hunt-1.3.tgz

Hunt is a program for intruding into a connection, watching it and resetting it. Hunt operates on Ethernets and is best used for connections which can be watched through it. However, it is possible to do something even for hosts on another segments or hosts that are on switched ports. Hunt doesn't distinguish between local network connections and connections going to/from Internet. It can handle all connections it sees. Connection hijacking is aimed primarily at the telnet or rlogin traffic but it can be used for other traffic too. Features: Connection Management - setting what connections you are interested in, detecting an ongoing connection (not only SYN started), Normal active hijacking with the detection of the ACK storm, ARP spoofed/Normal hijacking with the detection of successful ARP spoof, synchronization of the true client with the server after hijacking (so that the connection don't have to be reset), resetting connection, watching connection; Daemons - reset daemon for automatic connection resetting, arp spoof/relayer daemon for arp spoofing of hosts with the ability to relay all packets from spoofed hosts, MAC discovery daemon for collecting MAC addresses, sniff daemon for logging TCP traffic with the ability to search for a particular string; Host Resolving - deferred host resolving through dedicated DNS helper servers; Packet Engine - extensible packet engine for watching TCP, UDP, ICMP and ARP traffic, collecting TCP connections with sequence numbers and the ACK storm detection; Switched Environment - hosts on switched ports can be spoofed, sniffed and hijacked too; much, much more. Just get it now! New Features and Changes in this release: Sendmsg and ENOBUFS in net.c, Locking bug in ARP relayer causing ARP relayer to lookup fixed, Locking bug (as was shown in ARP relayer) in sniffer fixed, Line mode in hijacking - useful when hijacking connections other than telnet or rlogin, synchhijack fixed for read/write==0. Requires glibc 2.0.7 or more recent, and linuxthreads.