Hello and Welcome from United States to the UNIX and Linux Forums! Thank You for Visiting and Joining Our Global Community.
|
Hello and Welcome from United States to the UNIX and Linux Forums! Thank You for Visiting and Joining Our Global Community.
|
|
google unix.com
|
|||||||
| Forums | Register | Forum Rules | Links | Albums | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
 |
| Security Discuss UNIX and Linux computer and network security, cybersecurity, cyberattacks, IT security, CISSP, OWASP and more. |
More UNIX and Linux Forum Topics You Might Find Helpful
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| URL blocking with iptables | shrinuvas | Debian | 1 | 03-06-2009 03:58 AM |
| Non-blocking pipe | cdlaforc | Shell Programming and Scripting | 4 | 02-10-2009 10:52 AM |
| end-end packet delay? | yogesh_powar | IP Networking | 4 | 12-13-2005 01:21 PM |
| Getting an ACK for RAW SYN packet | zampya | High Level Programming | 17 | 05-24-2004 09:15 PM |
| Seeing IP packet | manjunath | IP Networking | 4 | 09-15-2002 11:46 PM |
Powered by 
|
|
|
LinkBack | Thread Tools | Search this Thread | Rate Thread | Display Modes |
03-30-2009
|
||||
|
||||
|
blocking UDP packet
I want to deny a particular malicious UDP packet. I can readily identify this packet from the rest by looking at the data section, where data offset 2 is 0xaa, data[5] is 0xbb, etc. Are there any tools or code samples that can do this?
Basically, instead of seeing the packet in the following tcpdump, I want to block it. I started to write a proxy but realized I would need to keep sessions and that's a nightmare. Is there an easier way to do this? The firewalls I've seen only block based on port, not on data payload. tcpdump -i eth1 udp[2:1] = 0xaa and udp[5:2] = 0xbbcc |
| Bookmarks |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
Threaded Mode
