Security Basics mailing list archives
Re: Hidden Ports
From: Alessandro <alessandro () sideralis net>
Date: Tue, 03 Feb 2004 22:55:46 +0100
In kernel (2.4) space you can hook the ip_recv routine in net/ipv4/ip_input.c and get the packet before it will be delivered to the tcp entity. To use static or unexported function or variable, you can access them directly by kernel memory, getting their address with objdump -d vmlinux
To make the hook you can use the cesari's method.When a packet comes to this function you can do whatever you want, and then return to the original function. If you have other question, i'm here.. and if you think i said something wrong.. pls tell me.
------------------------------------------------------ Alessandor - www.sideralis.net Eduardo Sorensen wrote:
Can a port scanner not see a port that is opened? The question is: can a backdoor be on a machine, and with nmap -p 1-, for example, you couldn't see it? Thank you, Eduardo ---------------------------------------------------------------------------Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any course! All of our class sizes are guaranteed to be 10 students or less. We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, and many other technical hands on courses. Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off any course! ----------------------------------------------------------------------------
---------------------------------------------------------------------------Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any course! All of our class sizes are guaranteed to be 10 students or less. We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, and many other technical hands on courses. Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off any course! ----------------------------------------------------------------------------
Current thread:
- Re: Hidden Ports, (continued)
- Re: Hidden Ports Michael Painter (Feb 05)
- Re: Hidden Ports David J. Bianco (Feb 05)
- Re: Hidden Ports Michael Painter (Feb 06)
- Re: Hidden Ports Michael Painter (Feb 05)
- Re: Hidden Ports vrsnet (Feb 06)
- Necessary ports and not necessary ports Benawi (Feb 05)
- Securing Windows Server 2003 [was: Necessary ports and not necessary ports] Joey Peloquin (Feb 05)
- Re: Necessary ports and not necessary ports JGrimshaw (Feb 06)
- Re: Necessary ports and not necessary ports NSC (Feb 06)
- Re: [work] Hidden Ports opticfiber (Feb 05)
- Re: Hidden Ports Vincent (Feb 06)
- Re: Hidden Ports Alessandro (Feb 04)
- Re: Hidden Ports H Carvey (Feb 05)
- Re: Hidden Ports H Carvey (Feb 06)
- RE: Hidden Ports Dimitri Bertolami (Feb 06)
- Re: Hidden Ports Michael Painter (Feb 09)
- RE: Hidden Ports Aditya [ Aditya Lalit Deshmukh ] (Feb 10)
- RE: Hidden Ports Dimitri Bertolami (Feb 06)