P. 1



|Views: 1,205|Likes:
Published by MAveRicK135

More info:

Published by: MAveRicK135 on Dec 11, 2008
Copyright:Attribution Non-commercial


Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less





The MIRROR target is an experimental and demonstration target only,
and you are warned against using it, since it may result in really bad
loops hence, among other things, resulting in serious Denial of Service.
The MIRROR target is used to invert the source and destination fields in
the IP header, and then to retransmit the packet. This can cause some
really funny effects, and I'll bet that thanks to this target not just one red
faced cracker has cracked his own box by now. The effect of using this
target is stark, to say the least. Let's say we set up a MIRROR target for
port 80 at computer A. If host B were to come from yahoo.com, and try
to access the HTTP server at host A, the MIRROR target would return
the yahoo host's own web page (since this is where it came from).

Note that the MIRROR target is only valid within the INPUT,
FORWARD and PREROUTING chains, and any user-defined chains
which are called from those chains. Also note that outgoing packets
resulting from the MIRROR target are not seen by any of the normal
chains in the filter, nat or mangle tables, which could give rise to loops
and other problems. This could make the target the cause of unforeseen
headaches. For example, a host might send a spoofed packet to another
host that uses the MIRROR command with a TTL of 255, at the same
time spoofing its own packet, so as to seem as if it comes from a third
host that uses the MIRROR command. The packet will then bounce
back and forth incessantly, for the number of hops there are to be
completed. If there is only 1 hop, the packet will jump back and forth
240-255 times. Not bad for a cracker, in other words, to send 1500 bytes
of data and eat up 380 kbyte of your connection. Note that this is a best
case scenario for the cracker or script kiddie, whatever we want to call

You're Reading a Free Preview

/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->