Penetration Testing mailing list archives
Re: Redirecting traffic
From: s0u1d13r s0u1d13r <s0u1d13r () gmail com>
Date: Sat, 6 Aug 2005 19:35:37 -0700
So you're looking to port forward to a different machine to capture the application data? I would definitely recommend just sniffing the traffic as well rather than building rules in iptables. Depending on what other services you have running on this iptables machine will determine what rules to write. Could you provide a list of the services you need to keep alive on the network first and I can help you craft the rules. S On 8/6/05, LionBSD <lionbsd () gmail com> wrote:
Hi, is there any reason why you can't just sniff (ethereal for example) on the client machine and capture the whole thing ? thanks lior Andres Molinetti wrote:I am pen-testing a client application and I 've found, analysing traffic dumps, that it seems to connect to a hardcoded internal IP and retrieve data from a strange port that is afterwards displayed in the application. I want to be able to redirect that traffic to another IP in order to test it for overflows and other issues. I have found a way to change the default gateway of the application's host. So I thought of setting my linux box as its gateway and using iptables to redirect the traffic to the other IP. I'm needing help with the building of the rules... Thks, Andy _________________________________________________________________ Descubre la descarga digital con MSN Music. Más de medio millón de canciones. http://music.msn.es/ ------------------------------------------------------------------------------ FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't Learn the hacker's secrets that compromise wireless LANs. Secure your WLAN by understanding these threats, available hacking tools and proven countermeasures. Defend your WLAN against man-in-the-Middle attacks and session hijacking, denial-of-service, rogue access points, identity thefts and MAC spoofing. Request your complimentary white paper at: http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801 ------------------------------------------------------------------------------------------------------------------------------------------------------------- FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't Learn the hacker's secrets that compromise wireless LANs. Secure your WLAN by understanding these threats, available hacking tools and proven countermeasures. Defend your WLAN against man-in-the-Middle attacks and session hijacking, denial-of-service, rogue access points, identity thefts and MAC spoofing. Request your complimentary white paper at: http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801 -------------------------------------------------------------------------------
------------------------------------------------------------------------------ FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't Learn the hacker's secrets that compromise wireless LANs. Secure your WLAN by understanding these threats, available hacking tools and proven countermeasures. Defend your WLAN against man-in-the-Middle attacks and session hijacking, denial-of-service, rogue access points, identity thefts and MAC spoofing. Request your complimentary white paper at: http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801 -------------------------------------------------------------------------------
Current thread:
- Redirecting traffic Andres Molinetti (Aug 06)
- RE: Redirecting traffic Gautam Sarup (Aug 06)
- Re: Redirecting traffic LionBSD (Aug 06)
- Re: Redirecting traffic s0u1d13r s0u1d13r (Aug 07)
- Re: Redirecting traffic Rodrigo Blanco (Aug 07)
- <Possible follow-ups>
- RE: Redirecting traffic Liam Randall (Aug 09)