Security Dashboard
Security vDNA
ARTICLE Trafscrambler anti-sniffer v0.2 on the wild
Tuesday 18 August 2009 - 895 read - ( Keywords : Defense , IDS , Security Solutions , Trafscrambler )
Trafscrambler is an anti-sniffer/IDS LKM(Network Kernel Extension) for OSX, licensed under BSD.Features:
injection of packets with bogus data and with randomly selected bad TCP
cksum or bad TCP sequences
userland binary(tsctrl) for controlling trafscrambler NKE
SYN decoy - sends out number of SYN pkts before the original SYN pkt
TCP reset attack - sends out RST/FIN pkt with bad sequence
Pre-connection SYN - sends out SYN with wrong TCP-checksum
Post-connection SYN - sends out fake SYN after connection establishment
Zero Window - send out pkt with “0” window set.
Tool Submitted by Maximiliano Soler
POSTSCRIPTUM
COMPLIANCE MANDATES
IDS : PCI DSS 10.6, 11.4, SOX A13.2, DS5.10, GLBA 16CFR Part 314.4(b) and (3), HIPAA 164.306(a)(2), 164.308(a)(1) 164.308(a)(6)42, FISMA SI-4, AC-2, ISO 27001/27002 10.6.2,
10.10.1, 10.10.2, 10.10.4, 15.1.5
RELATED ARTICLES
Defense,
IDS,
Security Solutions,
Trafscrambler,
18 August 2009 : Trafscrambler anti-sniffer v0.2 on the wild
