Security Incidents mailing list archives
Packet suckers?
From: David Carmean <dlc () halibut com>
Date: Mon, 29 Jul 2002 12:53:04 -0700
Any of y'all running packet suckers outside your filters to see what the kidz are up to? I've been playing with some patches Hobbit made to tcp_wrappers, which sends telnet escapes to ask for telnet environment variables, and various other strings to egg on other clients. It's a little clunky to configure/use, though. Wondering if there are other packet sinks/suckers around for research like this, or if most folks write their own? I'm really not a programmer, but I'm contemplating trying to hack LaBrea to do this kind of stuff before it optionally tries to capture and hold the connection. Thanks... ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Packet suckers? David Carmean (Jul 29)