linux poison RSS
linux poison Email

Cutting the tcp/ip network connection with cutter

Just imagine that people in your private network using peer to peer software such as Kazaa, iMesh or others and you want to cut them or just want to cut all ftp connection over firewall but not all traffic to host. For examples:

Suppose a client workstation 192.168.1.1 sending ftp, http, ssh traffic using 192.168.1.254 (Linux based) router to server outside our network, and you would like to cut ftp traffic without effecting other connection? So how you are going to do that? Simply use cutter utility.

Cutter is an open source program that allows Linux firewall administrators to abort TCP/IP connections routed over Linux based firewall. This tool is very handy in situation like:

To terminate connection such as SSH tunnels or VPNs left by our own users
To abort crackers attacks as soon as they detected
To kill high bandwidth consuming connection
To kill peer-to-peer traffic etc ...

But how to use it?

Download the cutter and install it on Linux firewall:

1) Login to your iptables based firewall router
2) Identify your internal connection (use netstat or tcpdump)

3) Use cutter as follows
cutter {IP-address} {Port}

Examples:
Cut all connections from 192.168.1.5 to server
# cutter 192.168.1.5

Cut all ssh connection from 192.168.1.5 to server
# cutter 192.168.1.5 22

Cut all ssh connection from 192.168.1.5 to ssh server 202.54.1.20
# cutter 202.54.1.20 192.168.1.5 22

Please note that cutter has been designed for use as a administrators tool for Linux firewalls do not use this tool for malicious purpose. For more information about this tool & how actually it works by sending FIN -> ACK -> RST sequence of packets to terminate connection, see the official web site.


0 comments:

Post a Comment

Related Posts with Thumbnails