Any of y'all running packet suckers outside your filters to see what the kidz are up to? I've been playing with some patches Hobbit made to tcp_wrappers, which sends telnet escapes to ask for telnet environment variables, and various other strings to egg on other clients. It's a little clunky to configure/use, though. Wondering if there are other packet sinks/suckers around for research like this, or if most folks write their own? I'm really not a programmer, but I'm contemplating trying to hack LaBrea to do this kind of stuff before it optionally tries to capture and hold the connection. Thanks... ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Mon Jul 29 2002 - 12:56:24 PDT