LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 02-05-2006, 02:06 AM   #1
JustinHoMi
Member
 
Registered: Apr 2001
Location: Raleigh, NC
Distribution: CentOS
Posts: 154

Rep: Reputation: 30
packet injection help?


Hey. I'm working on a security tool that uses pcap to monitor http traffic, and when finding certain material, it will log or block it.

The monitoring is completed (pcap). I'm at the point where I need to figure out what the best method is to block content. Using iptables is not going to work, as this needs to be cross-platform compatible. From what I understand, I think I'll need to use packet injection... although there may be a better method that I'm simply unaware of.

I have absolutely no experience with packet injection, and my google-hunt didn't really turn up anything useful. Does anyone have any suggested reading, whether it be on the net or not? I've been using python (pcapy module), so up until now I've been able to avoid many of the complexities of the network protocols. I assume it's time to learn.

Justin
 
Old 02-05-2006, 08:58 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600
From what I understand, I think I'll need to use packet injection... although there may be a better method that I'm simply unaware of.
Have a look at some explanation about resetting and using a connection cutter and Libnet.
BTW, can we get the code? (just curious) Is it FOSS?
BTW, seems more a question for the programming forum, I'll move it there.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Packet Filter to redirect a packet to a user level process akawale Linux - Networking 3 09-01-2006 12:06 PM
how do i read the data in the packet that i have captured after packet capture? gajaykrishnan Programming 23 04-19-2006 05:09 AM
LXer: Sql Injection Vulnerability LXer Syndicated Linux News 0 01-24-2006 03:16 PM
sql injection inaki Linux - Security 8 12-22-2005 10:41 AM
Is SQL Injection traceable and is it a serious offence? novkhan Linux - Security 2 05-21-2004 10:26 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 06:03 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration