LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   packet injection help? (https://www.linuxquestions.org/questions/linux-security-4/packet-injection-help-411805/)

JustinHoMi 02-05-2006 02:06 AM
packet injection help?
 
Hey. I'm working on a security tool that uses pcap to monitor http traffic, and when finding certain material, it will log or block it.

The monitoring is completed (pcap). I'm at the point where I need to figure out what the best method is to block content. Using iptables is not going to work, as this needs to be cross-platform compatible. From what I understand, I think I'll need to use packet injection... although there may be a better method that I'm simply unaware of.

I have absolutely no experience with packet injection, and my google-hunt didn't really turn up anything useful. Does anyone have any suggested reading, whether it be on the net or not? I've been using python (pcapy module), so up until now I've been able to avoid many of the complexities of the network protocols. I assume it's time to learn.

Justin

unSpawn 02-05-2006 08:58 AM
From what I understand, I think I'll need to use packet injection... although there may be a better method that I'm simply unaware of.
Have a look at some explanation about resetting and using a connection cutter and Libnet.
BTW, can we get the code? (just curious) Is it FOSS?
BTW, seems more a question for the programming forum, I'll move it there.


All times are GMT -5. The time now is 12:24 AM.