Return-RST 1.1

Return-RST is a firewalling tool for Linux 2.2.xx systems using IPCHAINS.
Return-RST is a firewalling tool for Linux 2.2.xx systems using IPCHAINS. It uses the netlink device to capture packets and sends TCP RST packets in response to TCP connection requests.

Normal IPCHAINS only allows you to drop packets, or reject packets with an ICMP error message. With Return-RST, you can make it look like there is no server listening, rather than giving away that they're being filtered to the attacker.

Return-RST was written to overcome the lack of an ipchains policy that can return a RESET packet when denying a TCP connection. The DENY policy just drops the packet, and the REJECT policy sends back an ICMP message. Either policy will pull an attacker off to the fact they're being filtered.

On the other hand, an RST in response to a TCP SYN packet is what happens when there is no server listening on a port - this program allows you to return this error, so attackers will think that there is no server available.

last updated on:
July 14th, 2006, 2:05 GMT
price:
FREE!
developed by:
Bellamy Consulting
homepage:
www.bellamy.co.nz
license type:
GPL (GNU General Public License) 
category:
ROOT \ System \ Networking

FREE!

In a hurry? Add it to your Download Basket!

user rating 1

1.0/5
 

0/5

1 Screenshot
Return-RST

Add your review!

SUBMIT