Thread: Packet Filter / Replacer ?

  1. #1
    Registered User
    Join Date
    Feb 2003
    Posts
    265

    Packet Filter / Replacer ?

    I figure if anybody knows of a tool like this, they would probablly be around here. Im looking for a piece of software that basically sniffs every outbound packet for a string, such as a phone number, and either drops the packet or replaces the string within the packet based on its contents. This is a kinda-sorta-firewall but not really. I have been having arguements based on artistic differences with several pieces of software with embedded spyware, eg i believe it shouldnt know what im doing, vs it does. A filter as i outlined above would neuter it completely, and there must be one somewhere. I know the program im looking for is probablly considered spyware, however im only planning on filtering my outbound traffic, more explicitly, outbound traffic i dont want my computer to send. Afterall, im the owner of the stupid computer, if its misbehaving i need to curb this behavior immediately. Suggestions welcome, thanks for your time guys.

  2. #2
    Pursuing knowledge confuted's Avatar
    Join Date
    Jun 2002
    Posts
    1,916
    Not what you asked for, but what you should have Ad-Aware
    Away.

  3. #3
    Registered User
    Join Date
    Feb 2003
    Posts
    265
    heh, unfortunately i need the naughty software. i dont see why i cant limit what its allowed to send without my knowledge. software phones home too much these days, causing me trouble.

  4. #4
    Pursuing knowledge confuted's Avatar
    Join Date
    Jun 2002
    Posts
    1,916
    I believe Zone Alarm allows you to control which programs are allowed to access the internet... problem solved?
    Away.

  5. #5
    Registered User
    Join Date
    Feb 2003
    Posts
    265
    Unfortunately, simply blocking all communication related to the process causes it to cease function. Im now experimenting with SNORT rules and see if they can do anything about it.

  6. #6
    train spotter
    Join Date
    Aug 2001
    Location
    near a computer
    Posts
    3,868
    look here for security tools.

    http://www.megasecurity.org/Main.html

    http://www.insecure.org/tools.html

    beware as some of these tools will contain malicious code.............

    btw if you are already connected to the 'net it is unlikely a packet containing a phone number will be sent........

    >> and either drops the packet or replaces the string within the packet based on its contents

    hard, as data is likely to be encrypted, compressed or in some other way just partial in any given packet. That is the whole msg is not sent in one packet.
    "Man alone suffers so excruciatingly in the world that he was compelled to invent laughter."
    Friedrich Nietzsche

    "I spent a lot of my money on booze, birds and fast cars......the rest I squandered."
    George Best

    "If you are going through hell....keep going."
    Winston Churchill

  7. #7
    Registered User
    Join Date
    Feb 2003
    Posts
    265
    Snort can do it. I just ran a test on my freebsd router. Even with packet fragmentation snort rules should be able to do everything i wanted. No way will steam be phoneing home about my cd keys hehahah!

  8. #8
    End Of Line Hammer's Avatar
    Join Date
    Apr 2002
    Posts
    6,231
    I think Proxomitron does it:
    http://www.geocities.com/srl_list/index.html
    When all else fails, read the instructions.
    If you're posting code, use code tags: [code] /* insert code here */ [/code]

  9. #9
    my freebsd router
    You r0x0rz!

  10. #10
    Much older and wiser Fountain's Avatar
    Join Date
    Dec 2001
    Location
    Engeeeerland
    Posts
    1,158
    Norton Internet securities will warn you if data like phone numbers/CC numbers etc (or whatever the hell else you tell it) is trying to be sent. Simply then choose NO
    Such is life.

  11. #11
    PC Fixer-Upper Waldo2k2's Avatar
    Join Date
    May 2002
    Posts
    2,001
    Norton=lame

    use on of the other methods above
    PHP and XML
    Let's talk about SAX

  12. #12
    Much older and wiser Fountain's Avatar
    Join Date
    Dec 2001
    Location
    Engeeeerland
    Posts
    1,158
    Originally posted by Waldo2k2
    Norton=lame

    use on of the other methods above
    Lame on this thread or just lame?

    If the latter you are confused.
    Such is life.

  13. #13
    PC Fixer-Upper Waldo2k2's Avatar
    Join Date
    May 2002
    Posts
    2,001
    >>If the latter you are confused.

    Not really, I've never had it work well on any of my machines, therefore i don't recommend it.

    Note: lets not turn this into a norton sucks, no it doesnt, yada yada yada thread
    PHP and XML
    Let's talk about SAX

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Global Variables
    By Taka in forum C Programming
    Replies: 34
    Last Post: 11-02-2007, 03:25 AM
  2. Raw Packet (sorry tripple weird Post)
    By Coder87C in forum Networking/Device Communication
    Replies: 6
    Last Post: 03-04-2006, 11:34 AM
  3. Packet Filter Using Unix Sockets
    By doraiashok in forum C Programming
    Replies: 3
    Last Post: 12-12-2003, 02:56 PM
  4. Packet Filter using Unix Socket
    By doraiashok in forum Networking/Device Communication
    Replies: 2
    Last Post: 12-12-2003, 08:14 AM
  5. A net packet filter with VC++
    By darcome in forum Windows Programming
    Replies: 0
    Last Post: 11-02-2002, 08:00 AM