[8657] in bugtraq
new hijack software: hunt-1.0
daemon@ATHENA.MIT.EDU (Pavel Krauz)
Tue Dec 1 12:11:49 1998
Date: Tue, 1 Dec 1998 10:24:42 +0100
Reply-To: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
From: Pavel Krauz <kra@CRI.CZ>
To: BUGTRAQ@NETSPACE.ORG
Hi all
I would like to announce new Linux software for intruding into a
connection.
It has several features which I didn't find in any free available
software.
You can download it from
http://www.cri.cz/kra/index.html
with regards
kra <kra@cri.cz>
from README:
- connection management
* setting what connections you are interested in
* detecting an ongoing connection (not only SYN started)
* Normal active hijacking with the detection of the ACK storm
* ARP spoofed/Normal hijacking with the detection of successful
ARP spoof
* synchronization of the true client with the server after
hijacking (so that the connection don't have to be reset)
* resetting connection
* watching connection
- daemons
* reset daemon for automatic connection resetting
* arp spoof/relayer daemon for arp spoofing of hosts with the
ability
to relay all packets from spoofed hosts.
* MAC discovery daemon for collecting MAC addresses
* sniff daemon for logging TCP traffic with the ability to
search for
a particular string
- host resolving
* deferred host resolving through dedicated DNS helper servers.
- packet engine
* extensible packet engine for watching TCP, UDP, ICMP and ARP
traffic
* collecting TCP connections with sequence numbers and the ACK
storm
detection.
- misc.
* determining which hosts are up
