pom-ng) and add in support for MIRROR. However this requires recompiling the kernel and iptables from source, so it's not trivial. |
i never compiled the kernel before. :eek:
..but i will try as soon as possible... :study: thanx |
All times are GMT -5. The time now is 12:09 PM. |