Session Hijacking Tools:
Hunt
Hijacking software has the following functionality features:
1) Connection management
* Setting what connections you are interested in.
* Detecting an ongoing connection (not only SYN started).
* Normal active hijacking with the detection of the ACK storm.
* ARP spoofed/Normal hijacking with the detection of successful ARP spoof.
* Synchronization of the true client with the server after hijacking (so that the connection don't have to be reset).
* Resetting connection.
* Watching connection.
2) Daemons
* Reset daemon for automatic connection resetting.
* ARP spoof/relayer daemon for ARP spoofing of hosts with the ability to relay all packets from spoofed hosts.
* MAC discovery daemon for collecting MAC addresses.
* Sniff daemon for logging TCP traffic with the ability to search for a particular string.
3) Host Resolving
* Deferred host resolving through dedicated DNS helper servers.
4) packet engine
* Extensible packet engine for watching TCP, UDP, ICMP and ARP traffic.
* Collecting TCP connections with sequence numbers and the ACK storm detection.
5) misc.
* Determining which hosts are up.
-General purpose widget
-most useful and popular tool … for interacting with a system across a network
-Send or receive data from any TCP or UDP port to any TCP or UDP port
No comments:
Post a Comment