Btw, what's the common use for this? I'm using arpspoofing techniques, but it's frustrating, I'm trying to understand how it works better. I can forward packets from one IP to me, but how do you do a whole subnet?
Small packets can slip through a firewall, where there are rules for sting comparisons.
i.e. you have a rule to block packets containing the string worm.exe
but the message is so split up/fragmented, worm is in one packet, .exe is in an other, therefore it doesen't match the rule set and allowed by the firewall.
Comment removed
rlowe1980 1 year ago
Yes but why frag?
RandomNinjaOfEvil 2 years ago
apt-get install fragroute
strandjsgmail 3 years ago
The package isn't in the Ubuntu repository unfortunately..
roejames12 2 years ago
Btw, what's the common use for this? I'm using arpspoofing techniques, but it's frustrating, I'm trying to understand how it works better. I can forward packets from one IP to me, but how do you do a whole subnet?
roejames12 2 years ago
uNbuntu???
rasz 3 years ago
I'd like to see how fragments are a threat.
abfeagles 4 years ago
its just another way to evade IDS.... therefore fragmentation is bad
melchisalins 3 years ago
Small packets can slip through a firewall, where there are rules for sting comparisons.
i.e. you have a rule to block packets containing the string worm.exe
but the message is so split up/fragmented, worm is in one packet, .exe is in an other, therefore it doesen't match the rule set and allowed by the firewall.
MrDeathmetaldrummer 2 years ago