Some examples of what packet editing can do [Needed]

[maboroshi]

I am interested in learning more on packet editing. I may even plan to build a packet editor in Java.

But I am just curious as to what is possible with Packet Editing. I understand it can be used to Alter games. Does the editor Hook the application but how does it hook network access?

What else would it be used for I am sure I can be creative and think of some things but some examples would be nice

*cheers

Maboroshi

[moudy]

I'm no pro at all, but I'm almost sure that packet crafting/editing is heavily relied on when talking about firewall penetration.

Code: Select all

http://www.securityfocus.com/infocus/1787

I don't know if there are other usages, maybe some one specialized in this field can point out more examples.

[lilrofl]

like previously said, packet crafting is mainly used for auditing firewall and IDS settings. there is some hype about it being used to cause buffer overflows, but that is simply not the case in my experience as a thre way handshake has not been completed so all data in the packet not related to the handshake will be discarded by the recieving computer. (a bit simplified, but an accurate way of putting it I feel)

With that said, packet crafting and the auditing thereof can be done with hping2 and TCPdump (or wireshark for that matter) and is a matter of sending a crafted packet from hping to a firewall or IDS designed to audit a rule, and then viewing both sides of that transaction with a packet sniffer to gauge the effectiveness of the rule set.

If you need some help in understanding the process further lemme know, I'm not 'real' good at it, but I've been using it to audit my firewall for a while now and so I'm not completely incompetent either