Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > Perl > Perl Misc > Intercepting data flow between 2 apps

Reply
Thread Tools

Intercepting data flow between 2 apps

 
 
Richard Anderson
Guest
Posts: n/a
 
      02-21-2005
Subject: Re: Making an app return false information [was: feeding false
anapp]
From: Richard Anderson <(E-Mail Removed)>
Newsgroups: alt.hacker

Jona Joachim <(E-Mail Removed)> wrote in news:42166b9f$(E-Mail Removed):


>| You mean that his chess server has necceserilly have a hostname except
>| the standard ip address ?
> Nope, that's the problem. If he doesn't I think you can't use the
> "hosts"-file method


Well i checkes it out. It does not have a hostname, neither it gives you
the opportunity to change to which ip address tou ish to connect. He
programmed it in a way that an esoteric mechanism knows exaclty his
servers ip address to connect to.

That makes things even more difficult to overcome, but even more
challengable too!

>| All data flow passes through the firewall before travels to the

internet
>| and then the chess server, so in this way why cant we use the personal
>| firewall to capture all the traveling data before allow them to fly

over
>| the internet?
> Because the firewall is not meant to be used for this job and that's
> the reason why no such feature is included.


There must be some way though. Because the firewall is an intermediate
between apps and net all data flow pass through it and many times
especially Firewalls with Statefull Packet Inspection can check
incoming/outcoming data flow to mark it as dangerous if it matches
againast its trojan/worm/vulnerabality database against the firewalls
database for possible data flow danger. This feature is extremely
helpfull if a windows service that listens for communication in some port
is vulnerable, and not SP1 or SP2 installed by the user side, so the only
way the user is to be safe is by having a firewall thet blocks those in
danger services (if the user knows them of course) or even better have
the SPI personal firewall block it for him.

I gave this example to state that if the firewall can do such a thing
then of course can manage the bypassing data flow for an outgoing
connection!

Do you also agree with me?

But if yes then how we can take advanatge of that ?!?

**************************************************
The above was o thread i had in alt.hacker

My question is can a firewall intercept tha data flow between 2
applications, one running on localhost and one in an inetserver, so then
we can have the on a firewall log file and finally have the chance to
alter them?

Thank you!
 
Reply With Quote
 
 
 
 
A. Sinan Unur
Guest
Posts: n/a
 
      02-21-2005
Richard Anderson <(E-Mail Removed)> wrote in
news:Xns9604B883A12FBhackerasgmailcom@194.177.210. 210:

> My question is can a firewall intercept tha data flow between 2
> applications, one running on localhost and one in an inetserver, so
> then we can have the on a firewall log file and finally have the
> chance to alter them?


*PLONK*

Sinan
 
Reply With Quote
 
 
 
 
Jay Tilton
Guest
Posts: n/a
 
      02-22-2005
Richard Anderson <(E-Mail Removed)> wrote:

[A long, meandering tale of firewalls.]

You have completely missed the point people were trying to make in the
other thread: you have not yet asked a perl question.

Once again: You have not yet asked a perl question.

A third time, because you seem terminally obtuse:
YOU HAVE NOT YET ASKED A PERL QUESTION.

After you have used the packet sniffer to intercept the IP traffic,
after you have analyzed the traffic to see what information is sent,
after you have determined how to craft your bogus information to send in
its place,

_then_ you might be ready to do some programming.

Until then, this is completely off-topic to clpm.

 
Reply With Quote
 
Richard Anderson
Guest
Posts: n/a
 
      02-24-2005
http://www.velocityreviews.com/forums/(E-Mail Removed) (Jay Tilton) wrote in news:421a7dbb.7617092
@news.erols.com:

> Richard Anderson <(E-Mail Removed)> wrote:
>
> [A long, meandering tale of firewalls.]
>
> You have completely missed the point people were trying to make in the
> other thread: you have not yet asked a perl question.
>
> Once again: You have not yet asked a perl question.
>
> A third time, because you seem terminally obtuse:
> YOU HAVE NOT YET ASKED A PERL QUESTION.
>
> After you have used the packet sniffer to intercept the IP traffic,
> after you have analyzed the traffic to see what information is sent,
> after you have determined how to craft your bogus information to send

in
> its place,
>
> _then_ you might be ready to do some programming.
>
> Until then, this is completely off-topic to clpm.


Sorry that was not intentional, in fact its not a perl question but its a
perl related somehow because after i intercept and nalyzes the ip traffic
then i have to alter the bogus info.

Tha would mean that i would have to opne the snifefrs specific log file
to alter its components as i want them to be and the resubmit the whole
damn thing in a perl manner way?
 
Reply With Quote
 
A. Sinan Unur
Guest
Posts: n/a
 
      02-24-2005
Richard Anderson <(E-Mail Removed)> wrote in
news:Xns9607DF661C14hackerasgmailcom@194.177.210.2 10:

> (E-Mail Removed) (Jay Tilton) wrote in news:421a7dbb.7617092
> @news.erols.com:
>
>> Richard Anderson <(E-Mail Removed)> wrote:
>>
>> [A long, meandering tale of firewalls.]
>>


....

>> YOU HAVE NOT YET ASKED A PERL QUESTION.


....

> Sorry that was not intentional, in fact its not a perl question but
> its a perl related somehow because after i intercept and nalyzes the
> ip traffic then i have to alter the bogus info.


Your question is off-topic until you have some Perl to post.

> Tha would mean that i would have to opne the snifefrs specific log


Please do not post gibberish.

Sinan.
 
Reply With Quote
 
Richard Anderson
Guest
Posts: n/a
 
      02-25-2005
"A. Sinan Unur" <(E-Mail Removed)> wrote in
news:Xns9607A618AE680asu1cornelledu@127.0.0.1:

> Your question is off-topic until you have some Perl to post.


OK, i'll perl post something as soon as i learn about perl socket
programming but is my idea fucntional?

I mean having the sniffers specific ip traffic logged in a.txt file and
then alter the info i want from it and then resubmitting it where it has to
go?

Is this the things that my perl prog is suppose to do?
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Data Binding Exceptions - Intercepting Philip ASP .Net Web Controls 1 10-27-2008 09:57 PM
Query:difference between node flow and filter flow in java's I/O,system? Jack Dowson Java 0 05-07-2007 03:35 PM
Which do you prefer? MCTS: Web Apps or MCTS: Windows Apps? Willy David Jr MCTS 3 01-09-2007 05:49 AM
Top 3 firewalls, anti-virus apps, anti-spyware apps The Master of The Known Universe Computer Support 10 05-12-2006 11:00 PM
Running python apps from within python apps aph Python 4 01-14-2006 04:06 PM



Advertisments