[2561] in linux-net channel archive
Re: "IP Masquerading for applications"
daemon@ATHENA.MIT.EDU (Julio Sanchez)
Wed Apr 17 12:41:15 1996
Date: Wed, 17 Apr 96 17:58:57 +0200
From: Julio Sanchez <jsanchez@gmv.es>
To: Jos Vos <jos@xos.nl>
Cc: jsanchez@esegi.es, submit-linux-dev-net@ratatosk.yggdrasil.com
In-Reply-To: Jos Vos's message of Wed, 17 Apr 1996 17:30:46 +0200 (MET DST)
Jos Vos <jos@xos.nl> writes:
> Interesting; We have been looking at a transparent-proxy implementation
> without knowing about this patch, and ended up with about the same basic
> concept. It must be the right way... ;-)
Marcus Ranum described the concept as "implementing a perfect
man-in-the-middle attack". I still smile when I remember it.
Also, be aware that I developed it independently before seeing
Gauntlet. I did not see Gauntlet until last September and the first
version of the patch was released in June if I remember correctly.
So while Gauntlet is very different, I can tell you that it has enough
similarities. That makes three. It really must be the right way :-)
> But, unless you also deal with several other little details
>(fragments,
I thought I had properly dealt with fragments. I think the packet is
caught after having been defragmented, that is IMHO the right
thing. But maybe I did not get it right, it has been sometime since I
wrote it.
> ICMP, ...),
Are you sure ICMP is a problem? I have the feeling that the
commercial versions leave this unresolved (but I don't really know).
> We hope to get an opportunity to do some real work on a more complete
> transparent-proxy implementation in Linux sometime soon.
I am glad to hear that. There are so many uses for this... Damn,
most are even legal :-)
BTW, sorry for the problems you experimented while downloading it :-)
Our line (that is pretty slow and overloaded anyway) was very much
hosed.
--
Julio Sanchez, SGI Soluciones Globales Internet
Tel: (91) 804 28 37 Fax: (91) 804 14 05 WWW: http://www.esegi.es
jsanchez@esegi.es jsanchez@gmv.es
PGP Key fingerprint = E5 29 93 6F 41 4E 00 E2 90 11 A1 8C 72 D0 DE 71
