Slashdot Mirror

← Back to Stories (view on slashdot.org)

TCP/IP Connection Cutting On Linux Firewalls

Posted by Hemos on from the better-then-vasectomy dept.

Chris Lowth writes "Network security administrators sometimes need to be able to abort TCP/IP connections routed over their firewalls on demand. This would allow them to terminate connections such as SSH tunnels or VPNs left in place by employees over night, abort hacker attacks when they are detected, stop high bandwidth consuming downloads - etc. There are many potential applications. This article describes how a Linux IPTables based firewall/router can be used to send the right combination of TCP/IP packets to both ends of a connection to cause them to abort the conversation. It describes the steps required to perform this task, and introduces a new open-source utility called 'cutter' that automates the process."

3 of 233 comments (clear)

  1. Re:Would be handy by nadadogg · · Score: 0, Redundant

    see my post for how do to things 24/7 without interrupting work.

    --
    i use linux and windows oh god how can i have an opinion
  2. Re:Would be handy by ColdGrits · · Score: 0, Redundant

    And see my reply as to why that won't work.

    --
    People should not be afraid of their governments - Governments should be afraid of their people.
  3. Re:What kind of fuckwit moderates this insightful? by ColdGrits · · Score: 0, Redundant

    "By definition, if it's a 24/7 operation, you wouldn't be terminating tcpip connections at all..."

    Well done!

    You understood the point of my post. Congratulations. Now you understand why it was moderated the way it was...

    --
    People should not be afraid of their governments - Governments should be afraid of their people.