Re: Redirecting traffic

From: s0u1d13r s0u1d13r (s0u1d13r@gmail.com)
Date: Sat Aug 06 2005 - 22:35:37 EDT


So you're looking to port forward to a different machine to capture
the application data?
I would definitely recommend just sniffing the traffic as well rather
than building rules in iptables.

Depending on what other services you have running on this iptables
machine will determine what rules to write. Could you provide a list
of the services you need to keep alive on the network first and I can
help you craft the rules.

S

On 8/6/05, LionBSD <lionbsd@gmail.com> wrote:
> Hi,
> is there any reason why you can't just sniff (ethereal for example)
> on the client machine and capture the whole thing ?
>
> thanks
> lior
>
> Andres Molinetti wrote:
>
> > I am pen-testing a client application and I 've found, analysing
> > traffic dumps, that it seems to connect to a hardcoded internal IP and
> > retrieve data from a strange port that is afterwards displayed in the
> > application.
> > I want to be able to redirect that traffic to another IP in order to
> > test it for overflows and other issues.
> > I have found a way to change the default gateway of the application's
> > host. So I thought of setting my linux box as its gateway and using
> > iptables to redirect the traffic to the other IP.
> > I'm needing help with the building of the rules...
> >
> > Thks,
> > Andy
> >
> > _________________________________________________________________
> > Descubre la descarga digital con MSN Music. Más de medio millón de
> > canciones. http://music.msn.es/
> >
> >
> > ------------------------------------------------------------------------------
> >
> > FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You
> > Don't
> >
> > Learn the hacker's secrets that compromise wireless LANs. Secure your
> > WLAN by understanding these threats, available hacking tools and proven
> > countermeasures. Defend your WLAN against man-in-the-Middle attacks and
> > session hijacking, denial-of-service, rogue access points, identity
> > thefts and MAC spoofing. Request your complimentary white paper at:
> >
> > http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
> > -------------------------------------------------------------------------------
> >
> >
> >
>
>
> ------------------------------------------------------------------------------
> FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't
>
> Learn the hacker's secrets that compromise wireless LANs. Secure your
> WLAN by understanding these threats, available hacking tools and proven
> countermeasures. Defend your WLAN against man-in-the-Middle attacks and
> session hijacking, denial-of-service, rogue access points, identity
> thefts and MAC spoofing. Request your complimentary white paper at:
>
> http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
> -------------------------------------------------------------------------------
>
>

------------------------------------------------------------------------------
FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't

Learn the hacker's secrets that compromise wireless LANs. Secure your
WLAN by understanding these threats, available hacking tools and proven
countermeasures. Defend your WLAN against man-in-the-Middle attacks and
session hijacking, denial-of-service, rogue access points, identity
thefts and MAC spoofing. Request your complimentary white paper at:

http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
-------------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:42 EDT