Trafscrambler anti-sniffer v0.2 on the wild
Trafscrambler is an anti-sniffer/IDS LKM(Network Kernel Extension) for OSX, licensed under BSD.
- injection of packets with bogus data and with randomly selected bad TCP
cksum or bad TCP sequences
- userland binary(tsctrl) for controlling trafscrambler NKE
- SYN decoy - sends out number of SYN pkts before the original SYN pkt
- TCP reset attack - sends out RST/FIN pkt with bad sequence
- Pre-connection SYN - sends out SYN with wrong TCP-checksum
- Post-connection SYN - sends out fake SYN after connection establishment
- Zero Window - send out pkt with â€œ0â€ window set.
Tool Submitted by Maximiliano Soler