Re: How to intercept traffic on different OSs?
From: Voronkov Konstantin (no_at_more.mails)
Date: 07/29/04
- Next message: Jeroen van Bemmel: "Re: How do I know IP gets Changed?"
- Previous message: Lanwench [MVP - Exchange]: "Re: where does IP address come from in Ad-hoc mode when using WiFi adaper?"
- In reply to: Arkady Frenkel: "Re: How to intercept traffic on different OSs?"
- Next in thread: Martin Weld: "Re: How to intercept traffic on different OSs?"
- Reply: Martin Weld: "Re: How to intercept traffic on different OSs?"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 29 Jul 2004 20:52:20 +0300
Arkady,
Putting socket in promiscuous mode differs from what I have
with LSP Architecture in Windows. With LSP one can intercept
and change all traffic. With changing socket mode you will have
control only on socket you set promiscuous mode, is not it?
I'm interesting much in cross-platform way of intercepting
and *changing* traffic. Do you know any library which can
offer me this both on Windows and other OSs.
I'll looked winpcap library and discovered it is only
intended to sniff packets, not to modify it
http://winpcap.polito.it/misc/faq.htm#Q-17
>Q-17: Can I use WinPcap to drop the incoming packets?
> Is it possible to use WinPcap to build a firewall?
>A: No. WinPcap is implemented as a protocol, therefore it is able
> to capture the packets, but it can't be used to drop them. The filtering
> capabilities of WinPcap work only on the sniffed packets. In order
> to intercept the packets before the TCP/IP stack, you must create
> an intermediate driver.
Is there any cross-platform way/library to intercept and modify
traffic? I found information that to modify traffic on Windows I need
to write intermediate driver, but what should I do if I want to modify
traffic on Unix?
Best Regards,
Konstantin
"Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
news:cea7vt$roh$1@home.itg.ti.com...
> Not at all. Additionally , as Chris wrote , in linux you can put socket in
> promiscuous mode by
> line s = socket( AF_NET , SOCK_PACKET , htons( ETH_P_ALL ) ) ; and now you
> can listen all packets in the case you have hub connection
> Arkady
>
>
> "Voronkov Konstantin" <no@more.mails> wrote in message
> news:uYL7T7MdEHA.3132@TK2MSFTNGP11.phx.gbl...
> > Thank you for the information.
> >
> > Konstantin
> >
> >
> > "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
> > news:ce8jjs$q7p$1@home.itg.ti.com...
> > > Both linux and unix have pcap library and so in windows
> > > winpcap library was created and used in windump and ethereal. Last one
> > have
> > > unix/linux variants as for windows
> > > Arkady
> > >
> > >
> > > "Chris P. [MVP]" <msdn@chrisnet.net> wrote in message
> > > news:%23T%23OcTBdEHA.3020@TK2MSFTNGP11.phx.gbl...
> > > > Voronkov Konstantin wrote:
> > > > > Hello All!
> > > > >
> > > > > I want to ask you whether you know how to intercept traffic on
Unix
> > > > > or any other OS then Windows. Is there anything like LSP?
> > > > >
> > > > > Any information, links would be useful for me.
> > > >
> > > > I believe Linux has RAW packet options similar to Windows. You will
> > > likely
> > > > have to be an administrator to run in promiscuous mode.
> > > >
> > > > No offense, but the Microsoft groups probably aren't the best place
to
> > > look
> > > > for Unix experts :)
> > > >
> > > >
> > >
> > >
> >
> >
>
>
- Next message: Jeroen van Bemmel: "Re: How do I know IP gets Changed?"
- Previous message: Lanwench [MVP - Exchange]: "Re: where does IP address come from in Ad-hoc mode when using WiFi adaper?"
- In reply to: Arkady Frenkel: "Re: How to intercept traffic on different OSs?"
- Next in thread: Martin Weld: "Re: How to intercept traffic on different OSs?"
- Reply: Martin Weld: "Re: How to intercept traffic on different OSs?"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
