TCP/IP connection cutter - 1.03 - IpCop 1.4.x pre-built version

• Previous message: \: "STklos 0.71 - a Scheme compiler/interpreter""
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Sun, 6 Nov 2005 14:30:21 -0600

The TCP/IP connection cutting utility "cutter" 1.03 is now available as
a pre-built binary for IpCop 1.4.x, in addition to the more usual
source-only distribution.

"Cutter" sources and IpCop binary are available for download from
http://www.lowth.com/cutter

TCP/IP connection cutter is a software tool that can be run on a linux
firewall to forcibly abort a connection between server and client that
passes through the firewall. This is done in a way that leaves both ends
believing that it was the other that initiated the abort. Only a device
that sits in the path of the connection (such as the firewall) can do this.

The ability to abort a connection in this way can be useful to firewall
administrators for any number of reasons. For example...

    *

      An administrator identifies that a workstation on his network is
      using a service on the public network that should not be
      permitted. He can force the closure of the connection. This might
      be because of the network bandwidth being used, or the nature of
      the service or some other reason that fits the organization's
      security policy.

    *

      Or: a firewall administrator can forcibly close SSH tunnels or
      VPNs that rogue employees leave open over night between their
      office desktops and home networks. This can be a real problem, and
      it is a well known access route into private networks.

    *

      Or a web server administrator can request that a rogue incoming
      connection is terminated without having to "kill" the web server
      process on the server.

A connection cutter is NOT a way for rogue systems to terminate
connections made by others - it must be run by an administrator on one
of the Linux firewalls through which the connection passes and as such
has limited application for attackers interested in denial-of-service
exploits.

##########################################################################
# Send submissions for comp.os.linux.announce to: cola@stump.algebra.com #
# PLEASE remember a short description of the software and the LOCATION. #
# This group is archived at http://stump.algebra.com/~cola/ #
##########################################################################

• Previous message: \: "STklos 0.71 - a Scheme compiler/interpreter""
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages Re: I am having connectivity problems ... firewall and turned ON Windows firewall. ... When I tried to install SP2 I was unable to get it thru Windows Update. ... does the connection problem persist? ... (microsoft.public.windows.inetexplorer.ie6.browser) Re: Serious Security Issue in Windows XP SP2s Firewall ... Subject: AW: Serious Security Issue in Windows XP SP2's Firewall ... If you update a WinXP SP-1 with enabled Internet ... Connection Firewall ... (Focus-Microsoft) RE: Serious Security Issue in Windows XP SP2s Firewall ... file and printer sharing is available for network login from any network (I ... Internet Connection Sharing of the PC has to be disabled." ... Serious Security Issue in Windows XP SP2's Firewall ... (Focus-Microsoft) Re: Still cant connect to RWW or OWA remotely ... No, I don't have a 3rd party firewall, and it's a pretty plain vanilla WinXP ... Connected to the network like the other workstations, ... I could go to any workstation and connect to them just fine. ... match the broadband connection, the two NIC firewall, the remote ... (microsoft.public.windows.server.sbs) Re: Big hole?? ... > firewall then even they can't get in, ... > supposedly safe SP2 for Windows XP invites any Internet ... > Connection Sharing of the PC has to be disabled. ... > in fact is a common configuration and not a rare sight. ... (microsoft.public.windowsxp.general)