Packet Purgatory - Twist Your Packets Before You Set Them Free

Presented at The Fifth HOPE (2004), July 11, 2004, 2 p.m. (60 minutes)

Ever wondered what it would be like to have your own custom IP stack readily programmable? Ever wanted to be able to use stock clients connecting to stock servers, but still be able to tweak the underlying connection? Have you ever wished you could poke at individual packet bits within a real connection without having to patch your kernel? Packet Purgatory is a library that allows userland programs to do all of the above portably. This talk will highlight the development of Packet Purgatory, how to use it, and ideas for future tools. Also included in the talk will be a discussion of two example tools that have been constructed on Packet Purgatory: Stegtunnel, a tool to hide covert channels in TCP/IP connections and LSRTunnel, which spoofs connections using loose source routing.

Presenters:

• Todd MacDermid
  Todd MacDermid is a serial open source security software author and speaker, and a member of Syn Ack Labs (http://www.synacklabs.net). Current research areas include covert channels, interface design, and other privacy protecting topics. Past work includes kernel module rootkit detection and source routing.

Links:

• http://v.hope.net/hoop/5hope_speakers.khtml#panel042
• https://infocon.org/cons/2600/The Fifth HOPE (2004)/The Fifth HOPE (2004) - Packet Purgatory - Twist Your Packets Before You Set Them Free.mp4
• https://www.youtube.com/watch?v=zGnXoBdU1B4

Similar Presentations:

• VB2018 / The missing link in the chain? Android network analysis
• Black Hat USA 2020 Virtual / EtherOops: Exploring Practical Methods to Exploit Ethernet Packet-in-Packet Attacks
• ToorCon San Diego 12 (2010) / Introduction to Packet Capture Analysis