Re: Forwarding sniffed packets

[Loki <loki () fatelabs com>]

Thank you for all the great responses, I've had the chance to take a
look at all suggestions. My research team has been trying to find out if
a packet crafter has been created yet that can create ESP packets. Is
this at all possible? We tried writing one but it ultimately failed. Has
anyone seen one of these floating around? NEMESIS and the like currently
do not have that sort of functionality. 

Loki
www.fatelabs.com



On Mon, 2001-11-12 at 10:07, Jose Nazario wrote:
> On Sun, 11 Nov 2001, Loki wrote:
>
> > Anyone out there familiar with a tool that would allow one to sniff
> > packets off the wire and forward them to a remote host after
> > modification?
>
> 'after modifcation'? what kind? simply packet header rewrites to redirect
> them? or encapsulation? or 'netsed' type stuff?
>
> RMON and tunnelX (from a recent phrack issue, alpha level code that does
> GRE encapsulation; look for 'things to do in ciscoland ...') came up in a
> recent discussion on one of these lists on this very subject. routing
> games are also possible (think centertrack).
>
> its not that hard to build something like this from libpcap and libnet.
>
> check the archives for the discussion, it was quite enlightening. tip:
> dont forward everything, rather use pcap or some other filters. the
> bandwidth hit will be noticed by almost any site if you forward all
> traffic out.
>
> ____________________________
> jose nazario                                               jose () cwru edu
>                    PGP: 89 B0 81 DA 5B FD 7E 00  99 C3 B2 CD 48 A0 07 80
>                                      PGP key ID 0xFD37F4E5 (pgp.mit.edu)



----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/